diff --git a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1809.md b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1809.md
index 46a32b7e45..8c7588deb0 100644
--- a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1809.md
+++ b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1809.md
@@ -6,8 +6,8 @@ ms.technology: itpro-privacy
localizationpriority: high
author: DHB-MSFT
ms.author: danbrown
-manager: dougeby
-ms.date: 03/27/2017
+manager: laurawi
+ms.date: 05/23/2023
ms.topic: reference
---
@@ -3375,7 +3375,7 @@ The following fields are available:
- **IsDeviceNetworkMetered** Indicates whether the device is connected to a metered network.
- **IsDeviceOobeBlocked** Indicates whether user approval is required to install updates on the device.
- **IsDeviceRequireUpdateApproval** Indicates whether user approval is required to install updates on the device.
-- **IsDeviceSccmManaged** Indicates whether the device is running the Configuration Manager to keep the operating system and applications up to date.
+- **IsDeviceSccmManaged** Indicates whether the device is running Configuration Manager to keep the operating system and applications up to date.
- **IsDeviceUninstallActive** Indicates whether the OS (operating system) on the device was recently updated.
- **IsDeviceUpdateNotificationLevel** Indicates whether the device has a set policy to control update notifications.
- **IsDeviceUpdateServiceManaged** Indicates whether the device uses WSUS (Windows Server Update Services).
@@ -4249,7 +4249,7 @@ The following fields are available:
- **FlightId** The ID of the Windows Insider build the device received.
- **InstallDate** The date the driver was installed.
- **InstallFlags** The driver installation flags.
-- **OptionalData** Metadata specific to Windows Update (WU) associated with the driver (flight IDs, recovery IDs, etc.)
+- **OptionalData** Metadata specific to Windows Update associated with the driver (flight IDs, recovery IDs, etc.)
- **RebootRequired** Indicates whether a reboot is required after the installation.
- **RollbackPossible** Indicates whether this driver can be rolled back.
- **WuTargetedHardwareId** Indicates that the driver was installed because the device hardware ID was targeted by the Windows Update.
@@ -5026,33 +5026,6 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
-### Microsoft.Windows.Inventory.General.AppHealthStaticAdd
-
-This event sends details collected for a specific application on the source device. The data collected with this event is used to keep Windows performing properly.
-
-The following fields are available:
-
-- **AhaVersion** The binary version of the App Health Analyzer tool.
-- **ApplicationErrors** The count of application errors from the event log.
-- **Bitness** The architecture type of the application (16 Bit or 32 bit or 64 bit).
-- **device_level** Various JRE/JAVA versions installed on a particular device.
-- **ExtendedProperties** Attribute used for aggregating all other attributes under this event type.
-- **Jar** Flag to determine if an app has a Java JAR file dependency.
-- **Jre** Flag to determine if an app has JRE framework dependency.
-- **Jre_version** JRE versions an app has declared framework dependency for.
-- **Name** Name of the application.
-- **NonDPIAware** Flag to determine if an app is non-DPI aware.
-- **NumBinaries** Count of all binaries (.sys,.dll,.ini) from application install location.
-- **RequiresAdmin** Flag to determine if an app requests admin privileges for execution.
-- **RequiresAdminv2** Additional flag to determine if an app requests admin privileges for execution.
-- **RequiresUIAccess** Flag to determine if an app is based on UI features for accessibility.
-- **VB6** Flag to determine if an app is based on VB6 framework.
-- **VB6v2** Additional flag to determine if an app is based on VB6 framework.
-- **Version** Version of the application.
-- **VersionCheck** Flag to determine if an app has a static dependency on OS version.
-- **VersionCheckv2** Additional flag to determine if an app has a static dependency on OS version.
-
-
### Microsoft.Windows.Inventory.General.InventoryMiscellaneousMemorySlotArrayInfoAdd
This event provides basic information about active memory slots on the device.
@@ -10124,4 +10097,4 @@ The following fields are available:
- **LicenseType** The type of licensed used to authorize the app (0 - Unknown, 1 - User, 2 - Subscription, 3 - Offline, 4 - Disc).
- **LicenseXuid** If the license type is 1 (User), this field contains the XUID (Xbox User ID) of the registered owner of the license.
- **ProductGuid** The Xbox product GUID (Globally-Unique ID) of the application.
-- **UserId** The XUID (Xbox User ID) of the current user.
+- **UserId** The XUID (Xbox User ID) of the current user.
\ No newline at end of file
diff --git a/windows/privacy/required-diagnostic-events-fields-windows-11-22H2.md b/windows/privacy/required-diagnostic-events-fields-windows-11-22H2.md
index 76b11fdfd5..02a50f6187 100644
--- a/windows/privacy/required-diagnostic-events-fields-windows-11-22H2.md
+++ b/windows/privacy/required-diagnostic-events-fields-windows-11-22H2.md
@@ -7,8 +7,8 @@ ms.technology: itpro-privacy
localizationpriority: high
author: DHB-MSFT
ms.author: danbrown
-manager: dougeby
-ms.date: 08/26/2022
+manager: laurawi
+ms.date: 05/23/2023
ms.topic: reference
---
@@ -108,6 +108,29 @@ The following fields are available:
- **SdbEntries** An array of fields that indicates the SDB entries that apply to this file.
+### Microsoft.Windows.Appraiser.General.DatasourceApplicationFileBackupAdd
+
+This event sends true/false compatibility decision data about a file to help keep Windows up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion** The version of the appraiser binary generating the events.
+- **SdbEntries** Indicates if any matching compat Sdb entries are associated with this application
+
+
+### Microsoft.Windows.Appraiser.General.DatasourceApplicationFileBackupStartSync
+
+This event indicates that a full set of DataSourceMatchingInfoBlockStAdd events has completed being sent. This event is used to make compatibility decisions about files to help keep Windows up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion** The version of the appraiser binary generating the events.
+
+
### Microsoft.Windows.Appraiser.General.DatasourceApplicationFileRemove
This event indicates that the DatasourceApplicationFile object is no longer present. The data collected with this event is used to help keep Windows up to date.
@@ -1269,7 +1292,6 @@ The following fields are available:
- **uts** A bit field, with 2 bits being assigned to each user ID listed in xid. This field is omitted if all users are retail accounts.
- **xid** A list of base10-encoded XBOX User IDs.
-
## Common data fields
### Ms.Device.DeviceInventoryChange
@@ -1284,6 +1306,7 @@ The following fields are available:
- **objectType** Indicates the object type that the event applies to.
- **syncId** A string used to group StartSync, EndSync, Add, and Remove operations that belong together. This field is unique by Sync period and is used to disambiguate in situations where multiple agents perform overlapping inventories for the same object.
+
## Component-based servicing events
### CbsServicingProvider.CbsCapabilitySessionFinalize
@@ -2246,6 +2269,18 @@ The following fields are available:
## Setup events
+### Microsoft.Windows.Setup.WinSetupMon.ProtectionViolation
+
+This event provides information about move or deletion of a file or a directory which is being monitored for data safety during feature updates. The data collected with this event is used to help keep Windows up to date.
+
+The following fields are available:
+
+- **Path** Path to the file or the directory which is being moved or deleted.
+- **Process** Path to the process which is requesting the move or the deletion.
+- **SessionId** Identifier to correlate this component's telemetry with that of others.
+- **TargetPath** (Optional) If the operation is a move, the target path to which the file or directory is being moved.
+
+
### SetupPlatformTel.SetupPlatformTelEvent
This service retrieves events generated by SetupPlatform, the engine that drives the various deployment scenarios, to help keep Windows up to date.
@@ -3373,7 +3408,6 @@ The following fields are available:
This event is derived event results for the LaunchPageDuration scenario.
-
### Microsoft.Windows.Update.WUClient.DownloadPaused
This event is fired when the Download stage is paused.
@@ -3448,4 +3482,7 @@ The following fields are available:
- **ScenarioSupported** Whether the updated scenario that was passed in was supported.
- **SessionId** The UpdateAgent “SessionId” value.
- **UpdateId** Unique identifier for the Update.
-- **WuId** Unique identifier for the Windows Update client.
\ No newline at end of file
+- **WuId** Unique identifier for the Windows Update client.
+
+
+
diff --git a/windows/privacy/required-windows-11-diagnostic-events-and-fields.md b/windows/privacy/required-windows-11-diagnostic-events-and-fields.md
index 2c8573d89d..a2f855b64e 100644
--- a/windows/privacy/required-windows-11-diagnostic-events-and-fields.md
+++ b/windows/privacy/required-windows-11-diagnostic-events-and-fields.md
@@ -6,8 +6,8 @@ ms.technology: itpro-privacy
localizationpriority: high
author: DHB-MSFT
ms.author: danbrown
-manager: dougeby
-ms.date: 05/28/2020
+manager: laurawi
+ms.date: 05/23/2023
ms.collection: highpri
ms.topic: reference
---
@@ -149,6 +149,29 @@ The following fields are available:
- **SdbEntries** An array of fields that indicates the SDB entries that apply to this file.
+### Microsoft.Windows.Appraiser.General.DatasourceApplicationFileBackupAdd
+
+This event sends true/false compatibility decision data about a file to help keep Windows up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion** The version of the appraiser binary generating the events.
+- **SdbEntries** Indicates if any matching compat Sdb entries are associated with this application
+
+
+### Microsoft.Windows.Appraiser.General.DatasourceApplicationFileBackupStartSync
+
+This event indicates that a full set of DataSourceMatchingInfoBlockStAdd events has completed being sent. This event is used to make compatibility decisions about files to help keep Windows up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion** The version of the appraiser binary generating the events.
+
+
### Microsoft.Windows.Appraiser.General.DatasourceApplicationFileRemove
This event indicates that the DatasourceApplicationFile object is no longer present. The data collected with this event is used to help keep Windows up to date.
@@ -1455,7 +1478,7 @@ The following fields are available:
- **MDMServiceProvider** A hash of the specific MDM authority, such as Microsoft Intune, that is managing the device.
- **MPNId** Returns the Partner ID/MPN ID from Regkey. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\DeployID
- **SCCMClientId** This ID correlate systems that send data to Compat Analytics (OMS) and other OMS based systems with systems in an enterprise Configuration Manager environment.
-- **ServerFeatures** Represents the features installed on a Windows Server. This can be used by developers and administrators who need to automate the process of determining the features installed on a set of server computers.
+- **ServerFeatures** Represents the features installed on a Windows Server. This can be used by developers and administrators who need to automate the process of determining the features installed on a set of server computers.
- **SystemCenterID** The Configuration Manager ID is an anonymized one-way hash of the Active Directory Organization identifier
@@ -1860,7 +1883,7 @@ The following fields are available:
- **UpdateServiceURLConfigured** Retrieves if the device is managed by Windows Server Update Services (WSUS).
- **WUDeferUpdatePeriod** Retrieves if deferral is set for Updates.
- **WUDeferUpgradePeriod** Retrieves if deferral is set for Upgrades.
-- **WUDODownloadMode** Retrieves whether DO is turned on and how to acquire/distribute updates Delivery Optimization (DO) allows users to deploy previously downloaded Windows Update (WU) updates to other devices on the same network.
+- **WUDODownloadMode** Retrieves whether DO is turned on and how to acquire/distribute updates Delivery Optimization (DO) allows users to deploy previously downloaded Windows Update updates to other devices on the same network.
- **WULCUVersion** Version of the LCU Installed on the machine.
- **WUMachineId** Retrieves the Windows Update (WU) Machine Identifier.
- **WUPauseState** Retrieves Windows Update setting to determine if updates are paused.
@@ -2164,7 +2187,6 @@ The following fields are available:
- **uts** A bit field, with 2 bits being assigned to each user ID listed in xid. This field is omitted if all users are retail accounts.
- **xid** A list of base10-encoded XBOX User IDs.
-
## Common data fields
### Ms.Device.DeviceInventoryChange
@@ -3432,12 +3454,6 @@ The following fields are available:
- **InventoryVersion** The version of the inventory file generating the events.
-### Microsoft.Windows.Inventory.General.AppHealthStaticAdd
-
-This event sends details collected for a specific application on the source device. The data collected with this event is used to keep Windows performing properly.
-
-
-
### Microsoft.Windows.Inventory.General.InventoryMiscellaneousMemorySlotArrayInfoAdd
This event provides basic information about active memory slots on the device.
@@ -6274,6 +6290,7 @@ The following fields are available:
- **uptimeMinutes** Duration USO for up for in the current boot session.
- **wilActivity** Wil Activity related information.
+
### Microsoft.Windows.Update.WUClientExt.UUSLoadModuleFailed
This is the UUSLoadModule failed event and is used to track the failure of loading an undocked component. The data collected with this event is used to help keep Windows up to date and secure.
@@ -6574,6 +6591,8 @@ The following fields are available:
This event is sent when the Update Reserve Manager removes a pending hard reserve adjustment. The data collected with this event is used to help keep Windows secure and up to date.
+
+
### Microsoft.Windows.UpdateReserveManager.TurnOffReserves
This event is sent when the Update Reserve Manager turns off reserve functionality for certain operations. The data collected with this event is used to help keep Windows secure and up to date.
@@ -6599,4 +6618,4 @@ The following fields are available:
- **Disposition** The parameter for the hard reserve adjustment function.
- **Flags** The flags passed to the hard reserve adjustment function.
- **PendingHardReserveAdjustment** The final change to the hard reserve size.
-- **UpdateType** Indicates whether the change is an increase or decrease in the size of the hard reserve.
+- **UpdateType** Indicates whether the change is an increase or decrease in the size of the hard reserve.
\ No newline at end of file
diff --git a/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004.md b/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004.md
index 5b73a85111..f564971ad6 100644
--- a/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004.md
+++ b/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004.md
@@ -6,8 +6,8 @@ ms.technology: itpro-privacy
localizationpriority: high
author: DHB-MSFT
ms.author: danbrown
-manager: dougeby
-ms.date: 05/28/2020
+manager: laurawi
+ms.date: 05/23/2023
ms.collection: highpri
ms.topic: reference
---
@@ -393,7 +393,7 @@ The following fields are available:
- **DecisionSystemDiskSize_CO21H2Setup** The total number of objects of this type present on this device.
- **DecisionSystemDiskSize_CU22H2Setup** The total number of objects of this type present on this device.
- **DecisionSystemDiskSize_CU23H2Setup** The count of the number of this particular object type present on this device.
-- **DecisionSystemDiskSize_NI22H2Setup** The total number of objects of this type present on this device.
+- **DecisionSystemDiskSize_NI22H2Setup** The total number of objects of this type present on this device.
- **DecisionSystemDiskSize_RS1** The total number of objects of this type present on this device.
- **DecisionSystemDiskSize_RS2** The total number of objects of this type present on this device.
- **DecisionSystemDiskSize_RS3** The total number of objects of this type present on this device.
@@ -2422,7 +2422,7 @@ The following fields are available:
- **WUDeferUpgradePeriod** Retrieves if deferral is set for Upgrades.
- **WUDODownloadMode** Retrieves whether DO is turned on and how to acquire/distribute updates Delivery Optimization (DO) allows users to deploy previously downloaded Windows Update updates to other devices on the same network.
- **WULCUVersion** Version of the LCU Installed on the machine.
-- **WUMachineId** Retrieves the Windows Update (WU) Machine Identifier.
+- **WUMachineId** Retrieves the Windows Update Machine Identifier.
- **WUPauseState** Retrieves Windows Update setting to determine if updates are paused.
- **WUServer** Retrieves the HTTP(S) URL of the WSUS server that is used by Automatic Updates and API callers (by default).
@@ -2474,7 +2474,6 @@ The following fields are available:
- **wilActivity** Contains the thread ID used to match the begin and end events, and for the end event also a HResult indicating sucess or failure.
-
### Microsoft.Windows.Security.CodeIntegrity.HVCISysprep.HvciScanGetResultFailed
Fires when driver scanning fails to get results.
@@ -3114,6 +3113,37 @@ The following fields are available:
## Direct to update events
+### Microsoft.Windows.DirectToUpdate.DTUCoordinatorCheckApplicability
+
+This event indicates that the Coordinator CheckApplicability call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **ApplicabilityResult** Result of CheckApplicability function.
+- **CampaignID** Campaign ID being run.
+- **ClientID** Client ID being run.
+- **CoordinatorVersion** Coordinator version of DTU.
+- **CV** Correlation vector.
+- **IsCTA** If device has the CTA regkey set.
+- **IsDeviceAADDomainJoined** Indicates whether the device is logged in to the AAD (Azure Active Directory) domain.
+- **IsDeviceADDomainJoined** Indicates whether the device is logged in to the AD (Active Directory) domain.
+- **IsDeviceCloverTrail** Indicates whether the device has a Clover Trail system installed.
+- **IsDeviceDiskSpaceLow** If device disk space is low.
+- **IsDeviceEnterpriseSku** If device is an Enterprise SKU.
+- **IsDeviceFeatureUpdatingPaused** Indicates whether Feature Update is paused on the device.
+- **IsDeviceNetworkMetered** Indicates whether the device is connected to a metered network.
+- **IsDeviceOobeBlocked** Indicates whether the OOBE (Out of Box Experience) is blocked on the device.
+- **IsDeviceRequireUpdateApproval** Indicates whether user approval is required to install updates on the device.
+- **IsDeviceSccmManaged** Indicates whether the device is running the Microsoft SCCM (System Center Configuration Manager) to keep the operating system and applications up to date.
+- **IsDeviceUninstallActive** Indicates whether the OS (operating system) on the device was recently updated.
+- **IsDeviceUpdateNotificationLevel** Indicates whether the device has a set policy to control update notifications.
+- **IsDeviceUpdateServiceManaged** Indicates whether the device uses WSUS (Windows Server Update Services).
+- **IsDeviceWUFBManaged** If device is WUfB managed.
+- **IsDeviceZeroExhaust** Indicates whether the device subscribes to the Zero Exhaust policy to minimize connections from Windows to Microsoft.
+- **IsGreaterThanMaxRetry** Indicates whether the DTU (Direct to Update) service has exceeded its maximum retry count.
+- **IsVolumeLicensed** Indicates whether a volume license was used to authenticate the operating system or applications on the device.
+
+
### Microsoft.Windows.DirectToUpdate.DTUCoordinatorCheckApplicabilityGenericFailure
This event indicatse that we have received an unexpected error in the Direct to Update (DTU) Coordinators CheckApplicability call. The data collected with this event is used to help keep Windows secure and up to date.
@@ -3190,6 +3220,19 @@ The following fields are available:
- **hResult** HRESULT of the failure.
+### Microsoft.Windows.DirectToUpdate.DTUCoordinatorDownloadIgnoredFailure
+
+This event indicates that we have received an error in the Direct to Update (DTU) Coordinator Download call that will be ignored. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CampaignID** Campaign ID being run.
+- **ClientID** Client ID being run.
+- **CoordinatorVersion** Coordinator version of DTU.
+- **CV** Correlation vector.
+- **hResult** HRESULT of the failure.
+
+
### Microsoft.Windows.DirectToUpdate.DTUCoordinatorDownloadSuccess
This event indicates that the Coordinator Download call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
@@ -3253,6 +3296,18 @@ The following fields are available:
- **hResult** HRESULT of the failure.
+### Microsoft.Windows.DirectToUpdate.DTUCoordinatorInstallSuccess
+
+This event indicates that the Coordinator Install call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CampaignID** Campaign ID being run.
+- **ClientID** Client ID being run.
+- **CoordinatorVersion** Coordinator version of DTU.
+- **CV** Correlation vector.
+
+
### Microsoft.Windows.DirectToUpdate.DTUCoordinatorProgressCallBack
This event indicates that the Coordinator's progress callback has been called. The data collected with this event is used to help keep Windows secure and up to date.
@@ -3525,6 +3580,25 @@ The following fields are available:
- **State** State of the workflow.
+### Microsoft.Windows.DirectToUpdate.DTUNotificationUXEvaluation
+
+This event indicates that Applicability DLL ran a set of applicability tests. The data collected with this event is used to help keep Windows up to date and performing properly.
+
+The following fields are available:
+
+- **Action** The enumeration code of action that was handled.
+- **ActiveTestExpectedResults** Bitmask of expected results of applicability tests.
+- **ActiveTestResults** The bitmask results of applicability tests.
+- **ActiveTestsRun** The bitmask of applicability tests that were run.
+- **CampaignID** The ID of the campaign being run.
+- **ClientID** The ID of the client being run.
+- **CoordinatorVersion** The coordinator version of Direct To Update.
+- **CV** Correlation vector.
+- **FullTestResults** The bitmask of results of applicability tests.
+- **FullTestsRun** The bitmask of applicability tests that were run.
+- **SuppressedTests** The bitmask of applicability tests that were unable to run due to suppression caused by the configuration settings.
+
+
### Microsoft.Windows.DirectToUpdate.DTUNotificationUXEvaluationError
This event indicates that Applicability DLL failed on a test. The data collected with this event is used to help keep Windows up to date and performing properly.
@@ -3539,6 +3613,20 @@ The following fields are available:
- **HRESULT** An error (if any) that occurred.
+### Microsoft.Windows.DirectToUpdate.DTUNotificationUXExit
+
+This event indicates that DTUNotificationUX has finished execution. The data collected with this event is used to help keep Windows up to date and performing properly.
+
+The following fields are available:
+
+- **CampaignID** The ID of the campaign being run.
+- **ClientID** The ID of the client being run.
+- **CoordinatorVersion** Coordinator version of DTU.
+- **CV** Correlation vector.
+- **HRESULTCausingExit** HRESULT Causing an abnormal exit, or S_OK for normal exits.
+- **ProcessExitCode** The exit code that DTUNotificationUX returns to DTUCoordinator.
+
+
### Microsoft.Windows.DirectToUpdate.DTUNotificationUXExitingState
This event indicates that DTUNotificationUX has stopped processing a workflow state. The data collected with this event is used to help keep Windows up to date and performing properly.
@@ -3753,7 +3841,7 @@ The following fields are available:
- **FlightId** The ID of the Windows Insider build the device received.
- **InstallDate** The date the driver was installed.
- **InstallFlags** The driver installation flags.
-- **OptionalData** Metadata specific to Windows Update (WU) associated with the driver (flight IDs, recovery IDs, etc.)
+- **OptionalData** Metadata specific to Windows Update associated with the driver (flight IDs, recovery IDs, etc.)
- **RebootRequired** Indicates whether a reboot is required after the installation.
- **RollbackPossible** Indicates whether this driver can be rolled back.
- **WuTargetedHardwareId** Indicates that the driver was installed because the device hardware ID was targeted by the Windows Update.
@@ -4710,12 +4798,6 @@ The following fields are available:
- **InventoryVersion** The version of the inventory file generating the events.
-### Microsoft.Windows.Inventory.General.AppHealthStaticAdd
-
-This event sends details collected for a specific application on the source device. The data collected with this event is used to keep Windows performing properly.
-
-
-
### Microsoft.Windows.Inventory.General.InventoryMiscellaneousMemorySlotArrayInfoAdd
This event provides basic information about active memory slots on the device.
@@ -8722,7 +8804,6 @@ The following fields are available:
- **wilActivity** This struct provides a Windows Internal Library context used for Product and Service diagnostics.
-
### Microsoft.Windows.Update.Orchestrator.DeferRestart
This event indicates that a restart required for installing updates was postponed. The data collected with this event is used to help keep Windows secure and up to date.
@@ -9012,7 +9093,7 @@ The following fields are available:
- **updaterCmdLine** The command line requested by the updater.
- **updaterId** The ID of the updater that requested the work.
-- **wuDeviceid** Windows Update device ID.
+- **wuDeviceid** Windows Update device ID.
### Microsoft.Windows.Update.Orchestrator.UniversalOrchestratorScheduleWorkNonSystem
@@ -9359,7 +9440,7 @@ The following fields are available:
- **PresentationCount** Number of times the interaction campaign has been presented.
- **ResultId** The result ID currently recorded for the interaction campaign.
- **StateCreationTime** Time the state was created.
-- **StateModificationTime** Time the state was last modified.
+- **StateModificationTime** Time the state was last modified.
- **ThrottlingRoll** Randomly generated throttling roll for the interaction campaign.
diff --git a/windows/security/application-security/application-isolation/toc.yml b/windows/security/application-security/application-isolation/toc.yml
index 8c17971749..cb920b5e4e 100644
--- a/windows/security/application-security/application-isolation/toc.yml
+++ b/windows/security/application-security/application-isolation/toc.yml
@@ -12,9 +12,9 @@ items:
- name: Windows containers 🔗
href: /virtualization/windowscontainers/about
- name: Windows Sandbox
- href: ../../threat-protection/windows-sandbox/windows-sandbox-overview.md
+ href: ./windows-sandbox/windows-sandbox-overview.md
items:
- name: Windows Sandbox architecture
- href: ../../threat-protection/windows-sandbox/windows-sandbox-architecture.md
+ href: ./windows-sandbox/windows-sandbox-architecture.md
- name: Windows Sandbox configuration
- href: ../../threat-protection/windows-sandbox/windows-sandbox-configure-using-wsb-file.md
\ No newline at end of file
+ href: ./windows-sandbox/windows-sandbox-configure-using-wsb-file.md
\ No newline at end of file
diff --git a/windows/security/threat-protection/windows-sandbox/images/1-dynamic-host.png b/windows/security/application-security/application-isolation/windows-sandbox/images/1-dynamic-host.png
similarity index 100%
rename from windows/security/threat-protection/windows-sandbox/images/1-dynamic-host.png
rename to windows/security/application-security/application-isolation/windows-sandbox/images/1-dynamic-host.png
diff --git a/windows/security/threat-protection/windows-sandbox/images/2-dynamic-working.png b/windows/security/application-security/application-isolation/windows-sandbox/images/2-dynamic-working.png
similarity index 100%
rename from windows/security/threat-protection/windows-sandbox/images/2-dynamic-working.png
rename to windows/security/application-security/application-isolation/windows-sandbox/images/2-dynamic-working.png
diff --git a/windows/security/threat-protection/windows-sandbox/images/3-memory-sharing.png b/windows/security/application-security/application-isolation/windows-sandbox/images/3-memory-sharing.png
similarity index 100%
rename from windows/security/threat-protection/windows-sandbox/images/3-memory-sharing.png
rename to windows/security/application-security/application-isolation/windows-sandbox/images/3-memory-sharing.png
diff --git a/windows/security/threat-protection/windows-sandbox/images/4-integrated-kernal.png b/windows/security/application-security/application-isolation/windows-sandbox/images/4-integrated-kernal.png
similarity index 100%
rename from windows/security/threat-protection/windows-sandbox/images/4-integrated-kernal.png
rename to windows/security/application-security/application-isolation/windows-sandbox/images/4-integrated-kernal.png
diff --git a/windows/security/threat-protection/windows-sandbox/images/5-wddm-gpu-virtualization.png b/windows/security/application-security/application-isolation/windows-sandbox/images/5-wddm-gpu-virtualization.png
similarity index 100%
rename from windows/security/threat-protection/windows-sandbox/images/5-wddm-gpu-virtualization.png
rename to windows/security/application-security/application-isolation/windows-sandbox/images/5-wddm-gpu-virtualization.png
diff --git a/windows/security/threat-protection/windows-sandbox/windows-sandbox-architecture.md b/windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-architecture.md
similarity index 97%
rename from windows/security/threat-protection/windows-sandbox/windows-sandbox-architecture.md
rename to windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-architecture.md
index 0dfbc42f89..dac2d9f311 100644
--- a/windows/security/threat-protection/windows-sandbox/windows-sandbox-architecture.md
+++ b/windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-architecture.md
@@ -1,13 +1,8 @@
---
title: Windows Sandbox architecture
description: Windows Sandbox architecture
-ms.prod: windows-client
-author: vinaypamnani-msft
-ms.author: vinpa
-manager: aaroncz
ms.topic: article
-ms.date: 6/30/2022
-ms.technology: itpro-security
+ms.date: 05/25/2023
---
# Windows Sandbox architecture
@@ -19,7 +14,7 @@ Windows Sandbox benefits from new container technology in Windows to achieve a c
Rather than requiring a separate copy of Windows to boot the sandbox, Dynamic Base Image technology uses the copy of Windows already installed on the host.
Most OS files are immutable and can be freely shared with Windows Sandbox. A small subset of operating system files are mutable and can't be shared, so the sandbox base image contains pristine copies of them. A complete Windows image can be constructed from a combination of the sharable immutable files on the host and the pristine copies of the mutable files. With the help of this scheme, Windows Sandbox has a full Windows installation to boot from without needing to download or store an extra copy of Windows.
-
+
Before Windows Sandbox is installed, the dynamic base image package is stored as a compressed 30-MB package. Once it's installed, the dynamic base image occupies about 500 MB of disk space.
@@ -43,7 +38,7 @@ With ordinary virtual machines, the Microsoft hypervisor controls the scheduling
Windows Sandbox employs a unique policy that allows the virtual processors of the Sandbox to be scheduled like host threads. Under this scheme, high-priority tasks on the host can preempt less important work in the Sandbox. This preemption means that the most important work will be prioritized, whether it's on the host or in the container.
-
+
## WDDM GPU virtualization
Hardware accelerated rendering is key to a smooth and responsive user experience, especially for graphics-intensive use cases. Microsoft works with its graphics ecosystem partners to integrate modern graphics virtualization capabilities directly into DirectX and Windows Display Driver Model (WDDM), the driver model used by Windows.
@@ -53,7 +48,7 @@ This feature allows programs running inside the sandbox to compete for GPU resou
To take advantage of these benefits, a system with a compatible GPU and graphics drivers (WDDM 2.5 or newer) is required. Incompatible systems will render apps in Windows Sandbox with Microsoft's CPU-based rendering technology, Windows Advanced Rasterization Platform (WARP).
-
+
## Battery pass-through
Windows Sandbox is also aware of the host's battery state, which allows it to optimize its power consumption. This functionality is critical for technology that is used on laptops, where battery life is often critical.
diff --git a/windows/security/threat-protection/windows-sandbox/windows-sandbox-configure-using-wsb-file.md b/windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-configure-using-wsb-file.md
similarity index 98%
rename from windows/security/threat-protection/windows-sandbox/windows-sandbox-configure-using-wsb-file.md
rename to windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-configure-using-wsb-file.md
index e9dc1bb0cc..a0d3dc4bea 100644
--- a/windows/security/threat-protection/windows-sandbox/windows-sandbox-configure-using-wsb-file.md
+++ b/windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-configure-using-wsb-file.md
@@ -1,16 +1,11 @@
---
title: Windows Sandbox configuration
description: Windows Sandbox configuration
-ms.prod: windows-client
-author: vinaypamnani-msft
-ms.author: vinpa
-manager: aaroncz
ms.collection:
- highpri
- tier2
ms.topic: article
-ms.date: 6/30/2022
-ms.technology: itpro-security
+ms.date: 05/25/2023
---
# Windows Sandbox configuration
diff --git a/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md b/windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-overview.md
similarity index 89%
rename from windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md
rename to windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-overview.md
index 8f3d7bd7de..02bb837f09 100644
--- a/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md
+++ b/windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-overview.md
@@ -1,23 +1,18 @@
---
title: Windows Sandbox
description: Windows Sandbox overview
-ms.prod: windows-client
-author: vinaypamnani-msft
-ms.author: vinpa
-manager: aaroncz
ms.collection:
- highpri
- tier2
ms.topic: article
-ms.date: 6/30/2022
-ms.technology: itpro-security
+ms.date: 05/25/2023
---
# Windows Sandbox
Windows Sandbox provides a lightweight desktop environment to safely run applications in isolation. Software installed inside the Windows Sandbox environment remains "sandboxed" and runs separately from the host machine.
-A sandbox is temporary. When it's closed, all the software and files and the state are deleted. You get a brand-new instance of the sandbox every time you open the application. Note, however, that as of [Windows 11 Build 22509](https://blogs.windows.com/windows-insider/2021/12/01/announcing-windows-11-insider-preview-build-22509/), your data will persist through a restart initiated from inside the virtualized environment—useful for installing applications that require the OS to reboot.
+A sandbox is temporary. When it's closed, all the software and files and the state are deleted. You get a brand-new instance of the sandbox every time you open the application. Note, however, that as of Windows 11, version 22H2, your data will persist through a restart initiated from inside the virtualized environment—useful for installing applications that require the OS to reboot.
Software and applications installed on the host aren't directly available in the sandbox. If you need specific applications available inside the Windows Sandbox environment, they must be explicitly installed within the environment.
@@ -32,7 +27,7 @@ Windows Sandbox has the following properties:
> [!IMPORTANT]
> Windows Sandbox enables network connection by default. It can be disabled using the [Windows Sandbox configuration file](/windows/security/threat-protection/windows-sandbox/windows-sandbox-configure-using-wsb-file#networking).
-[!INCLUDE [windows-sandbox](../../../../includes/licensing/windows-sandbox.md)]
+[!INCLUDE [windows-sandbox](../../../../../includes/licensing/windows-sandbox.md)]
## Prerequisites
diff --git a/windows/security/apps.md b/windows/security/apps.md
index cbf8e3d5c8..a2e62786ce 100644
--- a/windows/security/apps.md
+++ b/windows/security/apps.md
@@ -1,7 +1,7 @@
---
title: Windows application security
description: Get an overview of application security in Windows
-ms.reviewer:
+ms.reviewer:
manager: aaroncz
ms.author: paoloma
author: paolomatarazzo
@@ -21,7 +21,6 @@ The following table summarizes the Windows security features and capabilities fo
|:---|:---|
| Windows Defender Application Control | Application control is one of the most effective security controls to prevent unwanted or malicious code from running. It moves away from an application trust model where all code is assumed trustworthy to one where apps must earn trust to run. Learn more: [Application Control for Windows](threat-protection/windows-defender-application-control/windows-defender-application-control.md) |
| Microsoft Defender Application Guard | Application Guard uses chip-based hardware isolation to isolate untrusted websites and untrusted Office files, seamlessly running untrusted websites and files in an isolated Hyper-V-based container, separate from the desktop operating system, and making sure that anything that happens within the container remains isolated from the desktop. Learn more [Microsoft Defender Application Guard overview](threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md). |
-| Windows Sandbox | Windows Sandbox provides a lightweight desktop environment to safely run applications in isolation. Software installed inside the Windows Sandbox environment remains "sandboxed" and runs separately from the host machine. A sandbox is temporary. When it's closed, all the software and files and the state are deleted. You get a brand-new instance of the sandbox every time you open the application. Learn more: [Windows Sandbox](threat-protection\windows-sandbox\windows-sandbox-overview.md)
+| Windows Sandbox | Windows Sandbox provides a lightweight desktop environment to safely run applications in isolation. Software installed inside the Windows Sandbox environment remains "sandboxed" and runs separately from the host machine. A sandbox is temporary. When it's closed, all the software and files and the state are deleted. You get a brand-new instance of the sandbox every time you open the application. Learn more: [Windows Sandbox](application-security/application-isolation/windows-sandbox/windows-sandbox-overview.md) |
| Email Security | With Windows S/MIME email security, users can encrypt outgoing messages and attachments, so only intended recipients with digital identification (ID)—also called a certificate—can read them. Users can digitally sign a message, which verifies the identity of the sender and ensures the message has not been tampered with.[Configure S/MIME for Windows 10](identity-protection/configure-s-mime.md) |
| Microsoft Defender SmartScreen | Microsoft Defender SmartScreen protects against phishing or malware websites and applications, and the downloading of potentially malicious files. Learn more: [Microsoft Defender SmartScreen overview](threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md) |
-
diff --git a/windows/security/docfx.json b/windows/security/docfx.json
index 7504a93725..e387747efd 100644
--- a/windows/security/docfx.json
+++ b/windows/security/docfx.json
@@ -54,10 +54,10 @@
}
},
"contributors_to_exclude": [
- "rjagiewich",
- "traya1",
- "rmca14",
- "claydetels19",
+ "rjagiewich",
+ "traya1",
+ "rmca14",
+ "claydetels19",
"jborsecnik",
"tiburd",
"AngelaMotherofDragons",
@@ -66,59 +66,76 @@
"garycentric",
"beccarobins"
],
- "searchScope": ["Windows 10"]
+ "searchScope": [
+ "Windows 10"
+ ]
},
"fileMetadata": {
- "author":{
+ "author": {
+ "application-security/application-isolation/windows-sandbox/**/*.md": "vinaypamnani-msft",
"identity-protection/**/*.md": "paolomatarazzo",
- "threat-protection/windows-firewall/**/*.md": "aczechowski"
+ "operating-system-security/network-security/**/*.md": "paolomatarazzo",
+ "operating-system-security/network-security/windows-firewall/**/*.md": "ngangulyms"
},
- "ms.author":{
+ "ms.author": {
+ "application-security/application-isolation/windows-sandbox/**/*.md": "vinpa",
"identity-protection/**/*.md": "paoloma",
- "threat-protection/windows-firewall/*.md": "aaroncz"
+ "operating-system-security/network-security/**/*.md": "paoloma",
+ "operating-system-security/network-security/windows-firewall/*.md": "nganguly"
},
- "appliesto":{
+ "appliesto": {
+ "application-security/application-isolation/windows-sandbox/**/*.md": [
+ "✅ Windows 11",
+ "✅ Windows 10"
+ ],
"identity-protection/**/*.md": [
- "✅ Windows 11",
- "✅ Windows 10"
+ "✅ Windows 11",
+ "✅ Windows 10"
],
"identity-protection/credential-guard/**/*.md": [
- "✅ Windows 11",
- "✅ Windows 10",
- "✅ Windows Server 2022",
- "✅ Windows Server 2019",
- "✅ Windows Server 2016"
+ "✅ Windows 11",
+ "✅ Windows 10",
+ "✅ Windows Server 2022",
+ "✅ Windows Server 2019",
+ "✅ Windows Server 2016"
],
"identity-protection/smart-cards/**/*.md": [
- "✅ Windows 11",
- "✅ Windows 10",
- "✅ Windows Server 2022",
- "✅ Windows Server 2019",
- "✅ Windows Server 2016"
+ "✅ Windows 11",
+ "✅ Windows 10",
+ "✅ Windows Server 2022",
+ "✅ Windows Server 2019",
+ "✅ Windows Server 2016"
],
"identity-protection/user-account-control/**/*.md": [
- "✅ Windows 11",
- "✅ Windows 10",
- "✅ Windows Server 2022",
- "✅ Windows Server 2019",
- "✅ Windows Server 2016"
+ "✅ Windows 11",
+ "✅ Windows 10",
+ "✅ Windows Server 2022",
+ "✅ Windows Server 2019",
+ "✅ Windows Server 2016"
],
"identity-protection/virtual-smart-cards/**/*.md": [
- "✅ Windows 11",
- "✅ Windows 10",
- "✅ Windows Server 2022",
- "✅ Windows Server 2019",
- "✅ Windows Server 2016"
+ "✅ Windows 11",
+ "✅ Windows 10",
+ "✅ Windows Server 2022",
+ "✅ Windows Server 2019",
+ "✅ Windows Server 2016"
+ ],
+ "operating-system-security/network-security/windows-firewall/**/*.md": [
+ "✅ Windows 11",
+ "✅ Windows 10",
+ "✅ Windows Server 2022",
+ "✅ Windows Server 2019",
+ "✅ Windows Server 2016"
]
},
- "ms.reviewer":{
+ "ms.reviewer": {
"identity-protection/hello-for-business/*.md": "erikdau",
"identity-protection/credential-guard/*.md": "zwhittington",
"identity-protection/access-control/*.md": "sulahiri",
- "threat-protection/windows-firewall/*.md": "paoloma",
- "identity-protection/vpn/*.md": "pesmith"
+ "operating-system-security/network-security/windows-firewall/*.md": "paoloma",
+ "operating-system-security/network-security/vpn/*.md": "pesmith"
},
- "ms.collection":{
+ "ms.collection": {
"identity-protection/hello-for-business/*.md": "tier1",
"information-protection/bitlocker/*.md": "tier1",
"information-protection/personal-data-encryption/*.md": "tier1",
@@ -126,11 +143,11 @@
"information-protection/tpm/*.md": "tier1",
"threat-protection/auditing/*.md": "tier3",
"threat-protection/windows-defender-application-control/*.md": "tier3",
- "threat-protection/windows-firewall/*.md": "tier3"
+ "operating-system-security/network-security/windows-firewall/*.md": "tier3"
}
},
"template": [],
"dest": "security",
"markdownEngineName": "markdig"
}
-}
+}
\ No newline at end of file
diff --git a/windows/security/identity-protection/credential-guard/credential-guard-manage.md b/windows/security/identity-protection/credential-guard/credential-guard-manage.md
index eb38ab1250..295926ae5f 100644
--- a/windows/security/identity-protection/credential-guard/credential-guard-manage.md
+++ b/windows/security/identity-protection/credential-guard/credential-guard-manage.md
@@ -1,5 +1,5 @@
---
-title: Manage Windows Defender Credential Guard (Windows)
+title: Manage Windows Defender Credential Guard
description: Learn how to deploy and manage Windows Defender Credential Guard using Group Policy or the registry.
ms.date: 11/23/2022
ms.collection:
diff --git a/windows/security/identity-protection/credential-guard/credential-guard-protection-limits.md b/windows/security/identity-protection/credential-guard/credential-guard-protection-limits.md
index 6b9dbeadc9..6719b3db77 100644
--- a/windows/security/identity-protection/credential-guard/credential-guard-protection-limits.md
+++ b/windows/security/identity-protection/credential-guard/credential-guard-protection-limits.md
@@ -1,5 +1,5 @@
---
-title: Windows Defender Credential Guard protection limits (Windows)
+title: Windows Defender Credential Guard protection limits
description: Some ways to store credentials are not protected by Windows Defender Credential Guard in Windows. Learn more with this guide.
ms.date: 08/17/2017
ms.topic: article
diff --git a/windows/security/identity-protection/credential-guard/credential-guard.md b/windows/security/identity-protection/credential-guard/credential-guard.md
index af00a1aef1..519ec863c8 100644
--- a/windows/security/identity-protection/credential-guard/credential-guard.md
+++ b/windows/security/identity-protection/credential-guard/credential-guard.md
@@ -1,5 +1,5 @@
---
-title: Protect derived domain credentials with Windows Defender Credential Guard (Windows)
+title: Protect derived domain credentials with Windows Defender Credential Guard
description: Windows Defender Credential Guard uses virtualization-based security to isolate secrets so that only privileged system software can access them.
ms.date: 11/22/2022
ms.topic: article
diff --git a/windows/security/identity-protection/hello-for-business/hello-biometrics-in-enterprise.md b/windows/security/identity-protection/hello-for-business/hello-biometrics-in-enterprise.md
index f1a275279e..9e89894af8 100644
--- a/windows/security/identity-protection/hello-for-business/hello-biometrics-in-enterprise.md
+++ b/windows/security/identity-protection/hello-for-business/hello-biometrics-in-enterprise.md
@@ -1,5 +1,5 @@
---
-title: Windows Hello biometrics in the enterprise (Windows)
+title: Windows Hello biometrics in the enterprise
description: Windows Hello uses biometrics to authenticate users and guard against potential spoofing, through fingerprint matching and facial recognition.
ms.date: 01/12/2021
ms.topic: article
diff --git a/windows/security/identity-protection/hello-for-business/hello-faq.yml b/windows/security/identity-protection/hello-for-business/hello-faq.yml
index 0a5083fd99..08924b2594 100644
--- a/windows/security/identity-protection/hello-for-business/hello-faq.yml
+++ b/windows/security/identity-protection/hello-for-business/hello-faq.yml
@@ -207,7 +207,7 @@ sections:
questions:
- question: Can I use an external Windows Hello compatible camera when my computer has a built-in Windows Hello compatible camera?
answer: |
- Yes. Starting with Windows 10, version 21H1 an external Windows Hello compatible camera can be used if a device already supports an internal Windows Hello camera. When both cameras are present, the external camera is used for face authentication. For more information, see [IT tools to support Windows 10, version 21H1](https://techcommunity.microsoft.com/t5/windows-it-pro-blog/it-tools-to-support-windows-10-version-21h1/ba-p/2365103). However, using external Hello cameras and accessories is restricted if ESS is enabled, please see [Windows Hello Enhanced Sign-in Security](/windows-hardware/design/device-experiences/windows-hello-enhanced-sign-in-security#pluggableperipheral-biometric-sensors).
+ Yes, you can use an external Windows Hello compatible camera if a device has an internal Windows Hello camera. When both cameras are present, the external camera is used for face authentication. For more information, see [IT tools to support Windows 10, version 21H1](https://techcommunity.microsoft.com/t5/windows-it-pro-blog/it-tools-to-support-windows-10-version-21h1/ba-p/2365103). If ESS is enabled, see [Windows Hello Enhanced Sign-in Security](/windows-hardware/design/device-experiences/windows-hello-enhanced-sign-in-security).
- question: Can I use an external Windows Hello compatible camera or other Windows Hello compatible accessory when my laptop lid is closed or docked?
answer: |
Some laptops and tablets with keyboards that close may not use an external Windows Hello compatible camera or other Windows Hello compatible accessory when the computer is docked with the lid closed. The issue has been addressed in Windows 11, version 22H2.
diff --git a/windows/security/identity-protection/hello-for-business/hello-how-it-works-authentication.md b/windows/security/identity-protection/hello-for-business/hello-how-it-works-authentication.md
index f25bac5b47..313d215066 100644
--- a/windows/security/identity-protection/hello-for-business/hello-how-it-works-authentication.md
+++ b/windows/security/identity-protection/hello-for-business/hello-how-it-works-authentication.md
@@ -1,24 +1,16 @@
---
-title: How Windows Hello for Business works - Authentication
-description: Learn about the authentication flow for Windows Hello for Business.
-ms.date: 02/15/2022
-ms.topic: article
+title: How Windows Hello for Business authentication works
+description: Learn about the Windows Hello for Business authentication flows.
+ms.date: 05/24/2023
+ms.topic: reference
---
-# Windows Hello for Business and Authentication
+# Windows Hello for Business authentication
-Windows Hello for Business authentication is passwordless, two-factor authentication. Authenticating with Windows Hello for Business provides a convenient sign-in experience that authenticates the user to both Azure Active Directory and Active Directory resources.
+Windows Hello for Business authentication is a passwordless, two-factor authentication. Authenticating with Windows Hello for Business provides a convenient sign-in experience that authenticates the user to both Azure Active Directory and Active Directory resources.
-Azure Active Directory-joined devices authenticate to Azure during sign-in and can optionally authenticate to Active Directory. Hybrid Azure Active Directory-joined devices authenticate to Active Directory during sign-in, and authenticate to Azure Active Directory in the background.
+Azure AD-joined devices authenticate to Azure AD during sign-in and can, optionally, authenticate to Active Directory. Hybrid Azure AD-joined devices authenticate to Active Directory during sign-in, and authenticate to Azure AD in the background.
-- [Azure AD join authentication to Azure Active Directory](#azure-ad-join-authentication-to-azure-active-directory)
-- [Azure AD join authentication to Active Directory using Azure AD Kerberos (cloud Kerberos trust)](#azure-ad-join-authentication-to-active-directory-using-azure-ad-kerberos-cloud-kerberos-trust)
-- [Azure AD join authentication to Active Directory using a key](#azure-ad-join-authentication-to-active-directory-using-a-key)
-- [Azure AD join authentication to Active Directory using a certificate](#azure-ad-join-authentication-to-active-directory-using-a-certificate)
-- [Hybrid Azure AD join authentication using Azure AD Kerberos (cloud Kerberos trust)](#hybrid-azure-ad-join-authentication-using-azure-ad-kerberos-cloud-kerberos-trust)
-- [Hybrid Azure AD join authentication using a key](#hybrid-azure-ad-join-authentication-using-a-key)
-- [Hybrid Azure AD join authentication using a certificate](#hybrid-azure-ad-join-authentication-using-a-certificate)
-
-## Azure AD join authentication to Azure Active Directory
+## Azure AD join authentication to Azure AD
@@ -27,20 +19,20 @@ Azure Active Directory-joined devices authenticate to Azure during sign-in and c
| Phase | Description |
| :----: | :----------- |
-|A | Authentication begins when the user dismisses the lock screen, which triggers winlogon to show the Windows Hello for Business credential provider. The user provides their Windows Hello gesture (PIN or biometrics). The credential provider packages these credentials and returns them to winlogon. Winlogon passes the collected credentials to lsass. Lsass passes the collected credentials to the Cloud Authentication security support provider, referred to as the Cloud AP provider.|
+|A | Authentication begins when the user dismisses the lock screen, which triggers Winlogon to show the Windows Hello for Business credential provider. The user provides their Windows Hello gesture (PIN or biometrics). The credential provider packages these credentials and returns them to Winlogon. Winlogon passes the collected credentials to lsass. Lsass passes the collected credentials to the Cloud Authentication security support provider, referred to as the Cloud AP provider.|
|B | The Cloud AP provider requests a nonce from Azure Active Directory. Azure AD returns a nonce. The Cloud AP provider signs the nonce using the user's private key and returns the signed nonce to the Azure Active Directory.|
-|C | Azure Active Directory validates the signed nonce using the user's securely registered public key against the nonce signature. After validating the signature, Azure AD then validates the returned signed nonce. After validating the nonce, Azure AD creates a PRT with session key that is encrypted to the device's transport key and returns it to the Cloud AP provider.|
+|C | Azure Active Directory validates the signed nonce using the user's securely registered public key against the nonce signature. Azure AD then validates the returned signed nonce, and creates a PRT with session key that is encrypted to the device's transport key and returns it to the Cloud AP provider.|
|D | The Cloud AP provider receives the encrypted PRT with session key. Using the device's private transport key, the Cloud AP provider decrypt the session key and protects the session key using the device's TPM.|
-|E | The Cloud AP provider returns a successful authentication response to lsass. Lsass caches the PRT, and informs winlogon of the success authentication. Winlogon creates a logon session, loads the user's profile, and starts explorer.exe.|
+|E | The Cloud AP provider returns a successful authentication response to lsass. Lsass caches the PRT, and informs Winlogon of the success authentication. Winlogon creates a logon session, loads the user's profile, and starts explorer.exe.|
-## Azure AD join authentication to Active Directory using Azure AD Kerberos (cloud Kerberos trust)
+## Azure AD join authentication to Active Directory using cloud Kerberos trust
| Phase | Description |
| :----: | :----------- |
|A | Authentication to Active Directory from an Azure AD joined device begins with the user first attempts to use a resource that needs Kerberos authentication. The Kerberos security support provider, hosted in lsass, uses metadata from the Windows Hello for Business key to get a hint of the user's domain. Using the hint, the provider uses the DClocator service to locate a 2016 domain controller.
-|B | After locating an active 2016 domain controller, the Kerberos provider sends a partial TGT that it received from Azure AD from a previous Azure AD authentication to the domain controller. The partial TGT contains only the user SID and is signed by Azure AD Kerberos. The domain controller will verify that the partial TGT is valid. On success, the KDC returns a TGT to the client.|
+|B | After locating a domain controller, the Kerberos provider sends a partial TGT that it received from Azure AD from a previous Azure AD authentication to the domain controller. The partial TGT contains only the user SID, and it's signed by Azure AD Kerberos. The domain controller verifies that the partial TGT is valid. On success, the KDC returns a TGT to the client.|
## Azure AD join authentication to Active Directory using a key
@@ -48,9 +40,9 @@ Azure Active Directory-joined devices authenticate to Azure during sign-in and c
| Phase | Description |
| :----: | :----------- |
-|A | Authentication to Active Directory from an Azure AD joined device begins with the user first attempts to use a resource that needs Kerberos authentication. The Kerberos security support provider, hosted in lsass, uses metadata from the Windows Hello for Business key to get a hint of the user's domain. Using the hint, the provider uses the DClocator service to locate a 2016 domain controller. After the provider locates an active 2016 domain controller, the provider uses the private key to sign the Kerberos pre-authentication data.|
-|B | The Kerberos provider sends the signed pre-authentication data and its public key (in the form of a self-signed certificate) to the Key Distribution Center (KDC) service running on the 2016 domain controller in the form of a KERB_AS_REQ.
The 2016 domain controller determines the certificate is a self-signed certificate. It retrieves the public key from the certificate included in the KERB_AS_REQ and searches for the public key in Active Directory. It validates the UPN for authentication request matches the UPN registered in Active Directory and validates the signed pre-authentication data using the public key from Active Directory. On success, the KDC returns a TGT to the client with its certificate in a KERB_AS_REP.|
-|C | The Kerberos provider ensures it can trust the response from the domain controller. First, it ensures the KDC certificate chains to a root certificate that is trusted by the device. Next, it ensures the certificate is within its validity period and that it has not been revoked. The Kerberos provider then verifies the certificate has the KDC Authentication present and that the subject alternate name listed in the KDC's certificate matches the domain name to which the user is authenticating. After passing this criteria, Kerberos returns the TGT to lsass, where it is cached and used for subsequent service ticket requests.|
+|A | Authentication to Active Directory from an Azure AD joined device begins with the user first attempts to use a resource that needs Kerberos authentication. The Kerberos security support provider, hosted in lsass, uses metadata from the Windows Hello for Business key to get a hint of the user's domain. Using the hint, the provider uses the DClocator service to locate a 2016 domain controller. After the provider locates a domain controller, the provider uses the private key to sign the Kerberos preauthentication data.|
+|B | The Kerberos provider sends the signed preauthentication data and its public key (in the form of a self-signed certificate) to the Key Distribution Center (KDC) service running on the 2016 domain controller in the form of a KERB_AS_REQ.
The 2016 domain controller determines the certificate is a self-signed certificate. It retrieves the public key from the certificate included in the KERB_AS_REQ and searches for the public key in Active Directory. It validates the UPN for authentication request matches the UPN registered in Active Directory and validates the signed preauthentication data using the public key from Active Directory. On success, the KDC returns a TGT to the client with its certificate in a KERB_AS_REP.|
+|C | The Kerberos provider ensures it can trust the response from the domain controller. First, it ensures the KDC certificate chains to a root certificate that is trusted by the device. Next, it ensures the certificate is within its validity period and that it hasn't been revoked. The Kerberos provider then verifies the certificate has the KDC Authentication present and that the subject alternate name listed in the KDC's certificate matches the domain name to which the user is authenticating. After passing this criteria, Kerberos returns the TGT to lsass, where it's cached and used for subsequent service ticket requests.|
> [!NOTE]
> You might have an on-premises domain federated with Azure AD. Once you have successfully provisioned Windows Hello for Business PIN/Bio on the Azure AD joined device, any future login of Windows Hello for Business (PIN/Bio) sign-in will directly authenticate against Azure AD to get PRT and trigger authenticate against your DC (if LOS to DC is available) to get Kerberos. It no longer uses AD FS to authenticate for Windows Hello for Business sign-ins.
@@ -61,24 +53,24 @@ Azure Active Directory-joined devices authenticate to Azure during sign-in and c
| Phase | Description |
| :----: | :----------- |
-|A | Authentication to Active Directory from an Azure AD joined device begins with the user first attempts to use a resource that needs Kerberos authentication. The Kerberos security support provider, hosted in lsass, uses information from the certificate to get a hint of the user's domain. Kerberos can use the distinguished name of the user found in the subject of the certificate, or it can use the user principal name of the user found in the subject alternate name of the certificate. Using the hint, the provider uses the DClocator service to locate a domain controller. After the provider locates an active domain controller, the provider uses the private key to sign the Kerberos pre-authentication data.|
-|B | The Kerberos provider sends the signed pre-authentication data and user's certificate, which includes the public key, to the Key Distribution Center (KDC) service running on the domain controller in the form of a KERB_AS_REQ.
The domain controller determines the certificate is not self-signed certificate. The domain controller ensures the certificate chains to trusted root certificate, is within its validity period, can be used for authentication, and has not been revoked. It retrieves the public key and UPN from the certificate included in the KERB_AS_REQ and searches for the UPN in Active Directory. It validates the signed pre-authentication data using the public key from the certificate. On success, the KDC returns a TGT to the client with its certificate in a KERB_AS_REP.|
-|C | The Kerberos provider ensures it can trust the response from the domain controller. First, it ensures the KDC certificate chains to a root certificate that is trusted by the device. Next, it ensures the certificate is within its validity period and that it has not been revoked. The Kerberos provider then verifies the certificate has the KDC Authentication present and that the subject alternate name listed in the KDC's certificate matches the domain name to which the user is authenticating. After passing this criteria, Kerberos returns the TGT to lsass, where it is cached and used for subsequent service ticket requests.|
+|A | Authentication to Active Directory from an Azure AD joined device begins with the user first attempts to use a resource that needs Kerberos authentication. The Kerberos security support provider, hosted in lsass, uses information from the certificate to get a hint of the user's domain. Kerberos can use the distinguished name of the user found in the subject of the certificate, or it can use the user principal name of the user found in the subject alternate name of the certificate. Using the hint, the provider uses the DClocator service to locate a domain controller. After the provider locates an active domain controller, the provider uses the private key to sign the Kerberos preauthentication data.|
+|B | The Kerberos provider sends the signed preauthentication data and user's certificate, which includes the public key, to the Key Distribution Center (KDC) service running on the domain controller in the form of a KERB_AS_REQ.
The domain controller determines the certificate isn't self-signed certificate. The domain controller ensures the certificate chains to trusted root certificate, is within its validity period, can be used for authentication, and hasn't been revoked. It retrieves the public key and UPN from the certificate included in the KERB_AS_REQ and searches for the UPN in Active Directory. It validates the signed preauthentication data using the public key from the certificate. On success, the KDC returns a TGT to the client with its certificate in a KERB_AS_REP.|
+|C | The Kerberos provider ensures it can trust the response from the domain controller. First, it ensures the KDC certificate chains to a root certificate that is trusted by the device. Next, it ensures the certificate is within its validity period and that it hasn't been revoked. The Kerberos provider then verifies the certificate has the KDC Authentication present and that the subject alternate name listed in the KDC's certificate matches the domain name to which the user is authenticating. After passing this criteria, Kerberos returns the TGT to lsass, where it's cached and used for subsequent service ticket requests.|
> [!NOTE]
> You may have an on-premises domain federated with Azure AD. Once you have successfully provisioned Windows Hello for Business PIN/Bio on, any future login of Windows Hello for Business (PIN/Bio) sign-in will directly authenticate against Azure AD to get PRT, as well as authenticate against your DC (if LOS to DC is available) to get Kerberos as mentioned previously. AD FS federation is used only when Enterprise PRT calls are placed from the client. You need to have device write-back enabled to get "Enterprise PRT" from your federation.
-## Hybrid Azure AD join authentication using Azure AD Kerberos (cloud Kerberos trust)
+## Hybrid Azure AD join authentication using cloud Kerberos trust
| Phase | Description |
| :----: | :----------- |
-|A | Authentication begins when the user dismisses the lock screen, which triggers winlogon to show the Windows Hello for Business credential provider. The user provides their Windows Hello gesture (PIN or biometrics). The credential provider packages these credentials and returns them to winlogon. Winlogon passes the collected credentials to lsass. Lsass queries Windows Hello for Business policy to check if cloud Kerberos trust is enabled. If cloud Kerberos trust is enabled, Lsass passes the collected credentials to the Cloud Authentication security support provider, or Cloud AP. Cloud AP requests a nonce from Azure Active Directory. Azure AD returns a nonce.
+|A | Authentication begins when the user dismisses the lock screen, which triggers Winlogon to show the Windows Hello for Business credential provider. The user provides their Windows Hello gesture (PIN or biometrics). The credential provider packages these credentials and returns them to Winlogon. Winlogon passes the collected credentials to lsass. Lsass queries Windows Hello for Business policy to check if cloud Kerberos trust is enabled. If cloud Kerberos trust is enabled, Lsass passes the collected credentials to the Cloud Authentication security support provider, or Cloud AP. Cloud AP requests a nonce from Azure Active Directory. Azure AD returns a nonce.
|B | Cloud AP signs the nonce using the user's private key and returns the signed nonce to Azure AD.
|C | Azure AD validates the signed nonce using the user's securely registered public key against the nonce signature. After validating the signature, Azure AD then validates the returned signed nonce. After validating the nonce, Azure AD creates a PRT with session key that is encrypted to the device's transport key and creates a Partial TGT from Azure AD Kerberos and returns them to Cloud AP.
|D | Cloud AP receives the encrypted PRT with session key. Using the device's private transport key, Cloud AP decrypts the session key and protects the session key using the device's TPM (if available). Cloud AP returns a successful authentication response to lsass. Lsass caches the PRT and the Partial TGT.
-|E | The Kerberos security support provider, hosted in lsass, uses metadata from the Windows Hello for Business key to get a hint of the user's domain. Using the hint, the provider uses the DClocator service to locate a 2016 domain controller. After locating an active 2016 domain controller, the Kerberos provider sends the partial TGT that it received from Azure AD to the domain controller. The partial TGT contains only the user SID and is signed by Azure AD Kerberos. The domain controller will verify that the partial TGT is valid. On success, the KDC returns a TGT to the client. Kerberos will return the TGT to lsass, where it is cached and used for subsequent service ticket requests. Lsass informs winlogon of the success authentication. Winlogon creates a logon session, loads the user's profile, and starts explorer.exe.|
+|E | The Kerberos security support provider, hosted in lsass, uses metadata from the Windows Hello for Business key to get a hint of the user's domain. Using the hint, the provider uses the DClocator service to locate a 2016 domain controller. After locating an active 2016 domain controller, the Kerberos provider sends the partial TGT that it received from Azure AD to the domain controller. The partial TGT contains only the user SID and is signed by Azure AD Kerberos. The domain controller verifies that the partial TGT is valid. On success, the KDC returns a TGT to the client. Kerberos returns the TGT to lsass, where it's cached and used for subsequent service ticket requests. Lsass informs Winlogon of the success authentication. Winlogon creates a logon session, loads the user's profile, and starts explorer.exe.|
## Hybrid Azure AD join authentication using a key
@@ -86,11 +78,11 @@ Azure Active Directory-joined devices authenticate to Azure during sign-in and c
| Phase | Description |
| :----: | :----------- |
-|A | Authentication begins when the user dismisses the lock screen, which triggers winlogon to show the Windows Hello for Business credential provider. The user provides their Windows Hello gesture (PIN or biometrics). The credential provider packages these credentials and returns them to winlogon. Winlogon passes the collected credentials to lsass. Lsass passes the collected credentials to the Kerberos security support provider. The Kerberos provider gets domain hints from the domain joined workstation to locate a domain controller for the user.|
-|B | The Kerberos provider sends the signed pre-authentication data and the user's public key (in the form of a self-signed certificate) to the Key Distribution Center (KDC) service running on the 2016 domain controller in the form of a KERB_AS_REQ.
The 2016 domain controller determines the certificate is a self-signed certificate. It retrieves the public key from the certificate included in the KERB_AS_REQ and searches for the public key in Active Directory. It validates the UPN for authentication request matches the UPN registered in Active Directory and validates the signed pre-authentication data using the public key from Active Directory. On success, the KDC returns a TGT to the client with its certificate in a KERB_AS_REP.|
-|C | The Kerberos provider ensures it can trust the response from the domain controller. First, it ensures the KDC certificate chains to a root certificate that is trusted by the device. Next, it ensures the certificate is within its validity period and that it has not been revoked. The Kerberos provider then verifies the certificate has the KDC Authentication present and that the subject alternate name listed in the KDC's certificate matches the domain name to which the user is authenticating.
-|D | After passing this criteria, Kerberos returns the TGT to lsass, where it is cached and used for subsequent service ticket requests.|
-|E | Lsass informs winlogon of the success authentication. Winlogon creates a logon session, loads the user's profile, and starts explorer.exe.|
+|A | Authentication begins when the user dismisses the lock screen, which triggers Winlogon to show the Windows Hello for Business credential provider. The user provides their Windows Hello gesture (PIN or biometrics). The credential provider packages these credentials and returns them to Winlogon. Winlogon passes the collected credentials to lsass. Lsass passes the collected credentials to the Kerberos security support provider. The Kerberos provider gets domain hints from the domain joined workstation to locate a domain controller for the user.|
+|B | The Kerberos provider sends the signed preauthentication data and the user's public key (in the form of a self-signed certificate) to the Key Distribution Center (KDC) service running on the 2016 domain controller in the form of a KERB_AS_REQ.
The 2016 domain controller determines the certificate is a self-signed certificate. It retrieves the public key from the certificate included in the KERB_AS_REQ and searches for the public key in Active Directory. It validates the UPN for authentication request matches the UPN registered in Active Directory and validates the signed preauthentication data using the public key from Active Directory. On success, the KDC returns a TGT to the client with its certificate in a KERB_AS_REP.|
+|C | The Kerberos provider ensures it can trust the response from the domain controller. First, it ensures the KDC certificate chains to a root certificate that is trusted by the device. Next, it ensures the certificate is within its validity period and that it hasn't been revoked. The Kerberos provider then verifies the certificate has the KDC Authentication present and that the subject alternate name listed in the KDC's certificate matches the domain name to which the user is authenticating.
+|D | After passing this criteria, Kerberos returns the TGT to lsass, where it's cached and used for subsequent service ticket requests.|
+|E | Lsass informs Winlogon of the success authentication. Winlogon creates a logon session, loads the user's profile, and starts explorer.exe.|
|F | While Windows loads the user's desktop, lsass passes the collected credentials to the Cloud Authentication security support provider, referred to as the Cloud AP provider. The Cloud AP provider requests a nonce from Azure Active Directory. Azure AD returns a nonce.|
|G | The Cloud AP provider signs the nonce using the user's private key and returns the signed nonce to the Azure Active Directory. Azure Active Directory validates the signed nonce using the user's securely registered public key against the nonce signature. After validating the signature, Azure AD then validates the returned signed nonce. After validating the nonce, Azure AD creates a PRT with session key that is encrypted to the device's transport key and returns it to the Cloud AP provider.
The Cloud AP provider receives the encrypted PRT with session key. Using the device's private transport key, the Cloud AP provider decrypt the session key and protects the session key using the device's TPM.
The Cloud AP provider returns a successful authentication response to lsass. Lsass caches the PRT.|
@@ -103,13 +95,13 @@ Azure Active Directory-joined devices authenticate to Azure during sign-in and c
| Phase | Description |
| :----: | :----------- |
-|A | Authentication begins when the user dismisses the lock screen, which triggers winlogon to show the Windows Hello for Business credential provider. The user provides their Windows Hello gesture (PIN or biometrics). The credential provider packages these credentials and returns them to winlogon. Winlogon passes the collected credentials to lsass. Lsass passes the collected credentials to the Kerberos security support provider. The Kerberos provider gets domain hints from the domain joined workstation to locate a domain controller for the user.|
-|B | The Kerberos provider sends the signed pre-authentication data and user's certificate, which includes the public key, to the Key Distribution Center (KDC) service running on the domain controller in the form of a KERB_AS_REQ.
The domain controller determines the certificate is not self-signed certificate. The domain controller ensures the certificate chains to trusted root certificate, is within its validity period, can be used for authentication, and has not been revoked. It retrieves the public key and UPN from the certificate included in the KERB_AS_REQ and searches for the UPN in Active Directory. It validates the signed pre-authentication data using the public key from the certificate. On success, the KDC returns a TGT to the client with its certificate in a KERB_AS_REP.|
-|C | The Kerberos provider ensures it can trust the response from the domain controller. First, it ensures the KDC certificate chains to a root certificate that is trusted by the device. Next, it ensures the certificate is within its validity period and that it has not been revoked. The Kerberos provider then verifies the certificate has the KDC Authentication present and that the subject alternate name listed in the KDC's certificate matches the domain name to which the user is authenticating.
-|D | After passing this criteria, Kerberos returns the TGT to lsass, where it is cached and used for subsequent service ticket requests.|
-|E | Lsass informs winlogon of the success authentication. Winlogon creates a logon session, loads the user's profile, and starts explorer.exe.|
+|A | Authentication begins when the user dismisses the lock screen, which triggers Winlogon to show the Windows Hello for Business credential provider. The user provides their Windows Hello gesture (PIN or biometrics). The credential provider packages these credentials and returns them to Winlogon. Winlogon passes the collected credentials to lsass. Lsass passes the collected credentials to the Kerberos security support provider. The Kerberos provider gets domain hints from the domain joined workstation to locate a domain controller for the user.|
+|B | The Kerberos provider sends the signed preauthentication data and user's certificate, which includes the public key, to the Key Distribution Center (KDC) service running on the domain controller in the form of a KERB_AS_REQ.
The domain controller determines the certificate isn't self-signed certificate. The domain controller ensures the certificate chains to trusted root certificate, is within its validity period, can be used for authentication, and hasn't been revoked. It retrieves the public key and UPN from the certificate included in the KERB_AS_REQ and searches for the UPN in Active Directory. It validates the signed preauthentication data using the public key from the certificate. On success, the KDC returns a TGT to the client with its certificate in a KERB_AS_REP.|
+|C | The Kerberos provider ensures it can trust the response from the domain controller. First, it ensures the KDC certificate chains to a root certificate that is trusted by the device. Next, it ensures the certificate is within its validity period and that it hasn't been revoked. The Kerberos provider then verifies the certificate has the KDC Authentication present and that the subject alternate name listed in the KDC's certificate matches the domain name to which the user is authenticating.
+|D | After passing this criteria, Kerberos returns the TGT to lsass, where it's cached and used for subsequent service ticket requests.|
+|E | Lsass informs Winlogon of the success authentication. Winlogon creates a logon session, loads the user's profile, and starts explorer.exe.|
|F | While Windows loads the user's desktop, lsass passes the collected credentials to the Cloud Authentication security support provider, referred to as the Cloud AP provider. The Cloud AP provider requests a nonce from Azure Active Directory. Azure AD returns a nonce.|
|G | The Cloud AP provider signs the nonce using the user's private key and returns the signed nonce to the Azure Active Directory. Azure Active Directory validates the signed nonce using the user's securely registered public key against the nonce signature. After validating the signature, Azure AD then validates the returned signed nonce. After validating the nonce, Azure AD creates a PRT with session key that is encrypted to the device's transport key and returns it to the Cloud AP provider.
The Cloud AP provider receives the encrypted PRT with session key. Using the device's private transport key, the Cloud AP provider decrypt the session key and protects the session key using the device's TPM.
The Cloud AP provider returns a successful authentication response to lsass. Lsass caches the PRT.|
> [!IMPORTANT]
-> In the above deployment model, a newly provisioned user will not be able to sign in using Windows Hello for Business unless the device has line of sight to the domain controller for the first time.
+> In the above deployment model, a **newly provisioned** user will not be able to sign in using Windows Hello for Business unless the device has line of sight to the domain controller.
diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust.md
index d3f07a3668..47edfbacd4 100644
--- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust.md
+++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust.md
@@ -35,12 +35,14 @@ With Azure AD Kerberos, Azure AD can issue TGTs for one or more AD domains. Wind
When Azure AD Kerberos is enabled in an Active Directory domain, an *Azure AD Kerberos server object* is created in the domain. This object:
- Appears as a Read Only Domain Controller (RODC) object, but isn't associated with any physical servers
-- Is only used by Azure AD to generate TGTs for the Active Directory domain. The same rules and restrictions used for RODCs apply to the Azure AD Kerberos Server object
+- Is only used by Azure AD to generate TGTs for the Active Directory domain.
+ > [!NOTE]
+ > The same rules and restrictions used for RODCs apply to the Azure AD Kerberos Server object. For example, users that are direct or indirect members of the built-in security group *Denied RODC Password Replication Group* won't be able to use cloud Kerberos trust.
:::image type="content" source="images/azuread-kerberos-object.png" alt-text="Active Directory Users and Computers console, showing the computer object representing the Azure AD Kerberos server ":::
For more information about how Azure AD Kerberos enables access to on-premises resources, see [enabling passwordless security key sign-in to on-premises resources][AZ-1].\
-For more information about how Azure AD Kerberos works with Windows Hello for Business cloud Kerberos trust, see [Windows Hello for Business authentication technical deep dive](hello-how-it-works-authentication.md#hybrid-azure-ad-join-authentication-using-azure-ad-kerberos-cloud-kerberos-trust).
+For more information about how Azure AD Kerberos works with Windows Hello for Business cloud Kerberos trust, see [Windows Hello for Business authentication technical deep dive](hello-how-it-works-authentication.md#hybrid-azure-ad-join-authentication-using-cloud-kerberos-trust).
> [!IMPORTANT]
> When implementing the cloud Kerberos trust deployment model, you *must* ensure that you have an adequate number of *read-write domain controllers* in each Active Directory site where users will be authenticating with Windows Hello for Business. For more information, see [Capacity planning for Active Directory][SERV-1].
@@ -88,4 +90,4 @@ Once the prerequisites are met, deploying Windows Hello for Business with a clou
[SERV-1]: /windows-server/administration/performance-tuning/role/active-directory-server/capacity-planning-for-active-directory-domain-services
[SUP-1]: https://support.microsoft.com/topic/january-23-2020-kb4534307-os-build-14393-3474-b181594e-2c6a-14ea-e75b-678efea9d27e
-[SUP-2]: https://support.microsoft.com/topic/january-23-2020-kb4534321-os-build-17763-1012-023e84c3-f9aa-3b55-8aff-d512911c459f
\ No newline at end of file
+[SUP-2]: https://support.microsoft.com/topic/january-23-2020-kb4534321-os-build-17763-1012-023e84c3-f9aa-3b55-8aff-d512911c459f
diff --git a/windows/security/identity-protection/hello-for-business/hello-manage-in-organization.md b/windows/security/identity-protection/hello-for-business/hello-manage-in-organization.md
index 2676f0066f..576ffdb0a4 100644
--- a/windows/security/identity-protection/hello-for-business/hello-manage-in-organization.md
+++ b/windows/security/identity-protection/hello-for-business/hello-manage-in-organization.md
@@ -1,6 +1,6 @@
---
-title: Manage Windows Hello in your organization (Windows)
-description: You can create a Group Policy or mobile device management (MDM) policy that will implement Windows Hello for Business on devices running Windows 10.
+title: Manage Windows Hello in your organization
+description: Learn how to create a Group Policy or mobile device management (MDM) policy to configure and deploy Windows Hello for Business.
ms.collection:
- highpri
- tier1
@@ -19,31 +19,31 @@ You can create a Group Policy or mobile device management (MDM) policy to config
## Group Policy settings for Windows Hello for Business
-The following table lists the Group Policy settings that you can configure for Windows Hello use in your workplace. These policy settings are available in **User configuration** and **Computer Configuration** under **Policies** > **Administrative Templates** > **Windows Components** > **Windows Hello for Business**.
+The following table lists the Group Policy settings that you can configure for Windows Hello use in your organization. These policy settings are available in **User configuration** and **Computer Configuration** under **Policies > Administrative Templates > Windows Components > Windows Hello for Business**.
> [!NOTE]
-> Starting with Windows 10, version 1709, the location of the PIN complexity section of the Group Policy is: **Computer Configuration** > **Administrative Templates** > **System** > **PIN Complexity**.
+> The location of the PIN complexity section of the Group Policy is: **Computer Configuration > Administrative Templates > System > PIN Complexity**.
|Policy|Scope|Options|
|--- |--- |--- |
-|Use Windows Hello for Business|Computer or user|Not configured: Device does not provision Windows Hello for Business for any user.
Enabled: Device provisions Windows Hello for Business using keys or certificates for all users.
Disabled: Device does not provision Windows Hello for Business for any user.|
-|Use a hardware security device|Computer|
Not configured: Windows Hello for Business will be provisioned using TPM if available, and will be provisioned using software if TPM is not available.
Enabled: Windows Hello for Business will only be provisioned using TPM. This feature will provision Windows Hello for Business using TPM 1.2 unless the option to exclude them is explicitly set.
Disabled: Windows Hello for Business will be provisioned using TPM if available, and will be provisioned using software if TPM is not available.|
+|Use Windows Hello for Business|Computer or user|
Not configured: Device doesn't provision Windows Hello for Business for any user.
Enabled: Device provisions Windows Hello for Business using keys or certificates for all users.
Disabled: Device doesn't provision Windows Hello for Business for any user.|
+|Use a hardware security device|Computer|
Not configured: Windows Hello for Business will be provisioned using TPM if available, and will be provisioned using software if TPM isn't available.
Enabled: Windows Hello for Business will only be provisioned using TPM. This feature will provision Windows Hello for Business using TPM 1.2 unless the option to exclude them is explicitly set.
Disabled: Windows Hello for Business will be provisioned using TPM if available, and will be provisioned using software if TPM isn't available.|
|Use certificate for on-premises authentication|Computer or user|
Not configured: Windows Hello for Business enrolls a key that is used for on-premises authentication.
Enabled: Windows Hello for Business enrolls a sign-in certificate using ADFS that is used for on-premises authentication.
Disabled: Windows Hello for Business enrolls a key that is used for on-premises authentication.|
-|Use PIN recovery|Computer|
Added in Windows 10, version 1703
Not configured: Windows Hello for Business does not create or store a PIN recovery secret. PIN reset does not use the Azure-based PIN recovery service
Enabled: Windows Hello for Business uses the Azure-based PIN recovery service for PIN reset
Disabled: Windows Hello for Business does not create or store a PIN recovery secret. PIN reset does not use the Azure-based PIN recovery service.
For more information about using the PIN recovery service for PIN reset see [Windows Hello for Business PIN Reset](hello-feature-pin-reset.md).|
+|Use PIN recovery|Computer|
Added in Windows 10, version 1703
Not configured: Windows Hello for Business doesn't create or store a PIN recovery secret. PIN reset doesn't use the Azure-based PIN recovery service
Enabled: Windows Hello for Business uses the Azure-based PIN recovery service for PIN reset
Disabled: Windows Hello for Business doesn't create or store a PIN recovery secret. PIN reset doesn't use the Azure-based PIN recovery service.
For more information about using the PIN recovery service for PIN reset see [Windows Hello for Business PIN Reset](hello-feature-pin-reset.md).|
|Use biometrics|Computer|
Not configured: Biometrics can be used as a gesture in place of a PIN
Enabled: Biometrics can be used as a gesture in place of a PIN.
Disabled: Only a PIN can be used as a gesture.|
### PIN Complexity
|Policy|Scope|Options|
|--- |--- |--- |
-|Require digits|Computer|
Not configured: Users must include a digit in their PIN.
Enabled: Users must include a digit in their PIN.
Disabled: Users cannot use digits in their PIN.|
-|Require lowercase letters|Computer|
Not configured: Users cannot use lowercase letters in their PIN
Enabled: Users must include at least one lowercase letter in their PIN.
Disabled: Users cannot use lowercase letters in their PIN.|
+|Require digits|Computer|
Not configured: Users must include a digit in their PIN.
Enabled: Users must include a digit in their PIN.
Disabled: Users can't use digits in their PIN.|
+|Require lowercase letters|Computer|
Not configured: Users can't use lowercase letters in their PIN
Enabled: Users must include at least one lowercase letter in their PIN.
Disabled: Users can't use lowercase letters in their PIN.|
|Maximum PIN length|Computer|
Not configured: PIN length must be less than or equal to 127.
Enabled: PIN length must be less than or equal to the number you specify.
Disabled: PIN length must be less than or equal to 127.|
|Minimum PIN length|Computer|
Not configured: PIN length must be greater than or equal to 4.
Enabled: PIN length must be greater than or equal to the number you specify.
Disabled: PIN length must be greater than or equal to 4.|
-|Expiration|Computer|
Not configured: PIN does not expire.
Enabled: PIN can be set to expire after any number of days between 1 and 730, or PIN can be set to never expire by setting policy to 0.
Disabled: PIN does not expire.|
-|History|Computer|
Not configured: Previous PINs are not stored.
Enabled: Specify the number of previous PINs that can be associated to a user account that can't be reused.
Disabled: Previous PINs are not stored.
Note Current PIN is included in PIN history.
|
-|Require special characters|Computer|Not configured: Windows allows, but does not require, special characters in the PIN.
Enabled: Windows requires the user to include at least one special character in their PIN.
Disabled: Windows does not allow the user to include special characters in their PIN.|
-|Require uppercase letters|Computer|
Not configured: Users cannot include an uppercase letter in their PIN.
Enabled: Users must include at least one uppercase letter in their PIN.
Disabled: Users cannot include an uppercase letter in their PIN.|
+|Expiration|Computer|
Not configured: PIN doesn't expire.
Enabled: PIN can be set to expire after any number of days between 1 and 730, or PIN can be set to never expire by setting policy to 0.
Disabled: PIN doesn't expire.|
+|History|Computer|
Not configured: Previous PINs aren't stored.
Enabled: Specify the number of previous PINs that can be associated to a user account that can't be reused.
Disabled: Previous PINs aren't stored.
Note Current PIN is included in PIN history.
|
+|Require special characters|Computer|Not configured: Windows allows, but doesn't require, special characters in the PIN.
Enabled: Windows requires the user to include at least one special character in their PIN.
Disabled: Windows doesn't allow the user to include special characters in their PIN.|
+|Require uppercase letters|Computer|
Not configured: Users can't include an uppercase letter in their PIN.
Enabled: Users must include at least one uppercase letter in their PIN.
Disabled: Users can't include an uppercase letter in their PIN.|
### Phone Sign-in
@@ -60,30 +60,30 @@ The following table lists the MDM policy settings that you can configure for Win
|Policy|Scope|Default|Options|
|--- |--- |--- |--- |
-|UsePassportForWork|Device or user|True|
True: Windows Hello for Business will be provisioned for all users on the device.
False: Users will not be able to provision Windows Hello for Business.
**Note:** If Windows Hello for Business is enabled, and then the policy is changed to False, users who previously set up Windows Hello for Business can continue to use it, but will not be able to set up Windows Hello for Business on other devices
|
-|RequireSecurityDevice|Device or user|False|True: Windows Hello for Business will only be provisioned using TPM.
False: Windows Hello for Business will be provisioned using TPM if available, and will be provisioned using software if TPM is not available.|
+|UsePassportForWork|Device or user|True|
True: Windows Hello for Business will be provisioned for all users on the device.
False: Users won't be able to provision Windows Hello for Business.
**Note:** If Windows Hello for Business is enabled, and then the policy is changed to False, users who previously set up Windows Hello for Business can continue to use it, but won't be able to set up Windows Hello for Business on other devices
|
+|RequireSecurityDevice|Device or user|False|True: Windows Hello for Business will only be provisioned using TPM.
False: Windows Hello for Business will be provisioned using TPM if available, and will be provisioned using software if TPM isn't available.|
|ExcludeSecurityDevice
TPM12|Device|False|Added in Windows 10, version 1703
True: TPM revision 1.2 modules will be disallowed from being used with Windows Hello for Business.
False: TPM revision 1.2 modules will be allowed to be used with Windows Hello for Business.|
-|EnablePinRecovery|Device or use|False|
Added in Windows 10, version 1703
True: Windows Hello for Business uses the Azure-based PIN recovery service for PIN reset.
False: Windows Hello for Business does not create or store a PIN recovery secret. PIN reset does not use the Azure-based PIN recovery service. For more information about using the PIN recovery service for PIN reset see [Windows Hello for Business PIN Reset](hello-feature-pin-reset.md).|
+|EnablePinRecovery|Device or use|False|
Added in Windows 10, version 1703
True: Windows Hello for Business uses the Azure-based PIN recovery service for PIN reset.
False: Windows Hello for Business doesn't create or store a PIN recovery secret. PIN reset doesn't use the Azure-based PIN recovery service. For more information about using the PIN recovery service for PIN reset see [Windows Hello for Business PIN Reset](hello-feature-pin-reset.md).|
### Biometrics
|Policy|Scope|Default|Options|
|--- |--- |--- |--- |
|UseBiometrics|Device |False|
True: Biometrics can be used as a gesture in place of a PIN for domain sign-in.
False: Only a PIN can be used as a gesture for domain sign-in.|
-|
FacialFeaturesUser
EnhancedAntiSpoofing|Device|Not configured|
Not configured: users can choose whether to turn on enhanced anti-spoofing.
True: Enhanced anti-spoofing is required on devices which support it.
False: Users cannot turn on enhanced anti-spoofing.|
+|
FacialFeaturesUser
EnhancedAntiSpoofing|Device|Not configured|
Not configured: users can choose whether to turn on enhanced anti-spoofing.
True: Enhanced anti-spoofing is required on devices which support it.
False: Users can't turn on enhanced anti-spoofing.|
### PINComplexity
|Policy|Scope|Default|Options|
|--- |--- |--- |--- |
-|Digits |Device or user|1 |
0: Digits are allowed.
1: At least one digit is required.
2: Digits are not allowed.|
-|Lowercase letters |Device or user|2|
0: Lowercase letters are allowed.
1: At least one lowercase letter is required.
2: Lowercase letters are not allowed.|
-|Special characters|Device or user|2|
0: Special characters are allowed.
1: At least one special character is required.
2: Special characters are not allowed.|
-|Uppercase letters|Device or user|2|
0: Uppercase letters are allowed.
1: At least one uppercase letter is required.
2: Uppercase letters are not allowed.|
-|Maximum PIN length |Device or user|127 |
Maximum length that can be set is 127. Maximum length cannot be less than minimum setting.|
-|Minimum PIN length|Device or user|6|
Minimum length that can be set is 6. Minimum length cannot be greater than maximum setting.|
+|Digits |Device or user|1 |
0: Digits are allowed.
1: At least one digit is required.
2: Digits aren't allowed.|
+|Lowercase letters |Device or user|2|
0: Lowercase letters are allowed.
1: At least one lowercase letter is required.
2: Lowercase letters aren't allowed.|
+|Special characters|Device or user|2|
0: Special characters are allowed.
1: At least one special character is required.
2: Special characters aren't allowed.|
+|Uppercase letters|Device or user|2|
0: Uppercase letters are allowed.
1: At least one uppercase letter is required.
2: Uppercase letters aren't allowed.|
+|Maximum PIN length |Device or user|127 |
Maximum length that can be set is 127. Maximum length can't be less than minimum setting.|
+|Minimum PIN length|Device or user|6|
Minimum length that can be set is 6. Minimum length can't be greater than maximum setting.|
|Expiration |Device or user|0|
Integer value specifies the period of time (in days) that a PIN can be used before the system requires the user to change it. The largest number you can configure for this policy setting is 730. The lowest number you can configure for this policy setting is 0. If this policy is set to 0, then the user's PIN will never expire.|
-|History|Device or user|0|
Integer value that specifies the number of past PINs that can be associated to a user account that can't be reused. The largest number you can configure for this policy setting is 50. The lowest number you can configure for this policy setting is 0. If this policy is set to 0, then storage of previous PINs is not required.|
+|History|Device or user|0|
Integer value that specifies the number of past PINs that can be associated to a user account that can't be reused. The largest number you can configure for this policy setting is 50. The lowest number you can configure for this policy setting is 0. If this policy is set to 0, then storage of previous PINs isn't required.|
### Remote
diff --git a/windows/security/identity-protection/hello-for-business/hello-prepare-people-to-use.md b/windows/security/identity-protection/hello-for-business/hello-prepare-people-to-use.md
index 90bd5ec677..fc9083049d 100644
--- a/windows/security/identity-protection/hello-for-business/hello-prepare-people-to-use.md
+++ b/windows/security/identity-protection/hello-for-business/hello-prepare-people-to-use.md
@@ -1,5 +1,5 @@
---
-title: Prepare people to use Windows Hello (Windows)
+title: Prepare people to use Windows Hello
description: When you set a policy to require Windows Hello for Business in the workplace, you will want to prepare people in your organization.
ms.date: 08/19/2018
ms.topic: article
diff --git a/windows/security/identity-protection/remote-credential-guard.md b/windows/security/identity-protection/remote-credential-guard.md
index c492d78079..41748c9408 100644
--- a/windows/security/identity-protection/remote-credential-guard.md
+++ b/windows/security/identity-protection/remote-credential-guard.md
@@ -1,5 +1,5 @@
---
-title: Protect Remote Desktop credentials with Windows Defender Remote Credential Guard (Windows 10)
+title: Protect Remote Desktop credentials with Windows Defender Remote Credential Guard
description: Windows Defender Remote Credential Guard helps to secure your Remote Desktop credentials by never sending them to the target device.
ms.collection:
- highpri
diff --git a/windows/security/identity-protection/smart-cards/smart-card-and-remote-desktop-services.md b/windows/security/identity-protection/smart-cards/smart-card-and-remote-desktop-services.md
index 365f168f07..5443446244 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-and-remote-desktop-services.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-and-remote-desktop-services.md
@@ -1,6 +1,6 @@
---
ms.date: 09/24/2021
-title: Smart Card and Remote Desktop Services (Windows)
+title: Smart Card and Remote Desktop Services
description: This topic for the IT professional describes the behavior of Remote Desktop Services when you implement smart card sign-in.
ms.topic: article
ms.reviewer: ardenw
diff --git a/windows/security/identity-protection/smart-cards/smart-card-architecture.md b/windows/security/identity-protection/smart-cards/smart-card-architecture.md
index 5a810263fc..d305de2eae 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-architecture.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-architecture.md
@@ -1,5 +1,5 @@
---
-title: Smart Card Architecture (Windows)
+title: Smart Card Architecture
description: This topic for the IT professional describes the system architecture that supports smart cards in the Windows operating system.
ms.reviewer: ardenw
ms.topic: article
diff --git a/windows/security/identity-protection/smart-cards/smart-card-certificate-propagation-service.md b/windows/security/identity-protection/smart-cards/smart-card-certificate-propagation-service.md
index bbdab0c142..f44786fcb1 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-certificate-propagation-service.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-certificate-propagation-service.md
@@ -1,5 +1,5 @@
---
-title: Certificate Propagation Service (Windows)
+title: Certificate Propagation Service
description: This topic for the IT professional describes the certificate propagation service (CertPropSvc), which is used in smart card implementation.
ms.reviewer: ardenw
ms.topic: article
diff --git a/windows/security/identity-protection/smart-cards/smart-card-certificate-requirements-and-enumeration.md b/windows/security/identity-protection/smart-cards/smart-card-certificate-requirements-and-enumeration.md
index e52b7eeabd..ac153d8216 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-certificate-requirements-and-enumeration.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-certificate-requirements-and-enumeration.md
@@ -1,5 +1,5 @@
---
-title: Certificate Requirements and Enumeration (Windows)
+title: Certificate Requirements and Enumeration
description: This topic for the IT professional and smart card developers describes how certificates are managed and used for smart card sign-in.
ms.reviewer: ardenw
ms.topic: article
diff --git a/windows/security/identity-protection/smart-cards/smart-card-debugging-information.md b/windows/security/identity-protection/smart-cards/smart-card-debugging-information.md
index 72b31805ae..afd45f5a5f 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-debugging-information.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-debugging-information.md
@@ -1,5 +1,5 @@
---
-title: Smart Card Troubleshooting (Windows)
+title: Smart Card Troubleshooting
description: Describes the tools and services that smart card developers can use to help identify certificate issues with the smart card deployment.
ms.reviewer: ardenw
ms.collection:
diff --git a/windows/security/identity-protection/smart-cards/smart-card-events.md b/windows/security/identity-protection/smart-cards/smart-card-events.md
index 50e701debe..2d80036a23 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-events.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-events.md
@@ -1,5 +1,5 @@
---
-title: Smart Card Events (Windows)
+title: Smart Card Events
description: This topic for the IT professional and smart card developer describes events that are related to smart card deployment and development.
ms.reviewer: ardenw
ms.topic: article
diff --git a/windows/security/identity-protection/smart-cards/smart-card-group-policy-and-registry-settings.md b/windows/security/identity-protection/smart-cards/smart-card-group-policy-and-registry-settings.md
index 78fe0f4b8a..e2ef4a9160 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-group-policy-and-registry-settings.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-group-policy-and-registry-settings.md
@@ -1,5 +1,5 @@
---
-title: Smart Card Group Policy and Registry Settings (Windows)
+title: Smart Card Group Policy and Registry Settings
description: Discover the Group Policy, registry key, local security policy, and credential delegation policy settings that are available for configuring smart cards.
ms.reviewer: ardenw
ms.topic: article
diff --git a/windows/security/identity-protection/smart-cards/smart-card-removal-policy-service.md b/windows/security/identity-protection/smart-cards/smart-card-removal-policy-service.md
index 40f781ce63..8250828ff6 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-removal-policy-service.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-removal-policy-service.md
@@ -1,5 +1,5 @@
---
-title: Smart Card Removal Policy Service (Windows)
+title: Smart Card Removal Policy Service
description: This topic for the IT professional describes the role of the removal policy service (ScPolicySvc) in smart card implementation.
ms.reviewer: ardenw
ms.topic: article
diff --git a/windows/security/identity-protection/smart-cards/smart-card-smart-cards-for-windows-service.md b/windows/security/identity-protection/smart-cards/smart-card-smart-cards-for-windows-service.md
index 170dfa5cf4..e3a98718be 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-smart-cards-for-windows-service.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-smart-cards-for-windows-service.md
@@ -1,5 +1,5 @@
---
-title: Smart Cards for Windows Service (Windows)
+title: Smart Cards for Windows Service
description: This topic for the IT professional and smart card developers describes how the Smart Cards for Windows service manages readers and application interactions.
ms.reviewer: ardenw
ms.topic: article
diff --git a/windows/security/identity-protection/smart-cards/smart-card-tools-and-settings.md b/windows/security/identity-protection/smart-cards/smart-card-tools-and-settings.md
index bb1e4d8fb6..4de4acbfc6 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-tools-and-settings.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-tools-and-settings.md
@@ -1,5 +1,5 @@
---
-title: Smart Card Tools and Settings (Windows)
+title: Smart Card Tools and Settings
description: This topic for the IT professional and smart card developer links to information about smart card debugging, settings, and events.
ms.reviewer: ardenw
ms.topic: article
diff --git a/windows/security/identity-protection/smart-cards/smart-card-windows-smart-card-technical-reference.md b/windows/security/identity-protection/smart-cards/smart-card-windows-smart-card-technical-reference.md
index 3b74397463..07d20ddf30 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-windows-smart-card-technical-reference.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-windows-smart-card-technical-reference.md
@@ -1,5 +1,5 @@
---
-title: Smart Card Technical Reference (Windows)
+title: Smart Card Technical Reference
description: Learn about the Windows smart card infrastructure for physical smart cards, and how smart card-related components work in Windows.
ms.reviewer: ardenw
ms.topic: article
diff --git a/windows/security/identity-protection/user-account-control/how-user-account-control-works.md b/windows/security/identity-protection/user-account-control/how-user-account-control-works.md
index 0e56328a44..97c4196886 100644
--- a/windows/security/identity-protection/user-account-control/how-user-account-control-works.md
+++ b/windows/security/identity-protection/user-account-control/how-user-account-control-works.md
@@ -1,5 +1,5 @@
---
-title: How User Account Control works (Windows)
+title: How User Account Control works
description: User Account Control (UAC) is a fundamental component of Microsoft's overall security vision. UAC helps mitigate the impact of malware.
ms.collection:
- highpri
diff --git a/windows/security/identity-protection/user-account-control/user-account-control-group-policy-and-registry-key-settings.md b/windows/security/identity-protection/user-account-control/user-account-control-group-policy-and-registry-key-settings.md
index 08e9ce3e06..acd299f115 100644
--- a/windows/security/identity-protection/user-account-control/user-account-control-group-policy-and-registry-key-settings.md
+++ b/windows/security/identity-protection/user-account-control/user-account-control-group-policy-and-registry-key-settings.md
@@ -1,5 +1,5 @@
---
-title: User Account Control Group Policy and registry key settings (Windows)
+title: User Account Control Group Policy and registry key settings
description: Here's a list of UAC Group Policy and registry key settings that your organization can use to manage UAC.
ms.collection:
- highpri
diff --git a/windows/security/identity-protection/user-account-control/user-account-control-overview.md b/windows/security/identity-protection/user-account-control/user-account-control-overview.md
index ad89a60ec7..b3db8ed5ef 100644
--- a/windows/security/identity-protection/user-account-control/user-account-control-overview.md
+++ b/windows/security/identity-protection/user-account-control/user-account-control-overview.md
@@ -1,14 +1,14 @@
---
-title: User Account Control (Windows)
-description: User Account Control (UAC) helps prevent malware from damaging a PC and helps organizations deploy a better-managed desktop.
+title: User Account Control overview
+description: Learn about User Account Control (UAC) and how it helps preventing malware from damaging a device and helps organizations deploy a better-managed desktop.
ms.collection:
- highpri
- tier2
-ms.topic: article
-ms.date: 09/24/2011
+ms.topic: conceptual
+ms.date: 05/18/2023
---
-# User Account Control
+# User Account Control overview
User Account Control (UAC) helps prevent malware from damaging a PC and helps organizations deploy a better-managed desktop. With UAC, apps and tasks always run in the security context of a non-administrator account, unless an administrator specifically authorizes administrator-level access to the system. UAC can block the automatic installation of unauthorized apps and prevent inadvertent changes to system settings.
@@ -24,14 +24,13 @@ When an app needs to run with more than standard user rights, UAC allows users t
Admin Approval Mode in UAC helps prevent malware from silently installing without an administrator's knowledge. It also helps protect from inadvertent system-wide changes. Lastly, it can be used to enforce a higher level of compliance where administrators must actively consent or provide credentials for each administrative process.
+## Next steps
-## In this section
+Learn more about UAC and how to configure it for your organization.
| Topic | Description |
| - | - |
| [How User Account Control works](how-user-account-control-works.md) | User Account Control (UAC) is a fundamental component of Microsoft's overall security vision. UAC helps mitigate the impact of malware. |
| [User Account Control security policy settings](user-account-control-security-policy-settings.md) | You can use security policies to configure how User Account Control works in your organization. They can be configured locally by using the Local Security Policy snap-in (secpol.msc) or configured for the domain, OU, or specific groups by Group Policy. |
| [User Account Control Group Policy and registry key settings](user-account-control-group-policy-and-registry-key-settings.md) | Here's a list of UAC Group Policy and registry key settings that your organization can use to manage UAC. |
-
-
-
+
\ No newline at end of file
diff --git a/windows/security/identity-protection/user-account-control/user-account-control-security-policy-settings.md b/windows/security/identity-protection/user-account-control/user-account-control-security-policy-settings.md
index ffdb4e4a3f..c2f4f1019a 100644
--- a/windows/security/identity-protection/user-account-control/user-account-control-security-policy-settings.md
+++ b/windows/security/identity-protection/user-account-control/user-account-control-security-policy-settings.md
@@ -1,5 +1,5 @@
---
-title: User Account Control security policy settings (Windows)
+title: User Account Control security policy settings
description: You can use security policies to configure how User Account Control works in your organization.
ms.topic: article
ms.date: 09/24/2021
diff --git a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-get-started.md b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-get-started.md
index 9d8e125298..e3348db8ba 100644
--- a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-get-started.md
+++ b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-get-started.md
@@ -1,5 +1,5 @@
---
-title: Get Started with Virtual Smart Cards - Walkthrough Guide (Windows 10)
+title: Get Started with Virtual Smart Cards - Walkthrough Guide
description: This topic for the IT professional describes how to set up a basic test environment for using TPM virtual smart cards.
ms.topic: conceptual
ms.date: 02/22/2023
diff --git a/windows/security/identity-protection/vpn/images/vpn-app-rules.png b/windows/security/identity-protection/vpn/images/vpn-app-rules.png
deleted file mode 100644
index edc4a24209..0000000000
Binary files a/windows/security/identity-protection/vpn/images/vpn-app-rules.png and /dev/null differ
diff --git a/windows/security/identity-protection/vpn/images/vpn-app-trigger.PNG b/windows/security/identity-protection/vpn/images/vpn-app-trigger.PNG
deleted file mode 100644
index aebd913df5..0000000000
Binary files a/windows/security/identity-protection/vpn/images/vpn-app-trigger.PNG and /dev/null differ
diff --git a/windows/security/identity-protection/vpn/images/vpn-connection-intune.png b/windows/security/identity-protection/vpn/images/vpn-connection-intune.png
deleted file mode 100644
index 8098b3445e..0000000000
Binary files a/windows/security/identity-protection/vpn/images/vpn-connection-intune.png and /dev/null differ
diff --git a/windows/security/identity-protection/vpn/images/vpn-eap-xml.png b/windows/security/identity-protection/vpn/images/vpn-eap-xml.png
deleted file mode 100644
index 9a90401c88..0000000000
Binary files a/windows/security/identity-protection/vpn/images/vpn-eap-xml.png and /dev/null differ
diff --git a/windows/security/identity-protection/vpn/images/vpn-name-intune.png b/windows/security/identity-protection/vpn/images/vpn-name-intune.png
deleted file mode 100644
index a7b3bfe3b4..0000000000
Binary files a/windows/security/identity-protection/vpn/images/vpn-name-intune.png and /dev/null differ
diff --git a/windows/security/identity-protection/vpn/images/vpn-split-route.png b/windows/security/identity-protection/vpn/images/vpn-split-route.png
deleted file mode 100644
index 12c3fe64d6..0000000000
Binary files a/windows/security/identity-protection/vpn/images/vpn-split-route.png and /dev/null differ
diff --git a/windows/security/identity-protection/vpn/images/vpn-split.png b/windows/security/identity-protection/vpn/images/vpn-split.png
deleted file mode 100644
index b4143ab1e5..0000000000
Binary files a/windows/security/identity-protection/vpn/images/vpn-split.png and /dev/null differ
diff --git a/windows/security/identity-protection/vpn/images/vpn-traffic-rules.png b/windows/security/identity-protection/vpn/images/vpn-traffic-rules.png
deleted file mode 100644
index fa7b526e80..0000000000
Binary files a/windows/security/identity-protection/vpn/images/vpn-traffic-rules.png and /dev/null differ
diff --git a/windows/security/identity-protection/vpn/vpn-auto-trigger-profile.md b/windows/security/identity-protection/vpn/vpn-auto-trigger-profile.md
deleted file mode 100644
index 51c5aebb16..0000000000
--- a/windows/security/identity-protection/vpn/vpn-auto-trigger-profile.md
+++ /dev/null
@@ -1,94 +0,0 @@
----
-title: VPN auto-triggered profile options (Windows 10 and Windows 11)
-description: Learn about the types of auto-trigger rules for VPNs in Windows, which start a VPN when it is needed to access a resource.
-ms.date: 09/23/2021
-ms.topic: conceptual
----
-
-# VPN auto-triggered profile options
-
-In Windows 10 and Windows 11, a number of features have been added to auto-trigger VPN so users won't have to manually connect when VPN is needed to access necessary resources. There are three different types of auto-trigger rules:
-
-- App trigger
-- Name-based trigger
-- Always On
-
-> [!NOTE]
-> Auto-triggered VPN connections will not work if Folder Redirection for AppData is enabled. Either Folder Redirection for AppData must be disabled or the auto-triggered VPN profile must be deployed in system context, which changes the path to where the rasphone.pbk file is stored.
-
-
-## App trigger
-
-VPN profiles in Windows 10 or Windows 11 can be configured to connect automatically on the launch of a specified set of applications. You can configure desktop or Universal Windows Platform (UWP) apps to trigger a VPN connection. You can also configure per-app VPN and specify traffic rules for each app. See [Traffic filters](vpn-security-features.md#traffic-filters) for more details.
-
-The app identifier for a desktop app is a file path. The app identifier for a UWP app is a package family name.
-
-[Find a package family name (PFN) for per-app VPN configuration](/mem/configmgr/protect/deploy-use/find-a-pfn-for-per-app-vpn)
-
-## Name-based trigger
-
-You can configure a domain name-based rule so that a specific domain name triggers the VPN connection.
-
-Name-based auto-trigger can be configured using the VPNv2/*ProfileName*/DomainNameInformationList/dniRowId/AutoTrigger setting in the [VPNv2 Configuration Service Provider (CSP)](/windows/client-management/mdm/vpnv2-csp).
-
-There are four types of name-based triggers:
-
-- Short name: for example, if **HRweb** is configured as a trigger and the stack sees a DNS resolution request for **HRweb**, the VPN will be triggered.
-- Fully-qualified domain name (FQDN): for example, if **HRweb.corp.contoso.com** is configured as a trigger and the stack sees a DNS resolution request for **HRweb.corp.contoso.com**, the VPN will be triggered.
-- Suffix: for example, if **.corp.contoso.com** is configured as a trigger and the stack sees a DNS resolution request with a matching suffix (such as **HRweb.corp.contoso.com**), the VPN will be triggered. For any short name resolution, VPN will be triggered and the DNS server will be queried for the *ShortName*.**corp.contoso.com**.
-- All: if used, all DNS resolution should trigger VPN.
-
-
-## Always On
-
-Always On is a feature in Windows 10 and Windows 11 which enables the active VPN profile to connect automatically on the following triggers:
-
-- User sign-in
-- Network change
-- Device screen on
-
-When the trigger occurs, VPN tries to connect. If an error occurs or any user input is needed, the user is shown a toast notification for additional interaction.
-
-
-When a device has multiple profiles with Always On triggers, the user can specify the active profile in **Settings** > **Network & Internet** > **VPN** > *VPN profile* by selecting the **Let apps automatically use this VPN connection** checkbox. By default, the first MDM-configured profile is marked as **Active**. Devices with multiple users have the same restriction: only one profile and therefore only one user will be able to use the Always On triggers.
-
-## Preserving user Always On preference
-
-Windows has a feature to preserve a user's AlwaysOn preference. In the event that a user manually unchecks the "Connect automatically" checkbox, Windows will remember this user preference for this profile name by adding the profile name to the value **AutoTriggerDisabledProfilesList**.
-
-Should a management tool remove or add the same profile name back and set **AlwaysOn** to **true**, Windows will not check the box if the profile name exists in the following registry value in order to preserve user preference.
-
-**Key:** HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan\Config
-**Value:** AutoTriggerDisabledProfilesList
-**Type:** REG_MULTI_SZ
-
-
-## Trusted network detection
-
-This feature configures the VPN such that it would not get triggered if a user is on a trusted corporate network. The value of this setting is a list of DNS suffixes. The VPN stack will look at the network name of the physical interface connection profile and if it matches any in the configured list and the network is private or provisioned by MDM, then VPN will not get triggered.
-
-Trusted network detection can be configured using the VPNv2/*ProfileName*/TrustedNetworkDetection setting in the [VPNv2 CSP](/windows/client-management/mdm/vpnv2-csp).
-
-
-## Configure app-triggered VPN
-
-See [VPN profile options](vpn-profile-options.md) and [VPNv2 CSP](/windows/client-management/mdm/vpnv2-csp) for XML configuration.
-
-The following image shows associating an app to a VPN connection in a VPN Profile configuration policy using Microsoft Intune.
-
-
-
-After you add an associated app, if you select the **Only these apps can use this VPN connection (per-app VPN)** checkbox, the app becomes available in **Corporate Boundaries**, where you can configure rules for the app. See [Traffic filters](vpn-security-features.md#traffic-filters) for more details.
-
-
-
-## Related topics
-
-- [VPN technical guide](vpn-guide.md)
-- [VPN connection types](vpn-connection-type.md)
-- [VPN routing decisions](vpn-routing.md)
-- [VPN authentication options](vpn-authentication.md)
-- [VPN and conditional access](vpn-conditional-access.md)
-- [VPN name resolution](vpn-name-resolution.md)
-- [VPN security features](vpn-security-features.md)
-- [VPN profile options](vpn-profile-options.md)
diff --git a/windows/security/identity-protection/vpn/vpn-connection-type.md b/windows/security/identity-protection/vpn/vpn-connection-type.md
deleted file mode 100644
index 0ae1626c8b..0000000000
--- a/windows/security/identity-protection/vpn/vpn-connection-type.md
+++ /dev/null
@@ -1,75 +0,0 @@
----
-title: VPN connection types (Windows 10 and Windows 11)
-description: Learn about Windows VPN platform clients and the VPN connection-type features that can be configured.
-ms.date: 08/23/2021
-ms.topic: conceptual
----
-
-# VPN connection types
-
-Virtual private networks (VPNs) are point-to-point connections across a private or public network, such as the Internet. A VPN client uses special TCP/IP or UDP-based protocols, called *tunneling protocols*, to make a virtual call to a virtual port on a VPN server. In a typical VPN deployment, a client initiates a virtual point-to-point connection to a remote access server over the Internet. The remote access server answers the call, authenticates the caller, and transfers data between the VPN client and the organization's private network.
-
-There are many options for VPN clients. In Windows 10 and Windows 11, the built-in plug-in and the Universal Windows Platform (UWP) VPN plug-in platform are built on top of the Windows VPN platform. This guide focuses on the Windows VPN platform clients and the features that can be configured.
-
-
-
-## Built-in VPN client
-
-- Tunneling protocols
-
- - [Internet Key Exchange version 2 (IKEv2)](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/ff687731(v=ws.10))
-
- Configure the IPsec/IKE tunnel cryptographic properties using the **Cryptography Suite** setting in the [VPNv2 Configuration Service Provider (CSP)](/windows/client-management/mdm/vpnv2-csp).
-
- - [L2TP](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/ff687761(v=ws.10))
-
- L2TP with pre-shared key (PSK) authentication can be configured using the **L2tpPsk** setting in the [VPNv2 CSP](/windows/client-management/mdm/vpnv2-csp).
-
- - [PPTP](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/ff687676(v=ws.10))
-
- - [SSTP](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/ff687819(v=ws.10))
-
- SSTP is supported for Windows desktop editions only. SSTP cannot be configured using mobile device management (MDM), but it is one of the protocols attempted in the **Automatic** option.
-
- > [!NOTE]
- > When a VPN plug-in is used, the adapter will be listed as an SSTP adapter, even though the VPN protocol used is the plug-in's protocol.
-
-- Automatic
-
- The **Automatic** option means that the device will try each of the built-in tunneling protocols until one succeeds. It will attempt from most secure to least secure.
-
- Configure **Automatic** for the **NativeProtocolType** setting in the [VPNv2 CSP](/windows/client-management/mdm/vpnv2-csp).
-
-
-
-## Universal Windows Platform VPN plug-in
-
-The Universal Windows Platform (UWP) VPN plug-ins were introduced in Windows 10 and Windows 11, although there was originally separate version available for the Windows 8.1 PC platform. Using the UWP platform, third-party VPN providers can create app-containerized plug-ins using WinRT APIs, eliminating the complexity and problems often associated with writing to system-level drivers.
-
-There are a number of Universal Windows Platform VPN applications, such as Pulse Secure, Cisco AnyConnect, F5 Access, Sonicwall Mobile Connect, and Check Point Capsule. If you want to use a UWP VPN plug-in, work with your vendor for any custom settings needed to configure your VPN solution.
-
-## Configure connection type
-
-See [VPN profile options](vpn-profile-options.md) and [VPNv2 CSP](/windows/client-management/mdm/vpnv2-csp) for XML configuration.
-
-The following image shows connection options in a VPN Profile configuration policy using Microsoft Intune:
-
-> [!div class="mx-imgBorder"]
-> 
-
-In Intune, you can also include custom XML for third-party plug-in profiles:
-
-> [!div class="mx-imgBorder"]
-> 
-
-
-## Related topics
-
-- [VPN technical guide](vpn-guide.md)
-- [VPN routing decisions](vpn-routing.md)
-- [VPN authentication options](vpn-authentication.md)
-- [VPN and conditional access](vpn-conditional-access.md)
-- [VPN name resolution](vpn-name-resolution.md)
-- [VPN auto-triggered profile options](vpn-auto-trigger-profile.md)
-- [VPN security features](vpn-security-features.md)
-- [VPN profile options](vpn-profile-options.md)
diff --git a/windows/security/identity-protection/vpn/vpn-name-resolution.md b/windows/security/identity-protection/vpn/vpn-name-resolution.md
deleted file mode 100644
index 2c6402477a..0000000000
--- a/windows/security/identity-protection/vpn/vpn-name-resolution.md
+++ /dev/null
@@ -1,74 +0,0 @@
----
-title: VPN name resolution (Windows 10 and Windows 11)
-description: Learn how the name resolution setting in the VPN profile configures how name resolution works when a VPN client connects to a VPN server.
-ms.date: 09/23/2021
-ms.topic: conceptual
----
-
-# VPN name resolution
-
-When the VPN client connects to the VPN server, the VPN client receives the client IP address. The client may also receive the IP address of the Domain Name System (DNS) server and the IP address of the Windows Internet Name Service (WINS) server.
-
-The name resolution setting in the VPN profile configures how name resolution should work on the system when VPN is connected. The networking stack first looks at the Name Resolution Policy table (NRPT) for any matches and tries a resolution in the case of a match. If no match is found, the DNS suffix on the most preferred interface based on the interface metric is appended to the name (in the case of a short name) and a DNS query is sent out on the preferred interface. If the query times out, the DNS suffix search list is used in order and DNS queries are sent on all interfaces.
-
-## Name Resolution Policy table (NRPT)
-
-The NRPT is a table of namespaces that determines the DNS client's behavior when issuing name resolution queries and processing responses. It is the first place that the stack will look after the DNSCache.
-
-There are 3 types of name matches that can set up for NRPT:
-
-- Fully qualified domain name (FQDN) that can be used for direct matching to a name
-
-- Suffix match results in either a comparison of suffixes (for FQDN resolution) or the appending of the suffix (in case of a short name)
-
-- Any resolution should attempt to first resolve with the proxy server/DNS server with this entry
-
-NRPT is set using the **VPNv2/*ProfileName*/DomainNameInformationList** node of the [VPNv2 CSP](/windows/client-management/mdm/vpnv2-csp). This node also configures Web proxy server or domain name servers.
-
-[Learn more about NRPT](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/ee649207(v=ws.10))
-
-
-## DNS suffix
-
-This setting is used to configure the primary DNS suffix for the VPN interface and the suffix search list after the VPN connection is established.
-
-Primary DNS suffix is set using the **VPNv2/*ProfileName*/DnsSuffix** node.
-
-
-
-[Learn more about primaryDNS suffix](/previous-versions/windows/it-pro/windows-2000-server/cc959611(v=technet.10))
-
-## Persistent
-
-You can also configure *persistent* name resolution rules. Name resolution for specified items will only be performed over the VPN.
-
-Persistent name resolution is set using the **VPNv2/*ProfileName*/DomainNameInformationList//*dniRowId*/Persistent** node.
-
-
-
-## Configure name resolution
-
-See [VPN profile options](vpn-profile-options.md) and [VPNv2 CSP](/windows/client-management/mdm/vpnv2-csp) for XML configuration.
-
-The following image shows name resolution options in a VPN Profile configuration policy using Microsoft Intune.
-
-
-
-The fields in **Add or edit DNS rule** in the Intune profile correspond to the XML settings shown in the following table.
-
-| Field | XML |
-| --- | --- |
-| **Name** | **VPNv2/*ProfileName*/DomainNameInformationList/*dniRowId*/DomainName** |
-| **Servers (comma separated)** | **VPNv2/*ProfileName*/DomainNameInformationList/*dniRowId*/DnsServers** |
-| **Proxy server** | **VPNv2/*ProfileName*/DomainNameInformationList/*dniRowId*/WebServers** |
-
-## Related topics
-
-- [VPN technical guide](vpn-guide.md)
-- [VPN connection types](vpn-connection-type.md)
-- [VPN routing decisions](vpn-routing.md)
-- [VPN authentication options](vpn-authentication.md)
-- [VPN and conditional access](vpn-conditional-access.md)
-- [VPN auto-triggered profile options](vpn-auto-trigger-profile.md)
-- [VPN security features](vpn-security-features.md)
-- [VPN profile options](vpn-profile-options.md)
\ No newline at end of file
diff --git a/windows/security/identity-protection/vpn/vpn-routing.md b/windows/security/identity-protection/vpn/vpn-routing.md
deleted file mode 100644
index 925b124da9..0000000000
--- a/windows/security/identity-protection/vpn/vpn-routing.md
+++ /dev/null
@@ -1,59 +0,0 @@
----
-ms.date: 09/23/2021
-title: VPN routing decisions
-description: Learn about approaches that either send all data through a VPN or only selected data. The one you choose impacts capacity planning and security expectations.
-ms.topic: conceptual
----
-# VPN routing decisions
-
-Network routes are required for the stack to understand which interface to use for outbound traffic. One of the most important decision points for VPN configuration is whether you want to send all the data through VPN (*force tunnel*) or only some data through the VPN (*split tunnel*). This decision impacts the configuration and the capacity planning, as well as security expectations from the connection.
-
-## Split tunnel configuration
-
-In a split tunnel configuration, routes can be specified to go over VPN and all other traffic will go over the physical interface.
-
-Routes can be configured using the VPNv2/*ProfileName*/RouteList setting in the [VPNv2 Configuration Service Provider (CSP)](/windows/client-management/mdm/vpnv2-csp).
-
-For each route item in the list, the following can be specified:
-
-- **Address**: VPNv2/*ProfileName*/RouteList/*routeRowId*/Address
-- **Prefix size**: VPNv2/*ProfileName*/RouteList/*routeRowId*/Prefix
-- **Exclusion route**: VPNv2/*ProfileName*/RouteList/*routeRowId*/ExclusionRoute
-
- Windows VPN platform now supports the ability to specify exclusion routes that specifically should not go over the physical interface.
-
-Routes can also be added at connect time through the server for UWP VPN apps.
-
-## Force tunnel configuration
-
-In a force tunnel configuration, all traffic will go over VPN. This is the default configuration and takes effect if no routes are specified.
-
-The only implication of this setting is the manipulation of routing entries. In the case of a force tunnel, VPN V4 and V6 default routes (for example. 0.0.0.0/0) are added to the routing table with a lower metric than ones for other interfaces. This sends traffic through the VPN as long as there isn't a specific route on the physical interface itself.
-
-For built-in VPN, this decision is controlled using the MDM setting **VPNv2/ProfileName/NativeProfile/RoutingPolicyType**.
-
-For a UWP VPN plug-in, this property is directly controlled by the app. If the VPN plug-in indicates the default route for IPv4 and IPv6 as the only two Inclusion routes, the VPN platform marks the connection as Force Tunneled.
-
-## Configure routing
-
-See [VPN profile options](vpn-profile-options.md) and [VPNv2 CSP](/windows/client-management/mdm/vpnv2-csp) for XML configuration.
-
-When you configure a VPN profile in Microsoft Intune, you select a checkbox to enable split tunnel configuration.
-
-
-
-Next, in **Corporate Boundaries**, you add the routes that should use the VPN connection.
-
-
-
-
-## Related topics
-
-- [VPN technical guide](vpn-guide.md)
-- [VPN connection types](vpn-connection-type.md)
-- [VPN authentication options](vpn-authentication.md)
-- [VPN and conditional access](vpn-conditional-access.md)
-- [VPN name resolution](vpn-name-resolution.md)
-- [VPN auto-triggered profile options](vpn-auto-trigger-profile.md)
-- [VPN security features](vpn-security-features.md)
-- [VPN profile options](vpn-profile-options.md)
\ No newline at end of file
diff --git a/windows/security/identity-protection/vpn/vpn-security-features.md b/windows/security/identity-protection/vpn/vpn-security-features.md
deleted file mode 100644
index c4d9da3ec4..0000000000
--- a/windows/security/identity-protection/vpn/vpn-security-features.md
+++ /dev/null
@@ -1,84 +0,0 @@
----
-title: VPN security features
-description: Learn about security features for VPN, including LockDown VPN, Windows Information Protection integration with VPN, and traffic filters.
-ms.date: 07/21/2022
-ms.topic: conceptual
----
-
-# VPN security features
-
-## Hyper-V based containers and VPN
-
-Windows supports different kinds of Hyper-V based containers. This support includes, but isn't limited to, Microsoft Defender Application Guard and Windows Sandbox. When you use 3rd party VPN solutions, these Hyper-V based containers may not be able to seamlessly connect to the internet. Additional configurational changes might be needed to resolve connectivity issues.
-
-For example, for more information on a workaround for Cisco AnyConnect VPN, see [Cisco AnyConnect Secure Mobility Client Administrator Guide: Connectivity issues with VM-based subsystems](https://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect410/administration/guide/b-anyconnect-admin-guide-4-10/troubleshoot-anyconnect.html#Cisco_Task_in_List_GUI.dita_3a9a8101-f034-4e9b-b24a-486ee47b5e9f).
-
-## Windows Information Protection (WIP) integration with VPN
-
-Windows Information Protection provides capabilities allowing the separation and protection of enterprise data against disclosure across both company and personally owned devices, without requiring additional changes to the environments or the apps themselves. Additionally, when used with Rights Management Services (RMS), WIP can help to protect enterprise data locally.
-
-The **EdpModeId** node in the [VPNv2 Configuration Service Provider (CSP)](/windows/client-management/mdm/vpnv2-csp) allows a Windows 10 or Windows 11 VPN client to integrate with WIP, extending its functionality to remote devices. Use case scenarios for WIP include:
-
-- Core functionality: File encryption and file access blocking
-- UX policy enforcement: Restricting copy/paste, drag/drop, and sharing operations
-- WIP network policy enforcement: Protecting intranet resources over the corporate network and VPN
-- Network policy enforcement: Protecting SMB and Internet cloud resources over the corporate network and VPN
-
-The value of the **EdpModeId** is an Enterprise ID. The networking stack will look for this ID in the app token to determine whether VPN should be triggered for that particular app.
-
-Additionally, when connecting with WIP, the admin does not have to specify AppTriggerList and TrafficFilterList rules separately in this profile (unless more advanced configuration is needed) because the WIP policies and App lists automatically take effect.
-
-[Learn more about Windows Information Protection](/windows/threat-protection/windows-information-protection/protect-enterprise-data-using-wip)
-
-
-## Traffic Filters
-
-Traffic Filters give enterprises the ability to decide what traffic is allowed into the corporate network based on policy. Network admins can use Traffic Filters to effectively add interface specific firewall rules on the VPN Interface. There are two types of Traffic Filter rules:
-
-- App-based rules. With app-based rules, a list of applications can be marked to allow only traffic originating from these apps to go over the VPN interface.
-- Traffic-based rules. Traffic-based rules are 5-tuple policies (ports, addresses, protocol) that can be specified to allow only traffic matching these rules to go over the VPN interface.
-
-There can be many sets of rules which are linked by OR. Within each set, there can be app-based rules and traffic-based rules; all the properties within the set will be linked by AND. In addition, these rules can be applied at a per-app level or a per-device level.
-
-For example, an admin could define rules that specify:
-
-- The Contoso HR App must be allowed to go through the VPN and only access port 4545.
-- The Contoso finance apps are allowed to go over the VPN and only access the Remote IP ranges of 10.10.0.40 - 10.10.0.201 on port 5889.
-- All other apps on the device should be able to access only ports 80 or 443.
-
-## Configure traffic filters
-
-See [VPN profile options](vpn-profile-options.md) and [VPNv2 CSP](/windows/client-management/mdm/vpnv2-csp) for XML configuration.
-
-The following image shows the interface to configure traffic rules in a VPN Profile configuration policy, using Microsoft Intune.
-
-
-
-
-## LockDown VPN
-
-A VPN profile configured with LockDown secures the device to only allow network traffic over the VPN interface. It has the following features:
-
-- The system attempts to keep the VPN connected at all times.
-- The user cannot disconnect the VPN connection.
-- The user cannot delete or modify the VPN profile.
-- The VPN LockDown profile uses forced tunnel connection.
-- If the VPN connection is not available, outbound network traffic is blocked.
-- Only one VPN LockDown profile is allowed on a device.
-
-> [!NOTE]
-> For built-in VPN, LockDown VPN is only available for the Internet Key Exchange version 2 (IKEv2) connection type.
-
-Deploy this feature with caution, as the resultant connection will not be able to send or receive any network traffic without the VPN being connected.
-
-
-## Related topics
-
-- [VPN technical guide](vpn-guide.md)
-- [VPN connection types](vpn-connection-type.md)
-- [VPN routing decisions](vpn-routing.md)
-- [VPN authentication options](vpn-authentication.md)
-- [VPN and conditional access](vpn-conditional-access.md)
-- [VPN name resolution](vpn-name-resolution.md)
-- [VPN auto-triggered profile options](vpn-auto-trigger-profile.md)
-- [VPN profile options](vpn-profile-options.md)
diff --git a/windows/security/index.yml b/windows/security/index.yml
index ce7aece4b4..535f5f269a 100644
--- a/windows/security/index.yml
+++ b/windows/security/index.yml
@@ -90,7 +90,7 @@ landingContent:
- text: Application Guard
url: threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md
- text: Windows Sandbox
- url: threat-protection/windows-sandbox/windows-sandbox-overview.md
+ url: application-security\application-isolation\windows-sandbox\windows-sandbox-overview.md
- text: Microsoft Defender SmartScreen
url: threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md
- text: S/MIME for Windows
diff --git a/windows/security/information-protection/bitlocker/bcd-settings-and-bitlocker.md b/windows/security/information-protection/bitlocker/bcd-settings-and-bitlocker.md
index c8a7446c07..9ed2b2769e 100644
--- a/windows/security/information-protection/bitlocker/bcd-settings-and-bitlocker.md
+++ b/windows/security/information-protection/bitlocker/bcd-settings-and-bitlocker.md
@@ -1,5 +1,5 @@
---
-title: BCD settings and BitLocker (Windows 10)
+title: BCD settings and BitLocker
description: This article for IT professionals describes the BCD settings that are used by BitLocker.
ms.reviewer:
ms.prod: windows-client
diff --git a/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md b/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md
index bc4ad1b106..df0af1d002 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md
@@ -1,5 +1,5 @@
---
-title: BitLocker Countermeasures (Windows 10)
+title: BitLocker Countermeasures
description: Windows uses technologies including TPM, Secure Boot, Trusted Boot, and Early Launch Anti-malware (ELAM) to protect against attacks on the BitLocker encryption key.
ms.reviewer:
ms.prod: windows-client
diff --git a/windows/security/information-protection/bitlocker/bitlocker-deployment-comparison.md b/windows/security/information-protection/bitlocker/bitlocker-deployment-comparison.md
index e922e90f32..99d7101e23 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-deployment-comparison.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-deployment-comparison.md
@@ -1,5 +1,5 @@
---
-title: BitLocker deployment comparison (Windows 10)
+title: BitLocker deployment comparison
description: This article shows the BitLocker deployment comparison chart.
ms.prod: windows-client
ms.localizationpriority: medium
diff --git a/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md b/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md
index a70f0199da..b14f859b9a 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md
@@ -1,5 +1,5 @@
---
-title: BitLocker Group Policy settings (Windows 10)
+title: BitLocker Group Policy settings
description: This article for IT professionals describes the function, location, and effect of each Group Policy setting that is used to manage BitLocker Drive Encryption.
ms.reviewer:
ms.prod: windows-client
diff --git a/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md b/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md
index 37a5af8983..442be0541b 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md
@@ -1,5 +1,5 @@
---
-title: BitLocker - How to enable Network Unlock (Windows 10)
+title: BitLocker - How to enable Network Unlock
description: This article for the IT professional describes how BitLocker Network Unlock works and how to configure it.
ms.reviewer:
ms.prod: windows-client
diff --git a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md
index ba44582914..9e538c4fef 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md
@@ -1,5 +1,5 @@
---
-title: BitLocker Use BitLocker Drive Encryption Tools to manage BitLocker (Windows 10)
+title: BitLocker Use BitLocker Drive Encryption Tools to manage BitLocker
description: This article for the IT professional describes how to use tools to manage BitLocker.
ms.reviewer:
ms.prod: windows-client
diff --git a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md
index 1592e527a6..e96cf15557 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md
@@ -1,5 +1,5 @@
---
-title: BitLocker Use BitLocker Recovery Password Viewer (Windows 10)
+title: BitLocker Use BitLocker Recovery Password Viewer
description: This article for the IT professional describes how to use the BitLocker Recovery Password Viewer.
ms.reviewer:
ms.prod: windows-client
diff --git a/windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md b/windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md
index 07323ba946..415ebdab44 100644
--- a/windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md
+++ b/windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md
@@ -1,5 +1,5 @@
---
-title: Prepare the organization for BitLocker Planning and policies (Windows 10)
+title: Prepare the organization for BitLocker Planning and policies
description: This article for the IT professional explains how can to plan for a BitLocker deployment.
ms.reviewer:
ms.prod: windows-client
diff --git a/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md b/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md
index c8e7301a42..14934b6ab3 100644
--- a/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md
+++ b/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md
@@ -1,5 +1,5 @@
---
-title: Protecting cluster shared volumes and storage area networks with BitLocker (Windows 10)
+title: Protecting cluster shared volumes and storage area networks with BitLocker
description: This article for IT pros describes how to protect CSVs and SANs with BitLocker.
ms.reviewer:
ms.prod: windows-client
diff --git a/windows/security/information-protection/encrypted-hard-drive.md b/windows/security/information-protection/encrypted-hard-drive.md
index 035d511240..bb2fc98a8e 100644
--- a/windows/security/information-protection/encrypted-hard-drive.md
+++ b/windows/security/information-protection/encrypted-hard-drive.md
@@ -1,5 +1,5 @@
---
-title: Encrypted Hard Drive (Windows)
+title: Encrypted Hard Drive
description: Encrypted Hard Drive uses the rapid encryption that is provided by BitLocker Drive Encryption to enhance data security and management.
ms.reviewer:
manager: aaroncz
diff --git a/windows/security/information-protection/tpm/change-the-tpm-owner-password.md b/windows/security/information-protection/tpm/change-the-tpm-owner-password.md
index facc36e2eb..86b7b524ed 100644
--- a/windows/security/information-protection/tpm/change-the-tpm-owner-password.md
+++ b/windows/security/information-protection/tpm/change-the-tpm-owner-password.md
@@ -1,5 +1,5 @@
---
-title: Change the TPM owner password (Windows)
+title: Change the TPM owner password
description: This topic for the IT professional describes how to change the password or PIN for the owner of the Trusted Platform Module (TPM) that is installed on your system.
ms.prod: windows-client
author: paolomatarazzo
diff --git a/windows/security/information-protection/tpm/manage-tpm-commands.md b/windows/security/information-protection/tpm/manage-tpm-commands.md
index 24f72081df..1a2512a41f 100644
--- a/windows/security/information-protection/tpm/manage-tpm-commands.md
+++ b/windows/security/information-protection/tpm/manage-tpm-commands.md
@@ -1,5 +1,5 @@
---
-title: Manage TPM commands (Windows)
+title: Manage TPM commands
description: This article for the IT professional describes how to manage which Trusted Platform Module (TPM) commands are available to domain users and to local users.
ms.prod: windows-client
author: paolomatarazzo
diff --git a/windows/security/information-protection/tpm/manage-tpm-lockout.md b/windows/security/information-protection/tpm/manage-tpm-lockout.md
index d89f660756..ba4962a98d 100644
--- a/windows/security/information-protection/tpm/manage-tpm-lockout.md
+++ b/windows/security/information-protection/tpm/manage-tpm-lockout.md
@@ -1,5 +1,5 @@
---
-title: Manage TPM lockout (Windows)
+title: Manage TPM lockout
description: This article for the IT professional describes how to manage the lockout feature for the Trusted Platform Module (TPM) in Windows.
ms.prod: windows-client
author: paolomatarazzo
diff --git a/windows/security/information-protection/tpm/tpm-recommendations.md b/windows/security/information-protection/tpm/tpm-recommendations.md
index 49ae107749..2e2eb4727e 100644
--- a/windows/security/information-protection/tpm/tpm-recommendations.md
+++ b/windows/security/information-protection/tpm/tpm-recommendations.md
@@ -1,5 +1,5 @@
---
-title: TPM recommendations (Windows)
+title: TPM recommendations
description: This topic provides recommendations for Trusted Platform Module (TPM) technology for Windows.
ms.prod: windows-client
author: paolomatarazzo
diff --git a/windows/security/information-protection/tpm/trusted-platform-module-services-group-policy-settings.md b/windows/security/information-protection/tpm/trusted-platform-module-services-group-policy-settings.md
index beefbdf4be..60774172a4 100644
--- a/windows/security/information-protection/tpm/trusted-platform-module-services-group-policy-settings.md
+++ b/windows/security/information-protection/tpm/trusted-platform-module-services-group-policy-settings.md
@@ -1,5 +1,5 @@
---
-title: TPM Group Policy settings (Windows)
+title: TPM Group Policy settings
description: This topic describes the Trusted Platform Module (TPM) Services that can be controlled centrally by using Group Policy settings.
ms.prod: windows-client
author: paolomatarazzo
diff --git a/windows/security/information-protection/tpm/trusted-platform-module-top-node.md b/windows/security/information-protection/tpm/trusted-platform-module-top-node.md
index fb8113bcd3..016df0eaf9 100644
--- a/windows/security/information-protection/tpm/trusted-platform-module-top-node.md
+++ b/windows/security/information-protection/tpm/trusted-platform-module-top-node.md
@@ -1,5 +1,5 @@
---
-title: Trusted Platform Module (Windows)
+title: Trusted Platform Module
description: This topic for the IT professional provides links to information about the Trusted Platform Module (TPM) and how Windows uses it for access control and authentication.
ms.prod: windows-client
author: paolomatarazzo
diff --git a/windows/security/information-protection/windows-information-protection/app-behavior-with-wip.md b/windows/security/information-protection/windows-information-protection/app-behavior-with-wip.md
index 9c6f0e7bf8..11f11a6ce5 100644
--- a/windows/security/information-protection/windows-information-protection/app-behavior-with-wip.md
+++ b/windows/security/information-protection/windows-information-protection/app-behavior-with-wip.md
@@ -1,5 +1,5 @@
---
-title: Unenlightened and enlightened app behavior while using Windows Information Protection (WIP) (Windows 10)
+title: Unenlightened and enlightened app behavior while using Windows Information Protection (WIP)
description: Learn how unenlightened and enlightened apps might behave, based on Windows Information Protection (WIP) network policies, app configuration, and other criteria
ms.prod: windows-client
ms.localizationpriority: medium
diff --git a/windows/security/information-protection/windows-information-protection/collect-wip-audit-event-logs.md b/windows/security/information-protection/windows-information-protection/collect-wip-audit-event-logs.md
index 57ae3bc952..5cd04b1208 100644
--- a/windows/security/information-protection/windows-information-protection/collect-wip-audit-event-logs.md
+++ b/windows/security/information-protection/windows-information-protection/collect-wip-audit-event-logs.md
@@ -1,5 +1,5 @@
---
-title: How to collect Windows Information Protection (WIP) audit event logs (Windows 10)
+title: How to collect Windows Information Protection (WIP) audit event logs
description: How to collect & understand Windows Information Protection audit event logs via the Reporting configuration service provider (CSP) or Windows Event Forwarding.
ms.prod: windows-client
ms.localizationpriority: medium
diff --git a/windows/security/information-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune-azure.md b/windows/security/information-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune-azure.md
index f615270cec..f912dc23f0 100644
--- a/windows/security/information-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune-azure.md
+++ b/windows/security/information-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune-azure.md
@@ -1,5 +1,5 @@
---
-title: Associate and deploy a VPN policy for Windows Information Protection (WIP) using the Azure portal for Microsoft Intune (Windows 10)
+title: Associate and deploy a VPN policy for Windows Information Protection (WIP) using the Azure portal for Microsoft Intune
description: After you've created and deployed your Windows Information Protection (WIP) policy, use Microsoft Intune to link it to your Virtual Private Network (VPN) policy
ms.prod: windows-client
ms.localizationpriority: medium
diff --git a/windows/security/information-protection/windows-information-protection/deploy-wip-policy-using-intune-azure.md b/windows/security/information-protection/windows-information-protection/deploy-wip-policy-using-intune-azure.md
index 763518df61..745f01da04 100644
--- a/windows/security/information-protection/windows-information-protection/deploy-wip-policy-using-intune-azure.md
+++ b/windows/security/information-protection/windows-information-protection/deploy-wip-policy-using-intune-azure.md
@@ -1,5 +1,5 @@
---
-title: Deploy your Windows Information Protection (WIP) policy using the Azure portal for Microsoft Intune (Windows 10)
+title: Deploy your Windows Information Protection (WIP) policy using the Azure portal for Microsoft Intune
description: After you've created your Windows Information Protection (WIP) policy, you'll need to deploy it to your organization's enrolled devices.
ms.prod: windows-client
ms.localizationpriority: medium
diff --git a/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md b/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md
index e33efd5a86..198006483b 100644
--- a/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md
+++ b/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md
@@ -1,5 +1,5 @@
---
-title: List of enlightened Microsoft apps for use with Windows Information Protection (WIP) (Windows 10)
+title: List of enlightened Microsoft apps for use with Windows Information Protection (WIP)
description: Learn the difference between enlightened and unenlightened apps. Find out which enlightened apps are provided by Microsoft. Learn how to allow-list them.
ms.reviewer:
ms.prod: windows-client
diff --git a/windows/security/information-protection/windows-information-protection/guidance-and-best-practices-wip.md b/windows/security/information-protection/windows-information-protection/guidance-and-best-practices-wip.md
index d7e91a25ce..b6358e6d30 100644
--- a/windows/security/information-protection/windows-information-protection/guidance-and-best-practices-wip.md
+++ b/windows/security/information-protection/windows-information-protection/guidance-and-best-practices-wip.md
@@ -1,5 +1,5 @@
---
-title: General guidance and best practices for Windows Information Protection (WIP) (Windows 10)
+title: General guidance and best practices for Windows Information Protection (WIP)
description: Find resources about apps that can work with Windows Information Protection (WIP) to protect data. Enlightened apps can tell corporate and personal data apart.
ms.prod: windows-client
ms.localizationpriority: medium
diff --git a/windows/security/information-protection/windows-information-protection/mandatory-settings-for-wip.md b/windows/security/information-protection/windows-information-protection/mandatory-settings-for-wip.md
index 2670396304..83eea4e8b9 100644
--- a/windows/security/information-protection/windows-information-protection/mandatory-settings-for-wip.md
+++ b/windows/security/information-protection/windows-information-protection/mandatory-settings-for-wip.md
@@ -1,5 +1,5 @@
---
-title: Mandatory tasks and settings required to turn on Windows Information Protection (WIP) (Windows 10)
+title: Mandatory tasks and settings required to turn on Windows Information Protection (WIP)
description: Review all of the tasks required for Windows to turn on Windows Information Protection (WIP), formerly enterprise data protection (EDP), in your enterprise.
ms.prod: windows-client
ms.localizationpriority: medium
diff --git a/windows/security/information-protection/windows-information-protection/overview-create-wip-policy-configmgr.md b/windows/security/information-protection/windows-information-protection/overview-create-wip-policy-configmgr.md
index 1ee0d46093..529715e6d2 100644
--- a/windows/security/information-protection/windows-information-protection/overview-create-wip-policy-configmgr.md
+++ b/windows/security/information-protection/windows-information-protection/overview-create-wip-policy-configmgr.md
@@ -1,5 +1,5 @@
---
-title: Create a Windows Information Protection (WIP) policy using Microsoft Configuration Manager (Windows 10)
+title: Create a Windows Information Protection (WIP) policy using Microsoft Configuration Manager
description: Microsoft Configuration Manager helps you create and deploy your enterprise data protection (WIP) policy, including letting you choose your protected apps, your WIP-protection level, and how to find enterprise data on the network.
ms.prod: windows-client
ms.localizationpriority: medium
diff --git a/windows/security/information-protection/windows-information-protection/overview-create-wip-policy.md b/windows/security/information-protection/windows-information-protection/overview-create-wip-policy.md
index 7d74fb57ea..95ecaef6c6 100644
--- a/windows/security/information-protection/windows-information-protection/overview-create-wip-policy.md
+++ b/windows/security/information-protection/windows-information-protection/overview-create-wip-policy.md
@@ -1,5 +1,5 @@
---
-title: Create a Windows Information Protection (WIP) policy using Microsoft Intune (Windows 10)
+title: Create a Windows Information Protection (WIP) policy using Microsoft Intune
description: Microsoft Intune helps you create and deploy your enterprise data protection (WIP) policy.
ms.reviewer:
ms.prod: windows-client
diff --git a/windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md b/windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md
index 903e701613..46f941f6f7 100644
--- a/windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md
+++ b/windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md
@@ -1,5 +1,5 @@
---
-title: Recommended URLs for Windows Information Protection (Windows 10)
+title: Recommended URLs for Windows Information Protection
description: Recommended URLs to add to your Enterprise Cloud Resources and Neutral Resources network settings, when used with Windows Information Protection (WIP).
ms.prod: windows-client
ms.localizationpriority: medium
diff --git a/windows/security/information-protection/windows-information-protection/testing-scenarios-for-wip.md b/windows/security/information-protection/windows-information-protection/testing-scenarios-for-wip.md
index ea2cab423d..6ae2852d49 100644
--- a/windows/security/information-protection/windows-information-protection/testing-scenarios-for-wip.md
+++ b/windows/security/information-protection/windows-information-protection/testing-scenarios-for-wip.md
@@ -1,5 +1,5 @@
---
-title: Testing scenarios for Windows Information Protection (WIP) (Windows 10)
+title: Testing scenarios for Windows Information Protection (WIP)
description: A list of suggested testing scenarios that you can use to test Windows Information Protection (WIP) in your company.
ms.reviewer:
ms.prod: windows-client
diff --git a/windows/security/information-protection/windows-information-protection/using-owa-with-wip.md b/windows/security/information-protection/windows-information-protection/using-owa-with-wip.md
index ff1df3609e..43ac28801a 100644
--- a/windows/security/information-protection/windows-information-protection/using-owa-with-wip.md
+++ b/windows/security/information-protection/windows-information-protection/using-owa-with-wip.md
@@ -1,5 +1,5 @@
---
-title: Using Outlook on the web with WIP (Windows 10)
+title: Using Outlook on the web with WIP
description: Options for using Outlook on the web with Windows Information Protection (WIP).
ms.prod: windows-client
ms.localizationpriority: medium
diff --git a/windows/security/information-protection/windows-information-protection/wip-app-enterprise-context.md b/windows/security/information-protection/windows-information-protection/wip-app-enterprise-context.md
index 7404e870dc..f2c6ad57af 100644
--- a/windows/security/information-protection/windows-information-protection/wip-app-enterprise-context.md
+++ b/windows/security/information-protection/windows-information-protection/wip-app-enterprise-context.md
@@ -1,5 +1,5 @@
---
-title: Determine the Enterprise Context of an app running in Windows Information Protection (WIP) (Windows 10)
+title: Determine the Enterprise Context of an app running in Windows Information Protection (WIP)
description: Use the Task Manager to determine whether an app is considered work, personal or exempt by Windows Information Protection (WIP).
ms.prod: windows-client
ms.localizationpriority: medium
diff --git a/windows/security/operating-system-security/network-security/toc.yml b/windows/security/operating-system-security/network-security/toc.yml
index af372280a4..c62a6aaad4 100644
--- a/windows/security/operating-system-security/network-security/toc.yml
+++ b/windows/security/operating-system-security/network-security/toc.yml
@@ -1,40 +1,17 @@
items:
-- name: Transport layer security (TLS)
- href: /windows-server/security/tls/tls-ssl-schannel-ssp-overview
-- name: WiFi Security
- href: https://support.microsoft.com/windows/faster-and-more-secure-wi-fi-in-windows-26177a28-38ed-1a8e-7eca-66f24dc63f09
-- name: Windows Firewall
- href: ../../threat-protection/windows-firewall/windows-firewall-with-advanced-security.md
-- name: Virtual Private Network (VPN)
- href: ../../identity-protection/vpn/vpn-guide.md
- items:
- - name: VPN connection types
- href: ../../identity-protection/vpn/vpn-connection-type.md
- - name: VPN routing decisions
- href: ../../identity-protection/vpn/vpn-routing.md
- - name: VPN authentication options
- href: ../../identity-protection/vpn/vpn-authentication.md
- - name: VPN and conditional access
- href: ../../identity-protection/vpn/vpn-conditional-access.md
- - name: VPN name resolution
- href: ../../identity-protection/vpn/vpn-name-resolution.md
- - name: VPN auto-triggered profile options
- href: ../../identity-protection/vpn/vpn-auto-trigger-profile.md
- - name: VPN security features
- href: ../../identity-protection/vpn/vpn-security-features.md
- - name: VPN profile options
- href: ../../identity-protection/vpn/vpn-profile-options.md
- - name: How to configure Diffie Hellman protocol over IKEv2 VPN connections
- href: ../../identity-protection/vpn/how-to-configure-diffie-hellman-protocol-over-ikev2-vpn-connections.md
- - name: How to use single sign-on (SSO) over VPN and Wi-Fi connections
- href: ../../identity-protection/vpn/how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md
- - name: Optimizing Office 365 traffic with the Windows VPN client
- href: ../../identity-protection/vpn/vpn-office-365-optimization.md
-- name: Always On VPN
- href: /windows-server/remote/remote-access/vpn/always-on-vpn/
-- name: Direct Access
- href: /windows-server/remote/remote-access/directaccess/directaccess
-- name: Server Message Block (SMB) file service
- href: /windows-server/storage/file-server/file-server-smb-overview
-- name: Server Message Block Direct (SMB Direct)
- href: /windows-server/storage/file-server/smb-direct
\ No newline at end of file
+ - name: Transport layer security (TLS) 🔗
+ href: /windows-server/security/tls/tls-ssl-schannel-ssp-overview
+ - name: WiFi Security
+ href: https://support.microsoft.com/windows/faster-and-more-secure-wi-fi-in-windows-26177a28-38ed-1a8e-7eca-66f24dc63f09
+ - name: Windows Firewall 🔗
+ href: windows-firewall/windows-firewall-with-advanced-security.md
+ - name: Virtual Private Network (VPN)
+ href: vpn/toc.yml
+ - name: Always On VPN 🔗
+ href: /windows-server/remote/remote-access/vpn/always-on-vpn/
+ - name: Direct Access 🔗
+ href: /windows-server/remote/remote-access/directaccess/directaccess
+ - name: Server Message Block (SMB) file service 🔗
+ href: /windows-server/storage/file-server/file-server-smb-overview
+ - name: Server Message Block Direct (SMB Direct) 🔗
+ href: /windows-server/storage/file-server/smb-direct
\ No newline at end of file
diff --git a/windows/security/identity-protection/vpn/how-to-configure-diffie-hellman-protocol-over-ikev2-vpn-connections.md b/windows/security/operating-system-security/network-security/vpn/how-to-configure-diffie-hellman-protocol-over-ikev2-vpn-connections.md
similarity index 100%
rename from windows/security/identity-protection/vpn/how-to-configure-diffie-hellman-protocol-over-ikev2-vpn-connections.md
rename to windows/security/operating-system-security/network-security/vpn/how-to-configure-diffie-hellman-protocol-over-ikev2-vpn-connections.md
diff --git a/windows/security/identity-protection/vpn/how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md b/windows/security/operating-system-security/network-security/vpn/how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md
similarity index 100%
rename from windows/security/identity-protection/vpn/how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md
rename to windows/security/operating-system-security/network-security/vpn/how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md
diff --git a/windows/security/operating-system-security/network-security/vpn/images/vpn-app-trigger.PNG b/windows/security/operating-system-security/network-security/vpn/images/vpn-app-trigger.PNG
new file mode 100644
index 0000000000..16a6bcbbfc
Binary files /dev/null and b/windows/security/operating-system-security/network-security/vpn/images/vpn-app-trigger.PNG differ
diff --git a/windows/security/operating-system-security/network-security/vpn/images/vpn-connection-intune.png b/windows/security/operating-system-security/network-security/vpn/images/vpn-connection-intune.png
new file mode 100644
index 0000000000..f3ab76439d
Binary files /dev/null and b/windows/security/operating-system-security/network-security/vpn/images/vpn-connection-intune.png differ
diff --git a/windows/security/identity-protection/vpn/images/vpn-connection.png b/windows/security/operating-system-security/network-security/vpn/images/vpn-connection.png
similarity index 100%
rename from windows/security/identity-protection/vpn/images/vpn-connection.png
rename to windows/security/operating-system-security/network-security/vpn/images/vpn-connection.png
diff --git a/windows/security/identity-protection/vpn/images/vpn-custom-xml-intune.png b/windows/security/operating-system-security/network-security/vpn/images/vpn-custom-xml-intune.png
similarity index 100%
rename from windows/security/identity-protection/vpn/images/vpn-custom-xml-intune.png
rename to windows/security/operating-system-security/network-security/vpn/images/vpn-custom-xml-intune.png
diff --git a/windows/security/identity-protection/vpn/images/vpn-device-compliance.png b/windows/security/operating-system-security/network-security/vpn/images/vpn-device-compliance.png
similarity index 100%
rename from windows/security/identity-protection/vpn/images/vpn-device-compliance.png
rename to windows/security/operating-system-security/network-security/vpn/images/vpn-device-compliance.png
diff --git a/windows/security/operating-system-security/network-security/vpn/images/vpn-eap-xml.png b/windows/security/operating-system-security/network-security/vpn/images/vpn-eap-xml.png
new file mode 100644
index 0000000000..fd277c80a8
Binary files /dev/null and b/windows/security/operating-system-security/network-security/vpn/images/vpn-eap-xml.png differ
diff --git a/windows/security/operating-system-security/network-security/vpn/images/vpn-name-intune.png b/windows/security/operating-system-security/network-security/vpn/images/vpn-name-intune.png
new file mode 100644
index 0000000000..df0922e2b6
Binary files /dev/null and b/windows/security/operating-system-security/network-security/vpn/images/vpn-name-intune.png differ
diff --git a/windows/security/operating-system-security/network-security/vpn/images/vpn-split.png b/windows/security/operating-system-security/network-security/vpn/images/vpn-split.png
new file mode 100644
index 0000000000..882757f1b4
Binary files /dev/null and b/windows/security/operating-system-security/network-security/vpn/images/vpn-split.png differ
diff --git a/windows/security/operating-system-security/network-security/vpn/images/vpn-traffic-rules.png b/windows/security/operating-system-security/network-security/vpn/images/vpn-traffic-rules.png
new file mode 100644
index 0000000000..a1cbcd3226
Binary files /dev/null and b/windows/security/operating-system-security/network-security/vpn/images/vpn-traffic-rules.png differ
diff --git a/windows/security/operating-system-security/network-security/vpn/toc.yml b/windows/security/operating-system-security/network-security/vpn/toc.yml
new file mode 100644
index 0000000000..d160764ee0
--- /dev/null
+++ b/windows/security/operating-system-security/network-security/vpn/toc.yml
@@ -0,0 +1,25 @@
+items:
+ - name: Overview
+ href: vpn-guide.md
+ - name: VPN connection types
+ href: vpn-connection-type.md
+ - name: VPN routing decisions
+ href: vpn-routing.md
+ - name: VPN authentication options
+ href: vpn-authentication.md
+ - name: VPN and conditional access
+ href: vpn-conditional-access.md
+ - name: VPN name resolution
+ href: vpn-name-resolution.md
+ - name: VPN auto-triggered profile options
+ href: vpn-auto-trigger-profile.md
+ - name: VPN security features
+ href: vpn-security-features.md
+ - name: VPN profile options
+ href: vpn-profile-options.md
+ - name: How to configure Diffie Hellman protocol over IKEv2 VPN connections
+ href: how-to-configure-diffie-hellman-protocol-over-ikev2-vpn-connections.md
+ - name: How to use single sign-on (SSO) over VPN and Wi-Fi connections
+ href: how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md
+ - name: Optimizing Office 365 traffic with the Windows VPN client
+ href: vpn-office-365-optimization.md
\ No newline at end of file
diff --git a/windows/security/identity-protection/vpn/vpn-authentication.md b/windows/security/operating-system-security/network-security/vpn/vpn-authentication.md
similarity index 96%
rename from windows/security/identity-protection/vpn/vpn-authentication.md
rename to windows/security/operating-system-security/network-security/vpn/vpn-authentication.md
index c74740f325..1fc65b4198 100644
--- a/windows/security/identity-protection/vpn/vpn-authentication.md
+++ b/windows/security/operating-system-security/network-security/vpn/vpn-authentication.md
@@ -1,5 +1,5 @@
---
-title: VPN authentication options (Windows 10 and Windows 11)
+title: VPN authentication options
description: Learn about the EAP authentication methods that Windows supports in VPNs to provide secure authentication using username/password and certificate-based methods.
ms.date: 09/23/2021
ms.topic: conceptual
@@ -74,7 +74,7 @@ For a UWP VPN plug-in, the app vendor controls the authentication method to be u
See [EAP configuration](/windows/client-management/mdm/eap-configuration) for EAP XML configuration.
>[!NOTE]
->To configure Windows Hello for Business authentication, follow the steps in [EAP configuration](/windows/client-management/mdm/eap-configuration) to create a smart card certificate. [Learn more about Windows Hello for Business.](../hello-for-business/hello-identity-verification.md)
+>To configure Windows Hello for Business authentication, follow the steps in [EAP configuration](/windows/client-management/mdm/eap-configuration) to create a smart card certificate. [Learn more about Windows Hello for Business.](../../../identity-protection/hello-for-business/hello-identity-verification.md).
The following image shows the field for EAP XML in a Microsoft Intune VPN profile. The EAP XML field only appears when you select a built-in connection type (automatic, IKEv2, L2TP, PPTP).
diff --git a/windows/security/operating-system-security/network-security/vpn/vpn-auto-trigger-profile.md b/windows/security/operating-system-security/network-security/vpn/vpn-auto-trigger-profile.md
new file mode 100644
index 0000000000..9af27f73a3
--- /dev/null
+++ b/windows/security/operating-system-security/network-security/vpn/vpn-auto-trigger-profile.md
@@ -0,0 +1,90 @@
+---
+title: VPN auto-triggered profile options
+description: With auto-triggered VPN profile options, Windows can automatically establish a VPN connection based on IT admin-defined rules. Learn about the types of auto-trigger rules that you can create for VPN connections.
+ms.date: 05/24/2023
+ms.topic: conceptual
+---
+
+# VPN auto-triggered profile options
+
+Windows can use different features to auto-trigger VPN, avoiding users to manually connect when VPN is needed to access necessary resources. There are three different types of auto-trigger rules:
+
+- Application trigger
+- Name-based trigger
+- Always On
+
+> [!NOTE]
+> Auto-triggered VPN connections won't work if **Folder Redirection** for **AppData** is enabled. Either Folder Redirection for AppData must be disabled, or the auto-triggered VPN profile must be deployed in SYSTEM context, which changes the path to where the *rasphone.pbk* file is stored.
+
+## Application trigger
+
+VPN profiles can be configured to automatically connect on the execution of certain applications:
+
+- You can configure desktop or Universal Windows Platform (UWP) apps to trigger a VPN connection
+- You can configure per-app VPN and specify traffic rules for each app
+
+> [!NOTE]
+> The app identifier for a desktop app is a file path. The app identifier for a UWP app is a package family name.
+>
+> [Find a package family name (PFN) for per-app VPN configuration](/mem/configmgr/protect/deploy-use/find-a-pfn-for-per-app-vpn)
+
+For more information, see [Traffic filters](vpn-security-features.md#traffic-filters).
+
+## Name-based trigger
+
+You can configure a domain name-based rule so that a specific domain name triggers the VPN connection.\
+Name-based auto-trigger can be configured using the `VPNv2//DomainNameInformationList/dniRowId/AutoTrigger` setting in the [VPNv2 Configuration Service Provider (CSP)](/windows/client-management/mdm/vpnv2-csp).
+
+There are four types of name-based triggers:
+
+- Short name: for example, if *HRweb* is configured as a trigger, and the stack sees a DNS resolution request for *HRweb*, the VPN triggers
+- Fully qualified domain name (FQDN): for example, if *HRweb.corp.contoso.com* is configured as a trigger, and the stack sees a DNS resolution request for *HRweb.corp.contoso.com*, the VPN triggers
+- Suffix: for example, if *.corp.contoso.com* is configured as a trigger, and the stack sees a DNS resolution request with a matching suffix (such as *HRweb.corp.contoso.com*), the VPN triggers. For any short name resolution, VPN triggers, and the DNS servers are queried for the *.corp.contoso.com*
+- All: if used, all DNS resolution triggers VPN
+
+## Always On
+
+Always On is a Windows feature that enables the active VPN profile to connect automatically on the following triggers:
+
+- User sign-in
+- Network change
+- Device screen on
+
+When the trigger occurs, VPN tries to connect. If an error occurs, or any user input is needed, the user sees a toast notification for more interaction.
+
+When a device has multiple profiles with Always On triggers, the user can specify the active profile in **Settings > Network & Internet > VPN > ** by selecting the **Let apps automatically use this VPN connection** checkbox. By default, the first MDM-configured profile is marked as **Active**. Devices with multiple users have the same restriction: only one profile, and therefore only one user, is able to use the Always On triggers.
+
+## Preserving user Always On preference
+
+Another Windows feature is to preserve a user's Always On preference. If a user manually unchecks the **Connect automatically** checkbox, Windows remembers the user preference for the profile name by adding the profile name to the registry value *AutoTriggerDisabledProfilesList*.
+
+If a management tool removes or adds the same profile name back and set **AlwaysOn** to **true**, Windows doesn't check the box if the profile name exists in the following registry value, in order to preserve user preference.
+
+**Key:** `HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan\Config`\
+**Value:** `AutoTriggerDisabledProfilesList`\
+**Type:** `REG_MULTI_SZ`
+
+## Trusted network detection
+
+The **Trusted network detection** feature configures the VPN so that connection isn't triggered when a device is on a trusted network. To configure Trusted network detection, you must provide a list of DNS suffixes. The VPN stack verifies the network name of the physical interface connection profile: if it matches any of the suffixes configured in the list and the network is private or provisioned by MDM, then VPN doesn't trigger.
+
+Trusted network detection can be configured using the `VPNv2//TrustedNetworkDetection` setting in the [VPNv2 CSP](/windows/client-management/mdm/vpnv2-csp).
+
+## Configure app-triggered VPN
+
+See [VPN profile options](vpn-profile-options.md) and [VPNv2 CSP](/windows/client-management/mdm/vpnv2-csp) for XML configuration.
+
+The following image shows associating apps to a VPN connection in a VPN Profile configuration policy using Microsoft Intune.
+
+:::image type="content" source="images/vpn-app-trigger.png" alt-text="Creation of VPN profile in Intune: application association options." lightbox="images/vpn-app-trigger.png":::
+
+## Related articles
+
+- [VPN technical guide](vpn-guide.md)
+- [VPN connection types](vpn-connection-type.md)
+- [VPN routing decisions](vpn-routing.md)
+- [VPN authentication options](vpn-authentication.md)
+- [VPN and conditional access](vpn-conditional-access.md)
+- [VPN name resolution](vpn-name-resolution.md)
+- [VPN security features](vpn-security-features.md)
+- [VPN profile options](vpn-profile-options.md)
diff --git a/windows/security/identity-protection/vpn/vpn-conditional-access.md b/windows/security/operating-system-security/network-security/vpn/vpn-conditional-access.md
similarity index 91%
rename from windows/security/identity-protection/vpn/vpn-conditional-access.md
rename to windows/security/operating-system-security/network-security/vpn/vpn-conditional-access.md
index 392b5cf099..3dca76e27e 100644
--- a/windows/security/identity-protection/vpn/vpn-conditional-access.md
+++ b/windows/security/operating-system-security/network-security/vpn/vpn-conditional-access.md
@@ -1,7 +1,7 @@
---
-title: VPN and conditional access (Windows 10 and Windows 11)
-description: Learn how to integrate the VPN client with the Conditional Access Platform, so you can create access rules for Azure Active Directory (Azure AD) connected apps.
-ms.date: 09/23/2021
+title: VPN and conditional access
+description: Learn how to integrate the VPN client with the Conditional Access platform, and how to create access rules for Azure Active Directory (Azure AD) connected apps.
+ms.date: 05/23/2023
ms.topic: conceptual
---
@@ -15,30 +15,25 @@ The VPN client is now able to integrate with the cloud-based Conditional Access
Conditional Access Platform components used for Device Compliance include the following cloud-based services:
- [Conditional Access Framework](/archive/blogs/tip_of_the_day/tip-of-the-day-the-conditional-access-framework-and-device-compliance-for-vpn)
-
- [Azure AD Connect Health](/azure/active-directory/connect-health/active-directory-aadconnect-health)
-
-- [Windows Health Attestation Service](../../threat-protection/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md#device-health-attestation) (optional)
-
+- [Windows Health Attestation Service](../../../threat-protection/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md#device-health-attestation) (optional)
- Azure AD Certificate Authority - It is a requirement that the client certificate used for the cloud-based device compliance solution be issued by an Azure Active Directory-based Certificate Authority (CA). An Azure AD CA is essentially a mini-CA cloud tenant in Azure. The Azure AD CA cannot be configured as part of an on-premises Enterprise CA.
See also [Always On VPN deployment for Windows Server and Windows 10](/windows-server/remote/remote-access/vpn/always-on-vpn/deploy/always-on-vpn-deploy).
-
- Azure AD-issued short-lived certificates - When a VPN connection attempt is made, the Azure AD Token Broker on the local device communicates with Azure Active Directory, which then checks for health based on compliance rules. If compliant, Azure AD sends back a short-lived certificate that is used to authenticate the VPN. Note that certificate authentication methods such as EAP-TLS can be used. When the client reconnects and determines that the certificate has expired, the client will again check with Azure AD for health validation before a new certificate is issued.
-
- [Microsoft Intune device compliance policies](/mem/intune/protect/device-compliance-get-started) - Cloud-based device compliance leverages Microsoft Intune Compliance Policies, which are capable of querying the device state and define compliance rules for the following, among other things.
-
- - Antivirus status
- - Auto-update status and update compliance
- - Password policy compliance
- - Encryption compliance
- - Device health attestation state (validated against attestation service after query)
+ - Antivirus status
+ - Auto-update status and update compliance
+ - Password policy compliance
+ - Encryption compliance
+ - Device health attestation state (validated against attestation service after query)
The following client-side components are also required:
+
- [HealthAttestation Configuration Service Provider (CSP)](/windows/client-management/mdm/healthattestation-csp)
- [VPNv2 CSP](/windows/client-management/mdm/vpnv2-csp) DeviceCompliance node settings
- Trusted Platform Module (TPM)
-## VPN device compliance
+## VPN device compliance
At this time, the Azure AD certificates issued to users do not contain a CRL Distribution Point (CDP) and are not suitable for Key Distribution Centers (KDCs) to issue Kerberos tokens. For users to gain access to on-premises resources such as files on a network share, client authentication certificates must be deployed to the Windows profiles of the users, and their VPNv2 profiles must contain the <SSO> section.
@@ -47,7 +42,7 @@ Server-side infrastructure requirements to support VPN device compliance include
- The VPN server should be configured for certificate authentication.
- The VPN server should trust the tenant-specific Azure AD CA.
- For client access using Kerberos/NTLM, a domain-trusted certificate is deployed to the client device and is configured to be used for single sign-on (SSO).
-
+
After the server side is set up, VPN admins can add the policy settings for conditional access to the VPN profile using the VPNv2 DeviceCompliance node.
Two client-side configuration service providers are leveraged for VPN device compliance.
@@ -90,14 +85,12 @@ See [VPN profile options](vpn-profile-options.md) and [VPNv2 CSP](/windows/clien
- [Azure Active Directory conditional access](/azure/active-directory/conditional-access/overview)
- [Getting started with Azure Active Directory Conditional Access](/azure/active-directory/authentication/tutorial-enable-azure-mfa)
-- [Control the health of Windows 10-based devices](../../threat-protection/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md)
-- Control the health of Windows 11-based devices
+- [Control the health of Windows devices](../../../threat-protection/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md)
- [Tip of the Day: The Conditional Access Framework and Device Compliance for VPN (Part 1)](/archive/blogs/tip_of_the_day/tip-of-the-day-the-conditional-access-framework-and-device-compliance-for-vpn)
- [Tip of the Day: The Conditional Access Framework and Device Compliance for VPN (Part 2)](/archive/blogs/tip_of_the_day/tip-of-the-day-the-conditional-access-framework-and-device-compliance-for-vpn-part-2)
- [Tip of the Day: The Conditional Access Framework and Device Compliance for VPN (Part 3)](/archive/blogs/tip_of_the_day/tip-of-the-day-the-conditional-access-framework-and-device-compliance-for-vpn-part-3)
- [Tip of the Day: The Conditional Access Framework and Device Compliance for VPN (Part 4)](/archive/blogs/tip_of_the_day/tip-of-the-day-the-conditional-access-framework-and-device-compliance-for-vpn-part-4)
-
## Related topics
- [VPN technical guide](vpn-guide.md)
- [VPN connection types](vpn-connection-type.md)
diff --git a/windows/security/operating-system-security/network-security/vpn/vpn-connection-type.md b/windows/security/operating-system-security/network-security/vpn/vpn-connection-type.md
new file mode 100644
index 0000000000..686ae5380b
--- /dev/null
+++ b/windows/security/operating-system-security/network-security/vpn/vpn-connection-type.md
@@ -0,0 +1,57 @@
+---
+title: VPN connection types (Windows 10 and Windows 11)
+description: Learn about Windows VPN platform clients and the VPN connection-type features that can be configured.
+ms.date: 05/24/2022
+ms.topic: conceptual
+---
+
+# VPN connection types
+
+VPNs are point-to-point connections across a private or public network, like the Internet. A VPN client uses special TCP/IP or UDP-based protocols, called *tunneling protocols*, to make a virtual call to a virtual port on a VPN server. In a typical VPN deployment, a client initiates a virtual point-to-point connection to a remote access server over the Internet. The remote access server answers the call, authenticates the caller, and transfers data between the VPN client and the organization's private network.
+
+There are many options for VPN clients. In Windows, the built-in plug-in and the Universal Windows Platform (UWP) VPN plug-in platform are built on top of the Windows VPN platform. This article focuses on the Windows VPN platform clients and the features that can be configured.
+
+
+
+## Built-in VPN client
+
+Tunneling protocols:
+- [Internet Key Exchange version 2 (IKEv2)](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/ff687731(v=ws.10)): configure the IPsec/IKE tunnel cryptographic properties using the **Cryptography Suite** setting in the [VPNv2 Configuration Service Provider (CSP)](/windows/client-management/mdm/vpnv2-csp).
+- [L2TP](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/ff687761(v=ws.10)): L2TP with pre-shared key (PSK) authentication can be configured using the **L2tpPsk** setting in the [VPNv2 CSP](/windows/client-management/mdm/vpnv2-csp).
+- [PPTP](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/ff687676(v=ws.10))
+- [SSTP](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/ff687819(v=ws.10)): SSTP can't be configured using MDM, but it's one of the protocols attempted in the **Automatic** option
+ > [!NOTE]
+ > When a VPN plug-in is used, the adapter will be listed as an SSTP adapter, even though the VPN protocol used is the plug-in's protocol.
+
+- Automatic: the **Automatic** option means that the device tries each of the built-in tunneling protocols until one succeeds. It attempts from most secure to least secure. Configure **Automatic** for the **NativeProtocolType** setting in the [VPNv2 CSP](/windows/client-management/mdm/vpnv2-csp).
+
+## Universal Windows Platform VPN plug-in
+
+Using the UWP platform, third-party VPN providers can create app-containerized plug-ins using WinRT APIs, eliminating the complexity and problems often associated with writing to system-level drivers.
+
+There are many Universal Windows Platform VPN applications, such as Pulse Secure, Cisco AnyConnect, F5 Access, Sonicwall Mobile Connect, and Check Point Capsule. If you want to use a UWP VPN plug-in, work with your vendor for any custom settings needed to configure your VPN solution.
+
+## Configure connection type
+
+See [VPN profile options](vpn-profile-options.md) and [VPNv2 CSP](/windows/client-management/mdm/vpnv2-csp) for XML configuration.
+
+The following image shows connection options in a VPN Profile configuration policy using Microsoft Intune:
+
+> [!div class="mx-imgBorder"]
+> 
+
+In Intune, you can also include custom XML for third-party plug-in profiles:
+
+> [!div class="mx-imgBorder"]
+> 
+
+## Related articles
+
+- [VPN technical guide](vpn-guide.md)
+- [VPN routing decisions](vpn-routing.md)
+- [VPN authentication options](vpn-authentication.md)
+- [VPN and conditional access](vpn-conditional-access.md)
+- [VPN name resolution](vpn-name-resolution.md)
+- [VPN auto-triggered profile options](vpn-auto-trigger-profile.md)
+- [VPN security features](vpn-security-features.md)
+- [VPN profile options](vpn-profile-options.md)
diff --git a/windows/security/identity-protection/vpn/vpn-guide.md b/windows/security/operating-system-security/network-security/vpn/vpn-guide.md
similarity index 58%
rename from windows/security/identity-protection/vpn/vpn-guide.md
rename to windows/security/operating-system-security/network-security/vpn/vpn-guide.md
index 8a775eea81..66e09e5a4c 100644
--- a/windows/security/identity-protection/vpn/vpn-guide.md
+++ b/windows/security/operating-system-security/network-security/vpn/vpn-guide.md
@@ -1,20 +1,20 @@
---
-title: Windows VPN technical guide (Windows 10 and Windows 11)
-description: Learn about decisions to make for Windows 10 or Windows 11 clients in your enterprise VPN solution and how to configure your deployment.
-ms.date: 02/21/2022
+title: Windows VPN technical guide
+description: Learn how to plan and configure Windows devices for your organization's VPN solution.
+ms.date: 05/24/2023
ms.topic: conceptual
---
# Windows VPN technical guide
-This guide will walk you through the decisions you will make for Windows 10 or Windows 11 clients in your enterprise VPN solution and how to configure your deployment. This guide references the [VPNv2 Configuration Service Provider (CSP)](/windows/client-management/mdm/vpnv2-csp) and provides mobile device management (MDM) configuration instructions using Microsoft Intune and the VPN Profile template for Windows 10 and Windows 11.
+This guide walks you through the decisions to make for Windows clients in your organization's VPN solution, and how to configure your devices. This guide references the [VPNv2 Configuration Service Provider (CSP)](/windows/client-management/mdm/vpnv2-csp) and provides mobile device management (MDM) configuration instructions using Microsoft Intune.
-To create a Windows 10 VPN device configuration profile see: [Windows 10 and Windows Holographic device settings to add VPN connections using Intune](/mem/intune/configuration/vpn-settings-windows-10).
+To create a Windows VPN device configuration profile see: [Windows device settings to add VPN connections using Intune](/mem/intune/configuration/vpn-settings-windows-10).
> [!NOTE]
> This guide does not explain server deployment.
-[!INCLUDE [virtual-private-network-vpn](../../../../includes/licensing/virtual-private-network-vpn.md)]
+[!INCLUDE [virtual-private-network-vpn](../../../../../includes/licensing/virtual-private-network-vpn.md)]
## In this guide
@@ -29,7 +29,6 @@ To create a Windows 10 VPN device configuration profile see: [Windows 10 and Win
| [VPN security features](vpn-security-features.md) | Configure traffic filtering, connect a VPN profile to Windows Information Protection (WIP), and more |
| [VPN profile options](vpn-profile-options.md) | Combine settings into single VPN profile using XML |
-
## Learn more
- [Create VPN profiles to connect to VPN servers in Intune](/mem/intune/configuration/vpn-settings-configure)
diff --git a/windows/security/operating-system-security/network-security/vpn/vpn-name-resolution.md b/windows/security/operating-system-security/network-security/vpn/vpn-name-resolution.md
new file mode 100644
index 0000000000..406f11946c
--- /dev/null
+++ b/windows/security/operating-system-security/network-security/vpn/vpn-name-resolution.md
@@ -0,0 +1,71 @@
+---
+title: VPN name resolution
+description: Learn how name resolution works when using a VPN connection.
+ms.date: 05/24/2023
+ms.topic: conceptual
+---
+
+# VPN name resolution
+
+When the VPN client establishes a connection, it receives an IP address and, optionally, the IP address of one or more DNS servers.
+
+The name resolution setting in the VPN profile determines how name resolution works on the system when the VPN connection is established:
+
+1. The network stack looks at the Name Resolution Policy table (NRPT) for any matches, and tries a resolution if a match is found
+1. If no match is found, the DNS suffix on the most preferred interface based on the interface metric is appended to the name (if a short name is used). A DNS query is sent to the preferred interface
+1. If the query times out, the DNS suffix search list is used in order and DNS queries are sent on all interfaces
+
+## Name Resolution Policy table (NRPT)
+
+The NRPT is a table of namespaces that determines the DNS client's behavior when issuing name resolution queries and processing responses. It's the first place that the stack will look after the DNSCache.
+
+There are three types of name matches that can set up for NRPT:
+
+- Fully qualified domain name (FQDN) that can be used for direct matching to a name
+- Suffix match results in either a comparison of suffixes (for FQDN resolution) or the appending of the suffix (if using short name)
+- Any resolution should attempt to first resolve with the proxy server/DNS server with this entry
+
+NRPT is set using the `VPNv2//DomainNameInformationList` node of the [VPNv2 CSP](/windows/client-management/mdm/vpnv2-csp). You can use the same node to configure a Web proxy server or DNS.
+
+To learn more about NRPT, see [Introduction to the NRPT](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/ee649207(v=ws.10)).
+
+## DNS suffix
+
+The DNS suffix setting is used to configure the primary DNS suffix for the VPN interface and the suffix search list after the VPN connection is established.
+
+Primary DNS suffix is set using the `VPNv2//DnsSuffix` node.
+
+[Learn more about primaryDNS suffix](/previous-versions/windows/it-pro/windows-2000-server/cc959611(v=technet.10))
+
+## Persistent name resolution rules
+
+You can configure *persistent* name resolution rules. Name resolution for the specified items is done over the VPN.
+
+Persistent name resolution is set using the `VPNv2//DomainNameInformationList//Persistent` node.
+
+## Configure name resolution
+
+See [VPN profile options](vpn-profile-options.md) and [VPNv2 CSP](/windows/client-management/mdm/vpnv2-csp) for XML configuration.
+
+The following image shows name resolution options in a VPN Profile configuration policy using Microsoft Intune.
+
+:::image type="content" source="images/vpn-name-intune.png" alt-text="Creation of VPN profile in Intune: DNS options." lightbox="images/vpn-name-intune.png":::
+
+The fields in **Add or edit DNS rule** in the Intune profile correspond to the XML settings shown in the following table.
+
+| Field | XML |
+| --- | --- |
+| **Name** | **VPNv2/*ProfileName*/DomainNameInformationList/*dniRowId*/DomainName** |
+| **Servers (comma separated)** | **VPNv2/*ProfileName*/DomainNameInformationList/*dniRowId*/DnsServers** |
+| **Proxy server** | **VPNv2/*ProfileName*/DomainNameInformationList/*dniRowId*/WebServers** |
+
+## Related articles
+
+- [VPN technical guide](vpn-guide.md)
+- [VPN connection types](vpn-connection-type.md)
+- [VPN routing decisions](vpn-routing.md)
+- [VPN authentication options](vpn-authentication.md)
+- [VPN and conditional access](vpn-conditional-access.md)
+- [VPN auto-triggered profile options](vpn-auto-trigger-profile.md)
+- [VPN security features](vpn-security-features.md)
+- [VPN profile options](vpn-profile-options.md)
\ No newline at end of file
diff --git a/windows/security/identity-protection/vpn/vpn-office-365-optimization.md b/windows/security/operating-system-security/network-security/vpn/vpn-office-365-optimization.md
similarity index 86%
rename from windows/security/identity-protection/vpn/vpn-office-365-optimization.md
rename to windows/security/operating-system-security/network-security/vpn/vpn-office-365-optimization.md
index 8eb30c7bce..8a1774472f 100644
--- a/windows/security/identity-protection/vpn/vpn-office-365-optimization.md
+++ b/windows/security/operating-system-security/network-security/vpn/vpn-office-365-optimization.md
@@ -1,17 +1,17 @@
---
-title: Optimizing Office 365 traffic for remote workers with the native Windows VPN client
-description: Learn how to optimize Office 365 traffic for remote workers with the native Windows VPN client
+title: Optimize Microsoft 365 traffic for remote workers with the Windows VPN client
+description: Learn how to optimize Microsoft 365 traffic for remote workers with the Windows VPN client
ms.topic: article
-ms.date: 09/23/2021
+ms.date: 05/24/2023
---
-# Optimizing Office 365 traffic for remote workers with the native Windows 10 and Windows 11 VPN client
+# Optimize Microsoft 365 traffic for remote workers with the Windows VPN client
-This article describes how to configure the recommendations in the article [Optimize Office 365 connectivity for remote users using VPN split tunneling](/office365/enterprise/office-365-vpn-split-tunnel) for the *native Windows 10 and Windows 11 VPN client*. This guidance enables VPN administrators to optimize Office 365 usage while still ensuring that all other traffic goes over the VPN connection and through existing security gateways and tooling.
+This article describes how to configure the recommendations in the article [VPN split tunneling for Microsoft 365](/microsoft-365/enterprise/microsoft-365-vpn-split-tunnel) for the Windows VPN client. This guidance enables VPN administrators to optimize Microsoft 365 usage while ensuring that all other traffic goes over the VPN connection and through existing security gateways or tooling.
-This can be achieved for the native/built-in Windows 10 and Windows 11 VPN client using a _Force Tunneling with Exclusions_ approach. This allows you to define IP-based exclusions *even when using force tunneling* in order to "split" certain traffic to use the physical interface while still forcing all other traffic via the VPN interface. Traffic addressed to specifically defined destinations (like those listed in the Office 365 optimize categories) will therefore follow a much more direct and efficient path, without the need to traverse or "hairpin" via the VPN tunnel and back out of the corporate network. For cloud-services like Office 365, this makes a huge difference in performance and usability for remote users.
+The recommendations can be implemented for the built-in Windows VPN client using a *Force Tunneling with Exclusions* approach, defining IP-based exclusions even when using *force tunneling*. Certain traffic can be *split* to use the physical interface, while still forcing all other traffic via the VPN interface. Traffic addressed to defined destinations (like those listed in the Microsoft 365 optimized categories) follows a much more direct and efficient path, without the need to traverse or *hairpin* via the VPN tunnel and back out of the organization's network. For cloud-services like Microsoft 365, this makes a significant difference in performance and usability for remote users.
> [!NOTE]
-> The term _force tunneling with exclusions_ is sometimes confusingly called "split tunnels" by other vendors and in some online documentation. For Windows 10 and Windows 11 VPN, the term _split tunneling_ is defined differently as described in the article [VPN routing decisions](./vpn-routing.md#split-tunnel-configuration).
+> The term *force tunneling with exclusions* is sometimes confusingly called *split tunnels* by other vendors and in some online documentation. For Windows VPN, the term *split tunneling* is defined differently, as described in the article [VPN routing decisions](./vpn-routing.md#split-tunnel-configuration).
## Solution Overview
@@ -35,9 +35,9 @@ In order to define specific force tunnel exclusions, you then need to add the fo
```
-Entries defined by the `[IP Addresses or Subnet]` and `[IP Prefix]` references will consequently be added to the routing table as _more specific route entries_ that will use the Internet-connected interface as the default gateway, as opposed to using the VPN interface. You will need to define a unique and separate `` section for each required exclusion.
+Entries defined by the `[IP Addresses or Subnet]` and `[IP Prefix]` references will consequently be added to the routing table as _more specific route entries_ that will use the Internet-connected interface as the default gateway, as opposed to using the VPN interface. You must define a unique and separate `` section for each required exclusion.
-An example of a correctly formatted Profile XML configuration for force tunnel with exclusions is shown below:
+An example of a correctly formatted Profile XML configuration for force tunnel with exclusions is the following:
```xml
@@ -62,11 +62,11 @@ An example of a correctly formatted Profile XML configuration for force tunnel w
## Solution Deployment
-For Office 365, it is therefore necessary to add exclusions for all IP addresses documented within the optimize categories described in [Office 365 URLs and IP address ranges](/office365/enterprise/urls-and-ip-address-ranges) to ensure that they are excluded from VPN force tunneling.
+For Microsoft 365, it's therefore necessary to add exclusions for all IP addresses documented within the optimize categories described in [Office 365 URLs and IP address ranges](/microsoft-365/enterprise/urls-and-ip-address-ranges) to ensure that they're excluded from VPN force tunneling.
This can be achieved manually by adding the IP addresses defined within the *optimize* category entries to an existing Profile XML (or script) file, or alternatively the following script can be used which dynamically adds the required entries to an existing PowerShell script, or XML file, based upon directly querying the REST-based web service to ensure the correct IP address ranges are always used.
-An example of a PowerShell script that can be used to update a force tunnel VPN connection with Office 365 exclusions is provided below.
+An example of a PowerShell script that can be used to update a force tunnel VPN connection with Microsoft 365 exclusions is provided below.
```powershell
# Copyright (c) Microsoft Corporation. All rights reserved.
@@ -79,9 +79,9 @@ An example of a PowerShell script that can be used to update a force tunnel VPN
<#
.SYNOPSIS
- Applies or updates recommended Office 365 optimize IP address exclusions to an existing force tunnel Windows 10 and Windows 11 VPN profile
+ Applies or updates recommended Microsoft 365 optimize IP address exclusions to an existing force tunnel Windows 10 and Windows 11 VPN profile
.DESCRIPTION
- Connects to the Office 365 worldwide commercial service instance endpoints to obtain the latest published IP address ranges
+ Connects to the Microsoft 365 worldwide commercial service instance endpoints to obtain the latest published IP address ranges
Compares the optimized IP addresses with those contained in the supplied VPN Profile (PowerShell or XML file)
Adds or updates IP addresses as necessary and saves the resultant file with "-NEW" appended to the file name
.PARAMETERS
@@ -170,7 +170,7 @@ if ( $VPNprofilefile -ne "" -and $FileExtension -eq ".ps1")
}
}
-# Define Office 365 endpoints and service URLs #
+# Define Microsoft 365 endpoints and service URLs #
$ws = "https://endpoints.office.com"
$baseServiceUrl = "https://endpoints.office.com"
@@ -198,7 +198,7 @@ if ($version[0].latest -gt $lastVersion)
{
Write-Host
- Write-Host "A new version of Office 365 worldwide commercial service instance endpoints has been detected!" -ForegroundColor Cyan
+ Write-Host "A new version of Microsoft 365 worldwide commercial service instance endpoints has been detected!" -ForegroundColor Cyan
# Write the new version number to the data file #
@($clientRequestId, $version[0].latest) | Out-File $datapath
@@ -415,29 +415,13 @@ if ($VPNprofilefile -ne "" -and $FileExtension -eq ".xml")
}
```
-## Version Support
-
-This solution is supported with the following versions of Windows:
-
-- Windows 11
-- Windows 10 1903/1909 and newer: Included, no action needed
-- Windows 10 1809: At least [KB4490481](https://support.microsoft.com/help/4490481/windows-10-update-kb4490481)
-- Windows 10 1803: At least [KB4493437](https://support.microsoft.com/help/4493437/windows-10-update-kb4493437)
-- Windows 10 1709 and lower: Exclusion routes are not supported
-
-- Windows 10 Enterprise 2019 LTSC: At least [KB4490481](https://support.microsoft.com/help/4490481/windows-10-update-kb4490481)
-- Windows 10 Enterprise 2016 LTSC: Exclusion routes are not supported
-- Windows 10 Enterprise 2015 LTSC: Exclusion routes are not supported
-
-Microsoft strongly recommends that the latest available Windows 10 cumulative update always be applied.
-
## Other Considerations
You should also be able to adapt this approach to include necessary exclusions for other cloud-services that can be defined by known/static IP addresses; exclusions required for [Cisco WebEx](https://help.webex.com/WBX000028782/Network-Requirements-for-Webex-Teams-Services) or [Zoom](https://support.zoom.us/hc/en-us/articles/201362683) are good examples.
## Examples
-An example of a PowerShell script that can be used to create a force tunnel VPN connection with Office 365 exclusions is provided below, or refer to the guidance in [Create the ProfileXML configuration files](/windows-server/remote/remote-access/vpn/always-on-vpn/deploy/vpn-deploy-client-vpn-connections#create-the-profilexml-configuration-files) to create the initial PowerShell script:
+An example of a PowerShell script that can be used to create a force tunnel VPN connection with Microsoft 365 exclusions is provided below, or refer to the guidance in [Create the ProfileXML configuration files](/windows-server/remote/remote-access/vpn/always-on-vpn/deploy/vpn-deploy-client-vpn-connections#create-the-profilexml-configuration-files) to create the initial PowerShell script:
```powershell
# Copyright (c) Microsoft Corporation. All rights reserved.
@@ -462,7 +446,7 @@ An example of a PowerShell script that can be used to create a force tunnel VPN
#>
<#-- Define Key VPN Profile Parameters --#>
-$ProfileName = 'Contoso VPN with Office 365 Exclusions'
+$ProfileName = 'Contoso VPN with Microsoft 365 Exclusions'
$ProfileNameEscaped = $ProfileName -replace ' ', '%20'
<#-- Define VPN ProfileXML --#>
@@ -656,7 +640,7 @@ Write-Host "$Message"
```
-An example of an [Intune-ready XML file](./vpn-profile-options.md#apply-profilexml-using-intune) that can be used to create a force tunnel VPN connection with Office 365 exclusions is provided below, or refer to the guidance in [Create the ProfileXML configuration files](/windows-server/remote/remote-access/vpn/always-on-vpn/deploy/vpn-deploy-client-vpn-connections#create-the-profilexml-configuration-files) to create the initial XML file.
+An example of an [Intune-ready XML file](./vpn-profile-options.md#apply-profilexml-using-intune) that can be used to create a force tunnel VPN connection with Microsoft 365 exclusions is provided below, or refer to the guidance in [Create the ProfileXML configuration files](/windows-server/remote/remote-access/vpn/always-on-vpn/deploy/vpn-deploy-client-vpn-connections#create-the-profilexml-configuration-files) to create the initial XML file.
>[!NOTE]
>This XML is formatted for use with Intune and cannot contain any carriage returns or whitespace.
diff --git a/windows/security/identity-protection/vpn/vpn-profile-options.md b/windows/security/operating-system-security/network-security/vpn/vpn-profile-options.md
similarity index 99%
rename from windows/security/identity-protection/vpn/vpn-profile-options.md
rename to windows/security/operating-system-security/network-security/vpn/vpn-profile-options.md
index 2ebbff5348..5c344676b6 100644
--- a/windows/security/identity-protection/vpn/vpn-profile-options.md
+++ b/windows/security/operating-system-security/network-security/vpn/vpn-profile-options.md
@@ -1,5 +1,5 @@
---
-title: VPN profile options (Windows 10 and Windows 11)
+title: VPN profile options
description: Windows adds Virtual Private Network (VPN) profile options to help manage how users connect. VPNs give users secure remote access to the company network.
ms.date: 05/17/2018
ms.topic: conceptual
diff --git a/windows/security/operating-system-security/network-security/vpn/vpn-routing.md b/windows/security/operating-system-security/network-security/vpn/vpn-routing.md
new file mode 100644
index 0000000000..6931f683fd
--- /dev/null
+++ b/windows/security/operating-system-security/network-security/vpn/vpn-routing.md
@@ -0,0 +1,55 @@
+---
+ms.date: 05/24/2023
+title: VPN routing decisions
+description: Learn about approaches that either send all data through a VPN or only selected data. The one you choose impacts capacity planning and security expectations.
+ms.topic: conceptual
+---
+# VPN routing decisions
+
+Network routes are required for the stack to understand which interface to use for outbound traffic. One of the most important decision points for VPN configuration is whether you want to send all the data through VPN (*force tunnel*) or only some data through the VPN (*split tunnel*). The decision impacts the configuration, capacity planning, and security expectations from the connection.
+
+## Split tunnel configuration
+
+In a split tunnel configuration, routes can be specified to go over VPN and all other traffic will go over the physical interface.
+
+Routes can be configured using the `VPNv2//RouteList` setting in the [VPNv2 Configuration Service Provider (CSP)](/windows/client-management/mdm/vpnv2-csp).
+
+For each route item in the list, you can configure the following options:
+
+- **Address**: `VPNv2//RouteList//Address`
+- **Prefix size**: `VPNv2//RouteList//Prefix`
+- **Exclusion route**: V`VPNv2//RouteList//ExclusionRoute`
+
+With Windows VPN, you can specify exclusion routes that shouldn't go over the physical interface.
+
+Routes can also be added at connect time through the server for UWP VPN apps.
+
+## Force tunnel configuration
+
+In a force tunnel configuration, all traffic will go over VPN. Force tunnel is the default configuration, and takes effect when no routes are specified.
+
+The only implication of force tunnel is the manipulation of routing entries: VPN V4 and V6 default routes (for example *0.0.0.0/0*) are added to the routing table with a lower metric than ones for other interfaces. This configuration sends traffic through the VPN as long as there isn't a specific route on the physical interface:
+
+- For built-in VPN, the decision is controlled using the MDM setting `VPNv2/ProfileName/NativeProfile/RoutingPolicyType`
+- For a UWP VPN plug-in, the app controls the property. If the VPN plug-in indicates the default route for IPv4 and IPv6 as the only two Inclusion routes, the VPN platform marks the connection as Force Tunneled
+
+## Configure routing
+
+See [VPN profile options](vpn-profile-options.md) and [VPNv2 CSP](/windows/client-management/mdm/vpnv2-csp) for XML configuration.
+
+When you configure a VPN profile in Microsoft Intune, you can enable split tunnel configuration:
+
+
+
+Once enabled, you can add the routes that should use the VPN connection.
+
+## Related articles
+
+- [VPN technical guide](vpn-guide.md)
+- [VPN connection types](vpn-connection-type.md)
+- [VPN authentication options](vpn-authentication.md)
+- [VPN and conditional access](vpn-conditional-access.md)
+- [VPN name resolution](vpn-name-resolution.md)
+- [VPN auto-triggered profile options](vpn-auto-trigger-profile.md)
+- [VPN security features](vpn-security-features.md)
+- [VPN profile options](vpn-profile-options.md)
\ No newline at end of file
diff --git a/windows/security/operating-system-security/network-security/vpn/vpn-security-features.md b/windows/security/operating-system-security/network-security/vpn/vpn-security-features.md
new file mode 100644
index 0000000000..4c7d2f87b4
--- /dev/null
+++ b/windows/security/operating-system-security/network-security/vpn/vpn-security-features.md
@@ -0,0 +1,68 @@
+---
+title: VPN security features
+description: Learn about security features for VPN, including LockDown VPN and traffic filters.
+ms.date: 05/24/2023
+ms.topic: conceptual
+---
+
+# VPN security features
+
+## Hyper-V based containers and VPN
+
+Windows supports different kinds of Hyper-V based containers, like Microsoft Defender Application Guard and Windows Sandbox. When you use a third party VPN solution, the Hyper-V based containers may not be able to seamlessly connect to the internet, and configuration changes may be needed to resolve connectivity issues.
+
+For example, read about the workaround for Cisco AnyConnect VPN: [Cisco AnyConnect Secure Mobility Client Administrator Guide: Connectivity issues with VM-based subsystems](https://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect410/administration/guide/b-anyconnect-admin-guide-4-10/troubleshoot-anyconnect.html#Cisco_Task_in_List_GUI.dita_3a9a8101-f034-4e9b-b24a-486ee47b5e9f).
+
+## Traffic Filters
+
+Traffic Filters enables organizations to decide what traffic is allowed into the corporate network based on policy. IT admins can use Traffic Filters to apply interface-specific firewall rules to the VPN Interface.
+
+There are two types of Traffic Filter rules:
+
+- **App-based rules** consist of a list of applications that can be marked to only allow traffic originating from the apps to the VPN interface
+- **Traffic-based rules** consist of 5-tuple policies (ports, addresses, protocol) that can be specified to only allow traffic matching the rules to go through the VPN interface
+
+There can be sets of rules linked by *OR*. Within each set, there can be app-based rules and traffic-based rules.\
+All the properties within the set are linked by *AND*. The rules can be applied at a per-app level or a per-device level.
+
+For example, an IT admin could define rules that specify:
+
+- An *HR App* is allowed to go through the VPN and only access port *4545*
+- The *Finance apps* are allowed to through the VPN and only access the Remote IP ranges of *10.10.0.40 - 10.10.0.201* on port *5889*
+- All other apps on the device can only access ports *80* or *443*
+
+## Configure traffic filters
+
+See [VPN profile options](vpn-profile-options.md) and [VPNv2 CSP](/windows/client-management/mdm/vpnv2-csp) for XML configuration.
+
+The following image shows the interface to configure traffic rules in a VPN Profile configuration policy, using Microsoft Intune.
+
+:::image type="content" source="images/vpn-traffic-rules.png" alt-text="VPN profile creation from Microsoft Intune admin center." lightbox="images/vpn-traffic-rules.png":::
+
+## LockDown VPN
+
+A VPN profile configured with LockDown secures the device to only allow network traffic over the VPN interface. It has the following features:
+
+- The system attempts to always keep the VPN connected
+- The user can't disconnect the VPN connection
+- The user can't delete or modify the VPN profile
+- The VPN LockDown profile uses forced tunnel connection
+- If the VPN connection isn't available, outbound network traffic is blocked
+- Only one VPN LockDown profile is allowed on a device
+
+> [!NOTE]
+> For built-in VPN, LockDown VPN is only available for the Internet Key Exchange version 2 (IKEv2) connection type.
+
+> [!CAUTION]
+> Be careful when deploying LockDown VPN, as the resultant connection won't be able to send or receive any network traffic without the VPN connection being established.
+
+## Related articles
+
+- [VPN technical guide](vpn-guide.md)
+- [VPN connection types](vpn-connection-type.md)
+- [VPN routing decisions](vpn-routing.md)
+- [VPN authentication options](vpn-authentication.md)
+- [VPN and conditional access](vpn-conditional-access.md)
+- [VPN name resolution](vpn-name-resolution.md)
+- [VPN auto-triggered profile options](vpn-auto-trigger-profile.md)
+- [VPN profile options](vpn-profile-options.md)
diff --git a/windows/security/operating-system-security/network-security/windows-firewall/TOC.yml b/windows/security/operating-system-security/network-security/windows-firewall/TOC.yml
new file mode 100644
index 0000000000..6057d602da
--- /dev/null
+++ b/windows/security/operating-system-security/network-security/windows-firewall/TOC.yml
@@ -0,0 +1,252 @@
+items:
+ - name: Overview
+ href: windows-firewall-with-advanced-security.md
+ - name: Plan deployment
+ items:
+ - name: Design guide
+ href: windows-firewall-with-advanced-security-design-guide.md
+ - name: Design process
+ href: understanding-the-windows-firewall-with-advanced-security-design-process.md
+ - name: Implementation goals
+ items:
+ - name: Identify implementation goals
+ href: identifying-your-windows-firewall-with-advanced-security-deployment-goals.md
+ - name: Protect devices from unwanted network traffic
+ href: protect-devices-from-unwanted-network-traffic.md
+ - name: Restrict access to only trusted devices
+ href: restrict-access-to-only-trusted-devices.md
+ - name: Require encryption
+ href: require-encryption-when-accessing-sensitive-network-resources.md
+ - name: Restrict access
+ href: restrict-access-to-only-specified-users-or-devices.md
+ - name: Implementation designs
+ items:
+ - name: Mapping goals to a design
+ href: mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design.md
+ - name: Basic firewall design
+ href: basic-firewall-policy-design.md
+ items:
+ - name: Basic firewall design example
+ href: firewall-policy-design-example.md
+ - name: Domain isolation design
+ href: domain-isolation-policy-design.md
+ items:
+ - name: Domain isolation design example
+ href: domain-isolation-policy-design-example.md
+ - name: Server isolation design
+ href: server-isolation-policy-design.md
+ items:
+ - name: Server Isolation design example
+ href: server-isolation-policy-design-example.md
+ - name: Certificate-based isolation design
+ href: certificate-based-isolation-policy-design.md
+ items:
+ - name: Certificate-based Isolation design example
+ href: certificate-based-isolation-policy-design-example.md
+ - name: Design planning
+ items:
+ - name: Planning your design
+ href: planning-your-windows-firewall-with-advanced-security-design.md
+ - name: Planning settings for a basic firewall policy
+ href: planning-settings-for-a-basic-firewall-policy.md
+ - name: Planning domain isolation zones
+ items:
+ - name: Domain isolation zones
+ href: planning-domain-isolation-zones.md
+ - name: Exemption list
+ href: exemption-list.md
+ - name: Isolated domain
+ href: isolated-domain.md
+ - name: Boundary zone
+ href: boundary-zone.md
+ - name: Encryption zone
+ href: encryption-zone.md
+ - name: Planning server isolation zones
+ href: planning-server-isolation-zones.md
+ - name: Planning certificate-based authentication
+ href: planning-certificate-based-authentication.md
+ items:
+ - name: Documenting the Zones
+ href: documenting-the-zones.md
+ - name: Planning group policy deployment for your isolation zones
+ href: planning-group-policy-deployment-for-your-isolation-zones.md
+ items:
+ - name: Planning isolation groups for the zones
+ href: planning-isolation-groups-for-the-zones.md
+ - name: Planning network access groups
+ href: planning-network-access-groups.md
+ - name: Planning the GPOs
+ href: planning-the-gpos.md
+ items:
+ - name: Firewall GPOs
+ href: firewall-gpos.md
+ items:
+ - name: GPO_DOMISO_Firewall
+ href: gpo-domiso-firewall.md
+ - name: Isolated domain GPOs
+ href: isolated-domain-gpos.md
+ items:
+ - name: GPO_DOMISO_IsolatedDomain_Clients
+ href: gpo-domiso-isolateddomain-clients.md
+ - name: GPO_DOMISO_IsolatedDomain_Servers
+ href: gpo-domiso-isolateddomain-servers.md
+ - name: Boundary zone GPOs
+ href: boundary-zone-gpos.md
+ items:
+ - name: GPO_DOMISO_Boundary
+ href: gpo-domiso-boundary.md
+ - name: Encryption zone GPOs
+ href: encryption-zone-gpos.md
+ items:
+ - name: GPO_DOMISO_Encryption
+ href: gpo-domiso-encryption.md
+ - name: Server isolation GPOs
+ href: server-isolation-gpos.md
+ - name: Planning GPO deployment
+ href: planning-gpo-deployment.md
+ - name: Planning to deploy
+ href: planning-to-deploy-windows-firewall-with-advanced-security.md
+ - name: Deployment guide
+ items:
+ - name: Deployment overview
+ href: windows-firewall-with-advanced-security-deployment-guide.md
+ - name: Implementing your plan
+ href: implementing-your-windows-firewall-with-advanced-security-design-plan.md
+ - name: Basic firewall deployment
+ items:
+ - name: "Checklist: Implementing a basic firewall policy design"
+ href: checklist-implementing-a-basic-firewall-policy-design.md
+ - name: Domain isolation deployment
+ items:
+ - name: "Checklist: Implementing a Domain Isolation Policy Design"
+ href: checklist-implementing-a-domain-isolation-policy-design.md
+ - name: Server isolation deployment
+ items:
+ - name: "Checklist: Implementing a Standalone Server Isolation Policy Design"
+ href: checklist-implementing-a-standalone-server-isolation-policy-design.md
+ - name: Certificate-based authentication
+ items:
+ - name: "Checklist: Implementing a Certificate-based Isolation Policy Design"
+ href: checklist-implementing-a-certificate-based-isolation-policy-design.md
+ - name: Best practices
+ items:
+ - name: Configuring the firewall
+ href: best-practices-configuring.md
+ - name: Securing IPsec
+ href: securing-end-to-end-ipsec-connections-by-using-ikev2.md
+ - name: PowerShell
+ href: windows-firewall-with-advanced-security-administration-with-windows-powershell.md
+ - name: Isolating Microsoft Store Apps on Your Network
+ href: isolating-apps-on-your-network.md
+ - name: How-to
+ items:
+ - name: Add Production devices to the membership group for a zone
+ href: add-production-devices-to-the-membership-group-for-a-zone.md
+ - name: Add test devices to the membership group for a zone
+ href: add-test-devices-to-the-membership-group-for-a-zone.md
+ - name: Assign security group filters to the GPO
+ href: assign-security-group-filters-to-the-gpo.md
+ - name: Change rules from request to require mode
+ href: Change-Rules-From-Request-To-Require-Mode.Md
+ - name: Configure authentication methods
+ href: Configure-authentication-methods.md
+ - name: Configure data protection (Quick Mode) settings
+ href: configure-data-protection-quick-mode-settings.md
+ - name: Configure Group Policy to autoenroll and deploy certificates
+ href: configure-group-policy-to-autoenroll-and-deploy-certificates.md
+ - name: Configure key exchange (main mode) settings
+ href: configure-key-exchange-main-mode-settings.md
+ - name: Configure the rules to require encryption
+ href: configure-the-rules-to-require-encryption.md
+ - name: Configure the Windows Firewall log
+ href: configure-the-windows-firewall-log.md
+ - name: Configure the workstation authentication certificate template
+ href: configure-the-workstation-authentication-certificate-template.md
+ - name: Configure Windows Firewall to suppress notifications when a program is blocked
+ href: configure-windows-firewall-to-suppress-notifications-when-a-program-is-blocked.md
+ - name: Confirm that certificates are deployed correctly
+ href: confirm-that-certificates-are-deployed-correctly.md
+ - name: Copy a GPO to create a new GPO
+ href: copy-a-gpo-to-create-a-new-gpo.md
+ - name: Create a Group Account in Active Directory
+ href: create-a-group-account-in-active-directory.md
+ - name: Create a Group Policy Object
+ href: create-a-group-policy-object.md
+ - name: Create an authentication exemption list rule
+ href: create-an-authentication-exemption-list-rule.md
+ - name: Create an authentication request rule
+ href: create-an-authentication-request-rule.md
+ - name: Create an inbound ICMP rule
+ href: create-an-inbound-icmp-rule.md
+ - name: Create an inbound port rule
+ href: create-an-inbound-port-rule.md
+ - name: Create an inbound program or service rule
+ href: create-an-inbound-program-or-service-rule.md
+ - name: Create an outbound port rule
+ href: create-an-outbound-port-rule.md
+ - name: Create an outbound program or service rule
+ href: create-an-outbound-program-or-service-rule.md
+ - name: Create inbound rules to support RPC
+ href: create-inbound-rules-to-support-rpc.md
+ - name: Create WMI filters for the GPO
+ href: create-wmi-filters-for-the-gpo.md
+ - name: Create Windows Firewall rules in Intune
+ href: create-windows-firewall-rules-in-intune.md
+ - name: Enable predefined inbound rules
+ href: enable-predefined-inbound-rules.md
+ - name: Enable predefined outbound rules
+ href: enable-predefined-outbound-rules.md
+ - name: Exempt ICMP from authentication
+ href: exempt-icmp-from-authentication.md
+ - name: Link the GPO to the domain
+ href: link-the-gpo-to-the-domain.md
+ - name: Modify GPO filters
+ href: modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md
+ - name: Open IP security policies
+ href: open-the-group-policy-management-console-to-ip-security-policies.md
+ - name: Open Group Policy
+ href: open-the-group-policy-management-console-to-windows-firewall.md
+ - name: Open Group Policy
+ href: open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md
+ - name: Open Windows Firewall
+ href: open-windows-firewall-with-advanced-security.md
+ - name: Restrict server access
+ href: restrict-server-access-to-members-of-a-group-only.md
+ - name: Enable Windows Firewall
+ href: turn-on-windows-firewall-and-configure-default-behavior.md
+ - name: Verify Network Traffic
+ href: verify-that-network-traffic-is-authenticated.md
+ - name: References
+ items:
+ - name: "Checklist: Creating Group Policy objects"
+ href: checklist-creating-group-policy-objects.md
+ - name: "Checklist: Creating inbound firewall rules"
+ href: checklist-creating-inbound-firewall-rules.md
+ - name: "Checklist: Creating outbound firewall rules"
+ href: checklist-creating-outbound-firewall-rules.md
+ - name: "Checklist: Configuring basic firewall settings"
+ href: checklist-configuring-basic-firewall-settings.md
+ - name: "Checklist: Configuring rules for the isolated domain"
+ href: checklist-configuring-rules-for-the-isolated-domain.md
+ - name: "Checklist: Configuring rules for the boundary zone"
+ href: checklist-configuring-rules-for-the-boundary-zone.md
+ - name: "Checklist: Configuring rules for the encryption zone"
+ href: checklist-configuring-rules-for-the-encryption-zone.md
+ - name: "Checklist: Configuring rules for an isolated server zone"
+ href: checklist-configuring-rules-for-an-isolated-server-zone.md
+ - name: "Checklist: Configuring rules for servers in a standalone isolated server zone"
+ href: checklist-configuring-rules-for-servers-in-a-standalone-isolated-server-zone.md
+ - name: "Checklist: Creating rules for clients of a standalone isolated server zone"
+ href: checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone.md
+ - name: "Appendix A: Sample GPO template files for settings used in this guide"
+ href: appendix-a-sample-gpo-template-files-for-settings-used-in-this-guide.md
+ - name: Troubleshooting
+ items:
+ - name: Troubleshooting UWP app connectivity issues in Windows Firewall
+ href: troubleshooting-uwp-firewall.md
+ - name: Filter origin audit log improvements
+ href: filter-origin-documentation.md
+ - name: Quarantine behavior
+ href: quarantine.md
+ - name: Firewall settings lost on upgrade
+ href: firewall-settings-lost-on-upgrade.md
\ No newline at end of file
diff --git a/windows/security/threat-protection/windows-firewall/add-production-devices-to-the-membership-group-for-a-zone.md b/windows/security/operating-system-security/network-security/windows-firewall/add-production-devices-to-the-membership-group-for-a-zone.md
similarity index 91%
rename from windows/security/threat-protection/windows-firewall/add-production-devices-to-the-membership-group-for-a-zone.md
rename to windows/security/operating-system-security/network-security/windows-firewall/add-production-devices-to-the-membership-group-for-a-zone.md
index 25276608c2..ffdc421b72 100644
--- a/windows/security/threat-protection/windows-firewall/add-production-devices-to-the-membership-group-for-a-zone.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/add-production-devices-to-the-membership-group-for-a-zone.md
@@ -1,12 +1,9 @@
---
-title: Add Production Devices to the Membership Group for a Zone (Windows)
+title: Add Production Devices to the Membership Group for a Zone
description: Learn how to add production devices to the membership group for a zone and refresh the group policy on the devices in the membership group.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Add Production Devices to the Membership Group for a Zone
diff --git a/windows/security/threat-protection/windows-firewall/add-test-devices-to-the-membership-group-for-a-zone.md b/windows/security/operating-system-security/network-security/windows-firewall/add-test-devices-to-the-membership-group-for-a-zone.md
similarity index 88%
rename from windows/security/threat-protection/windows-firewall/add-test-devices-to-the-membership-group-for-a-zone.md
rename to windows/security/operating-system-security/network-security/windows-firewall/add-test-devices-to-the-membership-group-for-a-zone.md
index 632879c8fa..db692b1afa 100644
--- a/windows/security/threat-protection/windows-firewall/add-test-devices-to-the-membership-group-for-a-zone.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/add-test-devices-to-the-membership-group-for-a-zone.md
@@ -1,12 +1,9 @@
---
-title: Add Test Devices to the Membership Group for a Zone (Windows)
+title: Add Test Devices to the Membership Group for a Zone
description: Learn how to add devices to the group for a zone to test whether your Windows Defender Firewall with Advanced Security implementation works as expected.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Add Test Devices to the Membership Group for a Zone
diff --git a/windows/security/threat-protection/windows-firewall/appendix-a-sample-gpo-template-files-for-settings-used-in-this-guide.md b/windows/security/operating-system-security/network-security/windows-firewall/appendix-a-sample-gpo-template-files-for-settings-used-in-this-guide.md
similarity index 92%
rename from windows/security/threat-protection/windows-firewall/appendix-a-sample-gpo-template-files-for-settings-used-in-this-guide.md
rename to windows/security/operating-system-security/network-security/windows-firewall/appendix-a-sample-gpo-template-files-for-settings-used-in-this-guide.md
index 1d83bb85fd..09b4dfb941 100644
--- a/windows/security/threat-protection/windows-firewall/appendix-a-sample-gpo-template-files-for-settings-used-in-this-guide.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/appendix-a-sample-gpo-template-files-for-settings-used-in-this-guide.md
@@ -1,12 +1,9 @@
---
-title: Appendix A Sample GPO Template Files for Settings Used in this Guide (Windows)
+title: Appendix A Sample GPO Template Files for Settings Used in this Guide
description: Use sample template files import an XML file containing customized registry preferences into a Group Policy Object (GPO).
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Appendix A: Sample GPO Template Files for Settings Used in this Guide
diff --git a/windows/security/threat-protection/windows-firewall/assign-security-group-filters-to-the-gpo.md b/windows/security/operating-system-security/network-security/windows-firewall/assign-security-group-filters-to-the-gpo.md
similarity index 91%
rename from windows/security/threat-protection/windows-firewall/assign-security-group-filters-to-the-gpo.md
rename to windows/security/operating-system-security/network-security/windows-firewall/assign-security-group-filters-to-the-gpo.md
index c7559e5687..ece353e83c 100644
--- a/windows/security/threat-protection/windows-firewall/assign-security-group-filters-to-the-gpo.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/assign-security-group-filters-to-the-gpo.md
@@ -1,5 +1,5 @@
---
-title: Assign Security Group Filters to the GPO (Windows)
+title: Assign Security Group Filters to the GPO
description: Learn how to use Group Policy Management MMC to assign security group filters to a GPO to make sure that the GPO is applied to the correct computers.
ms.prod: windows-client
ms.collection:
@@ -7,9 +7,6 @@ ms.collection:
- tier3
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Assign Security Group Filters to the GPO
diff --git a/windows/security/threat-protection/windows-firewall/basic-firewall-policy-design.md b/windows/security/operating-system-security/network-security/windows-firewall/basic-firewall-policy-design.md
similarity index 94%
rename from windows/security/threat-protection/windows-firewall/basic-firewall-policy-design.md
rename to windows/security/operating-system-security/network-security/windows-firewall/basic-firewall-policy-design.md
index 5c6763d795..5733a89690 100644
--- a/windows/security/threat-protection/windows-firewall/basic-firewall-policy-design.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/basic-firewall-policy-design.md
@@ -1,11 +1,8 @@
---
-title: Basic Firewall Policy Design (Windows)
+title: Basic Firewall Policy Design
description: Protect the devices in your organization from unwanted network traffic that gets through the perimeter defenses by using basic firewall policy design.
ms.prod: windows-client
ms.topic: conceptual
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
ms.date: 12/31/2017
---
diff --git a/windows/security/threat-protection/windows-firewall/best-practices-configuring.md b/windows/security/operating-system-security/network-security/windows-firewall/best-practices-configuring.md
similarity index 97%
rename from windows/security/threat-protection/windows-firewall/best-practices-configuring.md
rename to windows/security/operating-system-security/network-security/windows-firewall/best-practices-configuring.md
index e090a1ea53..1214df4042 100644
--- a/windows/security/threat-protection/windows-firewall/best-practices-configuring.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/best-practices-configuring.md
@@ -7,9 +7,6 @@ ms.collection:
- highpri
- tier3
ms.topic: article
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Best practices for configuring Windows Defender Firewall
diff --git a/windows/security/threat-protection/windows-firewall/boundary-zone-gpos.md b/windows/security/operating-system-security/network-security/windows-firewall/boundary-zone-gpos.md
similarity index 85%
rename from windows/security/threat-protection/windows-firewall/boundary-zone-gpos.md
rename to windows/security/operating-system-security/network-security/windows-firewall/boundary-zone-gpos.md
index fc07a5e4d8..16684e9cbd 100644
--- a/windows/security/threat-protection/windows-firewall/boundary-zone-gpos.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/boundary-zone-gpos.md
@@ -1,12 +1,9 @@
---
-title: Boundary Zone GPOs (Windows)
+title: Boundary Zone GPOs
description: Learn about GPOs to create that must align with the group you create for the boundary zone in Windows Defender Firewall with Advanced Security.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Boundary Zone GPOs
diff --git a/windows/security/threat-protection/windows-firewall/boundary-zone.md b/windows/security/operating-system-security/network-security/windows-firewall/boundary-zone.md
similarity index 94%
rename from windows/security/threat-protection/windows-firewall/boundary-zone.md
rename to windows/security/operating-system-security/network-security/windows-firewall/boundary-zone.md
index 4d101a8462..36a61d385c 100644
--- a/windows/security/threat-protection/windows-firewall/boundary-zone.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/boundary-zone.md
@@ -1,12 +1,9 @@
---
-title: Boundary Zone (Windows)
+title: Boundary Zone
description: Learn how a boundary zone supports devices that must receive traffic from beyond an isolated domain in Windows Defender Firewall with Advanced Security.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Boundary Zone
diff --git a/windows/security/threat-protection/windows-firewall/certificate-based-isolation-policy-design-example.md b/windows/security/operating-system-security/network-security/windows-firewall/certificate-based-isolation-policy-design-example.md
similarity index 93%
rename from windows/security/threat-protection/windows-firewall/certificate-based-isolation-policy-design-example.md
rename to windows/security/operating-system-security/network-security/windows-firewall/certificate-based-isolation-policy-design-example.md
index cdcbe5df44..64cb140f2e 100644
--- a/windows/security/threat-protection/windows-firewall/certificate-based-isolation-policy-design-example.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/certificate-based-isolation-policy-design-example.md
@@ -1,12 +1,9 @@
---
-title: Certificate-based Isolation Policy Design Example (Windows)
+title: Certificate-based Isolation Policy Design Example
description: This example uses a fictitious company to illustrate certificate-based isolation policy design in Windows Defender Firewall with Advanced Security.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Certificate-based Isolation Policy Design Example
diff --git a/windows/security/threat-protection/windows-firewall/certificate-based-isolation-policy-design.md b/windows/security/operating-system-security/network-security/windows-firewall/certificate-based-isolation-policy-design.md
similarity index 90%
rename from windows/security/threat-protection/windows-firewall/certificate-based-isolation-policy-design.md
rename to windows/security/operating-system-security/network-security/windows-firewall/certificate-based-isolation-policy-design.md
index 8d72f5d261..1af80586c7 100644
--- a/windows/security/threat-protection/windows-firewall/certificate-based-isolation-policy-design.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/certificate-based-isolation-policy-design.md
@@ -1,12 +1,9 @@
---
-title: Certificate-based Isolation Policy Design (Windows)
+title: Certificate-based Isolation Policy Design
description: Explore the methodology behind Certificate-based Isolation Policy Design and how it defers from Domain Isolation and Server Isolation Policy Design.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Certificate-based isolation policy design
diff --git a/windows/security/threat-protection/windows-firewall/change-rules-from-request-to-require-mode.md b/windows/security/operating-system-security/network-security/windows-firewall/change-rules-from-request-to-require-mode.md
similarity index 86%
rename from windows/security/threat-protection/windows-firewall/change-rules-from-request-to-require-mode.md
rename to windows/security/operating-system-security/network-security/windows-firewall/change-rules-from-request-to-require-mode.md
index 0fe1d36358..12465d4121 100644
--- a/windows/security/threat-protection/windows-firewall/change-rules-from-request-to-require-mode.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/change-rules-from-request-to-require-mode.md
@@ -1,12 +1,9 @@
---
-title: Change Rules from Request to Require Mode (Windows)
+title: Change Rules from Request to Require Mode
description: Learn how to convert a rule from request to require mode and apply the modified GPOs to the client devices.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Change Rules from Request to Require Mode
diff --git a/windows/security/threat-protection/windows-firewall/checklist-configuring-basic-firewall-settings.md b/windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-basic-firewall-settings.md
similarity index 77%
rename from windows/security/threat-protection/windows-firewall/checklist-configuring-basic-firewall-settings.md
rename to windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-basic-firewall-settings.md
index b7488176fa..4fb018d543 100644
--- a/windows/security/threat-protection/windows-firewall/checklist-configuring-basic-firewall-settings.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-basic-firewall-settings.md
@@ -1,12 +1,9 @@
---
-title: Checklist Configuring Basic Firewall Settings (Windows)
+title: Checklist Configuring Basic Firewall Settings
description: Configure Windows Firewall to set inbound and outbound behavior, display notifications, record log files and more of the necessary function for Firewall.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Checklist: Configuring Basic Firewall Settings
diff --git a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-an-isolated-server-zone.md b/windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-an-isolated-server-zone.md
similarity index 93%
rename from windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-an-isolated-server-zone.md
rename to windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-an-isolated-server-zone.md
index a10f355d7a..bc3c7307e6 100644
--- a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-an-isolated-server-zone.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-an-isolated-server-zone.md
@@ -1,12 +1,9 @@
---
-title: Checklist Configuring Rules for an Isolated Server Zone (Windows)
+title: Checklist Configuring Rules for an Isolated Server Zone
description: Use these tasks to configure connection security rules and IPsec settings in GPOs for servers in an isolated server zone that are part of an isolated domain.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Checklist: Configuring Rules for an Isolated Server Zone
diff --git a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-servers-in-a-standalone-isolated-server-zone.md b/windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-servers-in-a-standalone-isolated-server-zone.md
similarity index 93%
rename from windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-servers-in-a-standalone-isolated-server-zone.md
rename to windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-servers-in-a-standalone-isolated-server-zone.md
index ad3c072c15..3157528b1b 100644
--- a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-servers-in-a-standalone-isolated-server-zone.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-servers-in-a-standalone-isolated-server-zone.md
@@ -1,12 +1,9 @@
---
-title: Checklist Configuring Rules for Servers in a Standalone Isolated Server Zone (Windows)
+title: Checklist Configuring Rules for Servers in a Standalone Isolated Server Zone
description: Checklist Configuring Rules for Servers in a Standalone Isolated Server Zone
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Checklist: Configuring Rules for Servers in a Standalone Isolated Server Zone
diff --git a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-boundary-zone.md b/windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-the-boundary-zone.md
similarity index 86%
rename from windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-boundary-zone.md
rename to windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-the-boundary-zone.md
index e0f4a4d830..e25ea92a07 100644
--- a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-boundary-zone.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-the-boundary-zone.md
@@ -1,12 +1,9 @@
---
-title: Checklist Configuring Rules for the Boundary Zone (Windows)
+title: Checklist Configuring Rules for the Boundary Zone
description: Use these tasks to configure connection security rules and IPsec settings in your GPOs to implement the boundary zone in an isolated domain.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Checklist: Configuring Rules for the Boundary Zone
diff --git a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-encryption-zone.md b/windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-the-encryption-zone.md
similarity index 86%
rename from windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-encryption-zone.md
rename to windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-the-encryption-zone.md
index e026d05ea7..50823a255b 100644
--- a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-encryption-zone.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-the-encryption-zone.md
@@ -1,12 +1,9 @@
---
-title: Checklist Configuring Rules for the Encryption Zone (Windows)
+title: Checklist Configuring Rules for the Encryption Zone
description: Use these tasks to configure connection security rules and IPsec settings in your GPOs to implement the encryption zone in an isolated domain.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Checklist: Configuring Rules for the Encryption Zone
diff --git a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-isolated-domain.md b/windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-the-isolated-domain.md
similarity index 89%
rename from windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-isolated-domain.md
rename to windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-the-isolated-domain.md
index 553a621f37..6b3a358d07 100644
--- a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-isolated-domain.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-the-isolated-domain.md
@@ -1,12 +1,9 @@
---
-title: Checklist Configuring Rules for the Isolated Domain (Windows)
+title: Checklist Configuring Rules for the Isolated Domain
description: Use these tasks to configure connection security rules and IPsec settings in your GPOs to implement the main zone in the isolated domain.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Checklist: Configuring Rules for the Isolated Domain
diff --git a/windows/security/threat-protection/windows-firewall/checklist-creating-group-policy-objects.md b/windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-group-policy-objects.md
similarity index 93%
rename from windows/security/threat-protection/windows-firewall/checklist-creating-group-policy-objects.md
rename to windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-group-policy-objects.md
index 2db03bf2b4..82e9ed2a65 100644
--- a/windows/security/threat-protection/windows-firewall/checklist-creating-group-policy-objects.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-group-policy-objects.md
@@ -1,12 +1,9 @@
---
-title: Checklist Creating Group Policy Objects (Windows)
+title: Checklist Creating Group Policy Objects
description: Learn to deploy firewall settings, IPsec settings, firewall rules, or connection security rules, by using Group Policy in AD DS.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Checklist: Creating Group Policy Objects
diff --git a/windows/security/threat-protection/windows-firewall/checklist-creating-inbound-firewall-rules.md b/windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-inbound-firewall-rules.md
similarity index 78%
rename from windows/security/threat-protection/windows-firewall/checklist-creating-inbound-firewall-rules.md
rename to windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-inbound-firewall-rules.md
index 2358c7d807..38fdcd2fc4 100644
--- a/windows/security/threat-protection/windows-firewall/checklist-creating-inbound-firewall-rules.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-inbound-firewall-rules.md
@@ -1,12 +1,9 @@
---
-title: Checklist Creating Inbound Firewall Rules (Windows)
+title: Checklist Creating Inbound Firewall Rules
description: Use these tasks for creating inbound firewall rules in your GPOs for Windows Defender Firewall with Advanced Security.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Checklist: Creating Inbound Firewall Rules
diff --git a/windows/security/threat-protection/windows-firewall/checklist-creating-outbound-firewall-rules.md b/windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-outbound-firewall-rules.md
similarity index 82%
rename from windows/security/threat-protection/windows-firewall/checklist-creating-outbound-firewall-rules.md
rename to windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-outbound-firewall-rules.md
index e7f1a2a9ce..88c2eccca0 100644
--- a/windows/security/threat-protection/windows-firewall/checklist-creating-outbound-firewall-rules.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-outbound-firewall-rules.md
@@ -1,12 +1,9 @@
---
-title: Checklist Creating Outbound Firewall Rules (Windows)
+title: Checklist Creating Outbound Firewall Rules
description: Use these tasks for creating outbound firewall rules in your GPOs for Windows Defender Firewall with Advanced Security.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Checklist: Creating Outbound Firewall Rules
diff --git a/windows/security/threat-protection/windows-firewall/checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone.md b/windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone.md
similarity index 90%
rename from windows/security/threat-protection/windows-firewall/checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone.md
rename to windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone.md
index 1a5e7d2ae6..ebd45a7ede 100644
--- a/windows/security/threat-protection/windows-firewall/checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone.md
@@ -1,12 +1,9 @@
---
-title: Create Rules for Standalone Isolated Server Zone Clients (Windows)
+title: Create Rules for Standalone Isolated Server Zone Clients
description: Checklist for when creating rules for clients of a Standalone Isolated Server Zone
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Checklist: Creating Rules for Clients of a Standalone Isolated Server Zone
diff --git a/windows/security/threat-protection/windows-firewall/checklist-implementing-a-basic-firewall-policy-design.md b/windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-basic-firewall-policy-design.md
similarity index 91%
rename from windows/security/threat-protection/windows-firewall/checklist-implementing-a-basic-firewall-policy-design.md
rename to windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-basic-firewall-policy-design.md
index 4a7816bc4d..7432f4448f 100644
--- a/windows/security/threat-protection/windows-firewall/checklist-implementing-a-basic-firewall-policy-design.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-basic-firewall-policy-design.md
@@ -1,12 +1,9 @@
---
-title: Checklist Implementing a Basic Firewall Policy Design (Windows)
+title: Checklist Implementing a Basic Firewall Policy Design
description: Follow this parent checklist for implementing a basic firewall policy design to ensure successful implementation.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Checklist: Implementing a Basic Firewall Policy Design
diff --git a/windows/security/threat-protection/windows-firewall/checklist-implementing-a-certificate-based-isolation-policy-design.md b/windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-certificate-based-isolation-policy-design.md
similarity index 88%
rename from windows/security/threat-protection/windows-firewall/checklist-implementing-a-certificate-based-isolation-policy-design.md
rename to windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-certificate-based-isolation-policy-design.md
index 75e334503f..a0fabcc4f5 100644
--- a/windows/security/threat-protection/windows-firewall/checklist-implementing-a-certificate-based-isolation-policy-design.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-certificate-based-isolation-policy-design.md
@@ -1,12 +1,9 @@
---
-title: Checklist Implementing a Certificate-based Isolation Policy Design (Windows)
+title: Checklist Implementing a Certificate-based Isolation Policy Design
description: Use these references to learn about using certificates as an authentication option and configure a certificate-based isolation policy design.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Checklist: Implementing a Certificate-based Isolation Policy Design
diff --git a/windows/security/threat-protection/windows-firewall/checklist-implementing-a-domain-isolation-policy-design.md b/windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-domain-isolation-policy-design.md
similarity index 89%
rename from windows/security/threat-protection/windows-firewall/checklist-implementing-a-domain-isolation-policy-design.md
rename to windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-domain-isolation-policy-design.md
index 922dc06a9f..dfd0e45e2c 100644
--- a/windows/security/threat-protection/windows-firewall/checklist-implementing-a-domain-isolation-policy-design.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-domain-isolation-policy-design.md
@@ -1,12 +1,9 @@
---
-title: Checklist Implementing a Domain Isolation Policy Design (Windows)
+title: Checklist Implementing a Domain Isolation Policy Design
description: Use these references to learn about the domain isolation policy design and links to other checklists to complete tasks require to implement this design.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Checklist: Implementing a Domain Isolation Policy Design
diff --git a/windows/security/threat-protection/windows-firewall/checklist-implementing-a-standalone-server-isolation-policy-design.md b/windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-standalone-server-isolation-policy-design.md
similarity index 90%
rename from windows/security/threat-protection/windows-firewall/checklist-implementing-a-standalone-server-isolation-policy-design.md
rename to windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-standalone-server-isolation-policy-design.md
index e283e43a55..f015a7e0c1 100644
--- a/windows/security/threat-protection/windows-firewall/checklist-implementing-a-standalone-server-isolation-policy-design.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-standalone-server-isolation-policy-design.md
@@ -1,12 +1,9 @@
---
-title: Checklist Implementing a Standalone Server Isolation Policy Design (Windows)
+title: Checklist Implementing a Standalone Server Isolation Policy Design
description: Use these tasks to create a server isolation policy design that isn't part of an isolated domain. See references to concepts and links to other checklists.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Checklist: Implementing a Standalone Server Isolation Policy Design
diff --git a/windows/security/threat-protection/windows-firewall/configure-authentication-methods.md b/windows/security/operating-system-security/network-security/windows-firewall/configure-authentication-methods.md
similarity index 93%
rename from windows/security/threat-protection/windows-firewall/configure-authentication-methods.md
rename to windows/security/operating-system-security/network-security/windows-firewall/configure-authentication-methods.md
index 5dd682de3c..96a9db2d70 100644
--- a/windows/security/threat-protection/windows-firewall/configure-authentication-methods.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/configure-authentication-methods.md
@@ -1,12 +1,9 @@
---
-title: Configure Authentication Methods (Windows)
+title: Configure Authentication Methods
description: Learn how to configure authentication methods for devices in an isolated domain or standalone server zone in Windows Defender Firewall with Advanced Security.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Configure Authentication Methods
diff --git a/windows/security/threat-protection/windows-firewall/configure-data-protection-quick-mode-settings.md b/windows/security/operating-system-security/network-security/windows-firewall/configure-data-protection-quick-mode-settings.md
similarity index 93%
rename from windows/security/threat-protection/windows-firewall/configure-data-protection-quick-mode-settings.md
rename to windows/security/operating-system-security/network-security/windows-firewall/configure-data-protection-quick-mode-settings.md
index b9b04feed8..a8f2bc0f33 100644
--- a/windows/security/threat-protection/windows-firewall/configure-data-protection-quick-mode-settings.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/configure-data-protection-quick-mode-settings.md
@@ -1,12 +1,9 @@
---
-title: Configure Data Protection (Quick Mode) Settings (Windows)
+title: Configure Data Protection (Quick Mode) Settings
description: Learn how to configure the data protection settings for connection security rules in an isolated domain or a standalone isolated server zone.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Configure Data Protection (Quick Mode) Settings
diff --git a/windows/security/threat-protection/windows-firewall/configure-group-policy-to-autoenroll-and-deploy-certificates.md b/windows/security/operating-system-security/network-security/windows-firewall/configure-group-policy-to-autoenroll-and-deploy-certificates.md
similarity index 84%
rename from windows/security/threat-protection/windows-firewall/configure-group-policy-to-autoenroll-and-deploy-certificates.md
rename to windows/security/operating-system-security/network-security/windows-firewall/configure-group-policy-to-autoenroll-and-deploy-certificates.md
index 365f1423db..f049b2e663 100644
--- a/windows/security/threat-protection/windows-firewall/configure-group-policy-to-autoenroll-and-deploy-certificates.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/configure-group-policy-to-autoenroll-and-deploy-certificates.md
@@ -1,12 +1,9 @@
---
-title: Configure Group Policy to Autoenroll and Deploy Certificates (Windows)
+title: Configure Group Policy to Autoenroll and Deploy Certificates
description: Learn how to configure Group Policy to automatically enroll client computer certificates and deploy them to the workstations on your network.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Configure Group Policy to Autoenroll and Deploy Certificates
diff --git a/windows/security/threat-protection/windows-firewall/configure-key-exchange-main-mode-settings.md b/windows/security/operating-system-security/network-security/windows-firewall/configure-key-exchange-main-mode-settings.md
similarity index 91%
rename from windows/security/threat-protection/windows-firewall/configure-key-exchange-main-mode-settings.md
rename to windows/security/operating-system-security/network-security/windows-firewall/configure-key-exchange-main-mode-settings.md
index 83ef251330..02ffc24817 100644
--- a/windows/security/threat-protection/windows-firewall/configure-key-exchange-main-mode-settings.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/configure-key-exchange-main-mode-settings.md
@@ -1,12 +1,9 @@
---
-title: Configure Key Exchange (Main Mode) Settings (Windows)
+title: Configure Key Exchange (Main Mode) Settings
description: Learn how to configure the main mode key exchange settings used to secure the IPsec authentication traffic in Windows Defender Firewall with Advanced Security.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Configure Key Exchange (Main Mode) Settings
diff --git a/windows/security/threat-protection/windows-firewall/configure-the-rules-to-require-encryption.md b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-rules-to-require-encryption.md
similarity index 90%
rename from windows/security/threat-protection/windows-firewall/configure-the-rules-to-require-encryption.md
rename to windows/security/operating-system-security/network-security/windows-firewall/configure-the-rules-to-require-encryption.md
index 1bb9ff6c3c..ce9b0f15ce 100644
--- a/windows/security/threat-protection/windows-firewall/configure-the-rules-to-require-encryption.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-rules-to-require-encryption.md
@@ -1,12 +1,9 @@
---
-title: Configure the Rules to Require Encryption (Windows)
+title: Configure the Rules to Require Encryption
description: Learn how to configure rules to add encryption algorithms and delete the algorithm combinations that don't use encryption for zones that require encryption.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Configure the Rules to Require Encryption
diff --git a/windows/security/threat-protection/windows-firewall/configure-the-windows-firewall-log.md b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
similarity index 88%
rename from windows/security/threat-protection/windows-firewall/configure-the-windows-firewall-log.md
rename to windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
index 74f57aec8b..2912122082 100644
--- a/windows/security/threat-protection/windows-firewall/configure-the-windows-firewall-log.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
@@ -1,12 +1,9 @@
---
-title: Configure the Windows Defender Firewall Log (Windows)
+title: Configure the Windows Defender Firewall Log
description: Learn how to configure Windows Defender Firewall with Advanced Security to log dropped packets or successful connections by using Group Policy Management MMC.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Configure the Windows Defender Firewall with Advanced Security Log
diff --git a/windows/security/threat-protection/windows-firewall/configure-the-workstation-authentication-certificate-template.md b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-workstation-authentication-certificate-template.md
similarity index 88%
rename from windows/security/threat-protection/windows-firewall/configure-the-workstation-authentication-certificate-template.md
rename to windows/security/operating-system-security/network-security/windows-firewall/configure-the-workstation-authentication-certificate-template.md
index c10e472cbc..fe9d417849 100644
--- a/windows/security/threat-protection/windows-firewall/configure-the-workstation-authentication-certificate-template.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-workstation-authentication-certificate-template.md
@@ -1,11 +1,8 @@
---
-title: Configure the Workstation Authentication Template (Windows)
+title: Configure the Workstation Authentication Template
description: Learn how to configure a workstation authentication certificate template, which is used for device certificates that are enrolled and deployed to workstations.
ms.prod: windows-client
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
ms.topic: conceptual
---
diff --git a/windows/security/threat-protection/windows-firewall/configure-windows-firewall-to-suppress-notifications-when-a-program-is-blocked.md b/windows/security/operating-system-security/network-security/windows-firewall/configure-windows-firewall-to-suppress-notifications-when-a-program-is-blocked.md
similarity index 87%
rename from windows/security/threat-protection/windows-firewall/configure-windows-firewall-to-suppress-notifications-when-a-program-is-blocked.md
rename to windows/security/operating-system-security/network-security/windows-firewall/configure-windows-firewall-to-suppress-notifications-when-a-program-is-blocked.md
index de731f58a0..fe75296fec 100644
--- a/windows/security/threat-protection/windows-firewall/configure-windows-firewall-to-suppress-notifications-when-a-program-is-blocked.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/configure-windows-firewall-to-suppress-notifications-when-a-program-is-blocked.md
@@ -1,12 +1,9 @@
---
-title: Configure Windows Defender Firewall with Advanced Security to Suppress Notifications When a Program is Blocked (Windows)
+title: Configure Windows Defender Firewall with Advanced Security to Suppress Notifications When a Program is Blocked
description: Configure Windows Defender Firewall with Advanced Security to suppress notifications when a program is Blocked
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Configure Windows Defender Firewall with Advanced Security to Suppress Notifications When a Program Is Blocked
diff --git a/windows/security/threat-protection/windows-firewall/confirm-that-certificates-are-deployed-correctly.md b/windows/security/operating-system-security/network-security/windows-firewall/confirm-that-certificates-are-deployed-correctly.md
similarity index 79%
rename from windows/security/threat-protection/windows-firewall/confirm-that-certificates-are-deployed-correctly.md
rename to windows/security/operating-system-security/network-security/windows-firewall/confirm-that-certificates-are-deployed-correctly.md
index 54b9527285..dcca043129 100644
--- a/windows/security/threat-protection/windows-firewall/confirm-that-certificates-are-deployed-correctly.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/confirm-that-certificates-are-deployed-correctly.md
@@ -1,12 +1,9 @@
---
-title: Confirm That Certificates Are Deployed Correctly (Windows)
+title: Confirm That Certificates Are Deployed Correctly
description: Learn how to confirm that a Group Policy is being applied as expected and that the certificates are being properly installed on the workstations.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 01/24/2023
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Confirm That Certificates Are Deployed Correctly
diff --git a/windows/security/threat-protection/windows-firewall/copy-a-gpo-to-create-a-new-gpo.md b/windows/security/operating-system-security/network-security/windows-firewall/copy-a-gpo-to-create-a-new-gpo.md
similarity index 87%
rename from windows/security/threat-protection/windows-firewall/copy-a-gpo-to-create-a-new-gpo.md
rename to windows/security/operating-system-security/network-security/windows-firewall/copy-a-gpo-to-create-a-new-gpo.md
index 7a95770682..2493780e6b 100644
--- a/windows/security/threat-protection/windows-firewall/copy-a-gpo-to-create-a-new-gpo.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/copy-a-gpo-to-create-a-new-gpo.md
@@ -1,12 +1,9 @@
---
-title: Copy a GPO to Create a New GPO (Windows)
+title: Copy a GPO to Create a New GPO
description: Learn how to make a copy of a GPO by using the Active Directory Users and devices MMC snap-in to create a GPO for boundary zone devices.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Copy a GPO to Create a New GPO
diff --git a/windows/security/threat-protection/windows-firewall/create-a-group-account-in-active-directory.md b/windows/security/operating-system-security/network-security/windows-firewall/create-a-group-account-in-active-directory.md
similarity index 82%
rename from windows/security/threat-protection/windows-firewall/create-a-group-account-in-active-directory.md
rename to windows/security/operating-system-security/network-security/windows-firewall/create-a-group-account-in-active-directory.md
index 6fd5ce3ffc..e323d44596 100644
--- a/windows/security/threat-protection/windows-firewall/create-a-group-account-in-active-directory.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/create-a-group-account-in-active-directory.md
@@ -1,12 +1,9 @@
---
-title: Create a Group Account in Active Directory (Windows)
+title: Create a Group Account in Active Directory
description: Learn how to create a security group for the computers that are to receive Group Policy settings by using the Active Directory Users and Computers console.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Create a Group Account in Active Directory
diff --git a/windows/security/threat-protection/windows-firewall/create-a-group-policy-object.md b/windows/security/operating-system-security/network-security/windows-firewall/create-a-group-policy-object.md
similarity index 80%
rename from windows/security/threat-protection/windows-firewall/create-a-group-policy-object.md
rename to windows/security/operating-system-security/network-security/windows-firewall/create-a-group-policy-object.md
index 2eef741da8..f5c4d18144 100644
--- a/windows/security/threat-protection/windows-firewall/create-a-group-policy-object.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/create-a-group-policy-object.md
@@ -1,5 +1,5 @@
---
-title: Create a Group Policy Object (Windows)
+title: Create a Group Policy Object
description: Learn how to use the Active Directory Users and Computers MMC snap-in to create a GPO. You must be a member of the Domain Administrators group.
ms.prod: windows-client
ms.collection:
@@ -7,9 +7,6 @@ ms.collection:
- tier3
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Create a Group Policy Object
diff --git a/windows/security/threat-protection/windows-firewall/create-an-authentication-exemption-list-rule.md b/windows/security/operating-system-security/network-security/windows-firewall/create-an-authentication-exemption-list-rule.md
similarity index 91%
rename from windows/security/threat-protection/windows-firewall/create-an-authentication-exemption-list-rule.md
rename to windows/security/operating-system-security/network-security/windows-firewall/create-an-authentication-exemption-list-rule.md
index 8c9b8675b6..76f020233e 100644
--- a/windows/security/threat-protection/windows-firewall/create-an-authentication-exemption-list-rule.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/create-an-authentication-exemption-list-rule.md
@@ -1,12 +1,9 @@
---
-title: Create an Authentication Exemption List Rule (Windows)
+title: Create an Authentication Exemption List Rule
description: Learn how to create rules that exempt devices that cannot communicate by using IPSec from the authentication requirements of your isolation policies.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Create an Authentication Exemption List Rule
diff --git a/windows/security/threat-protection/windows-firewall/create-an-authentication-request-rule.md b/windows/security/operating-system-security/network-security/windows-firewall/create-an-authentication-request-rule.md
similarity index 94%
rename from windows/security/threat-protection/windows-firewall/create-an-authentication-request-rule.md
rename to windows/security/operating-system-security/network-security/windows-firewall/create-an-authentication-request-rule.md
index a32b7432ef..488578107f 100644
--- a/windows/security/threat-protection/windows-firewall/create-an-authentication-request-rule.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/create-an-authentication-request-rule.md
@@ -1,12 +1,9 @@
---
-title: Create an Authentication Request Rule (Windows)
+title: Create an Authentication Request Rule
description: Create a new rule for Windows Defender Firewall with Advanced Security so devices on the network use IPsec protocols and methods before they can communicate.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Create an Authentication Request Rule
diff --git a/windows/security/threat-protection/windows-firewall/create-an-inbound-icmp-rule.md b/windows/security/operating-system-security/network-security/windows-firewall/create-an-inbound-icmp-rule.md
similarity index 89%
rename from windows/security/threat-protection/windows-firewall/create-an-inbound-icmp-rule.md
rename to windows/security/operating-system-security/network-security/windows-firewall/create-an-inbound-icmp-rule.md
index 058c8148ed..b62a240cdb 100644
--- a/windows/security/threat-protection/windows-firewall/create-an-inbound-icmp-rule.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/create-an-inbound-icmp-rule.md
@@ -1,12 +1,9 @@
---
-title: Create an Inbound ICMP Rule (Windows)
+title: Create an Inbound ICMP Rule
description: Learn how to allow inbound ICMP traffic by using the Group Policy Management MMC snap-in to create rules in Windows Defender Firewall with Advanced Security.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Create an Inbound ICMP Rule
diff --git a/windows/security/threat-protection/windows-firewall/create-an-inbound-port-rule.md b/windows/security/operating-system-security/network-security/windows-firewall/create-an-inbound-port-rule.md
similarity index 92%
rename from windows/security/threat-protection/windows-firewall/create-an-inbound-port-rule.md
rename to windows/security/operating-system-security/network-security/windows-firewall/create-an-inbound-port-rule.md
index fbbf4a06b1..7ccafddaa2 100644
--- a/windows/security/threat-protection/windows-firewall/create-an-inbound-port-rule.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/create-an-inbound-port-rule.md
@@ -1,5 +1,5 @@
---
-title: Create an Inbound Port Rule (Windows)
+title: Create an Inbound Port Rule
description: Learn to allow traffic on specific ports by using the Group Policy Management MMC snap-in to create rules in Windows Defender Firewall with Advanced Security.
ms.prod: windows-client
ms.collection:
@@ -7,9 +7,6 @@ ms.collection:
- tier3
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Create an Inbound Port Rule
diff --git a/windows/security/threat-protection/windows-firewall/create-an-inbound-program-or-service-rule.md b/windows/security/operating-system-security/network-security/windows-firewall/create-an-inbound-program-or-service-rule.md
similarity index 93%
rename from windows/security/threat-protection/windows-firewall/create-an-inbound-program-or-service-rule.md
rename to windows/security/operating-system-security/network-security/windows-firewall/create-an-inbound-program-or-service-rule.md
index d477bd3dec..0e3d5bd0c6 100644
--- a/windows/security/threat-protection/windows-firewall/create-an-inbound-program-or-service-rule.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/create-an-inbound-program-or-service-rule.md
@@ -1,12 +1,9 @@
---
-title: Create an Inbound Program or Service Rule (Windows)
+title: Create an Inbound Program or Service Rule
description: Learn how to allow inbound traffic to a program or service by using the Group Policy Management MMC snap-in to create firewall rules.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Create an Inbound Program or Service Rule
diff --git a/windows/security/threat-protection/windows-firewall/create-an-outbound-port-rule.md b/windows/security/operating-system-security/network-security/windows-firewall/create-an-outbound-port-rule.md
similarity index 89%
rename from windows/security/threat-protection/windows-firewall/create-an-outbound-port-rule.md
rename to windows/security/operating-system-security/network-security/windows-firewall/create-an-outbound-port-rule.md
index 539d7fcf90..a014376a16 100644
--- a/windows/security/threat-protection/windows-firewall/create-an-outbound-port-rule.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/create-an-outbound-port-rule.md
@@ -1,12 +1,9 @@
---
-title: Create an Outbound Port Rule (Windows)
+title: Create an Outbound Port Rule
description: Learn to block outbound traffic on a port by using the Group Policy Management MMC snap-in to create rules in Windows Defender Firewall with Advanced Security.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Create an Outbound Port Rule
diff --git a/windows/security/threat-protection/windows-firewall/create-an-outbound-program-or-service-rule.md b/windows/security/operating-system-security/network-security/windows-firewall/create-an-outbound-program-or-service-rule.md
similarity index 91%
rename from windows/security/threat-protection/windows-firewall/create-an-outbound-program-or-service-rule.md
rename to windows/security/operating-system-security/network-security/windows-firewall/create-an-outbound-program-or-service-rule.md
index 6083981a32..7893448184 100644
--- a/windows/security/threat-protection/windows-firewall/create-an-outbound-program-or-service-rule.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/create-an-outbound-program-or-service-rule.md
@@ -1,12 +1,9 @@
---
-title: Create an Outbound Program or Service Rule (Windows)
+title: Create an Outbound Program or Service Rule
description: Use the Windows Defender Firewall with Advanced Security node in the Group Policy Management console to create firewall rules.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Create an Outbound Program or Service Rule
diff --git a/windows/security/threat-protection/windows-firewall/create-inbound-rules-to-support-rpc.md b/windows/security/operating-system-security/network-security/windows-firewall/create-inbound-rules-to-support-rpc.md
similarity index 93%
rename from windows/security/threat-protection/windows-firewall/create-inbound-rules-to-support-rpc.md
rename to windows/security/operating-system-security/network-security/windows-firewall/create-inbound-rules-to-support-rpc.md
index 85de932389..e153527fbc 100644
--- a/windows/security/threat-protection/windows-firewall/create-inbound-rules-to-support-rpc.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/create-inbound-rules-to-support-rpc.md
@@ -1,12 +1,9 @@
---
-title: Create Inbound Rules to Support RPC (Windows)
+title: Create Inbound Rules to Support RPC
description: Learn how to allow RPC network traffic by using the Group Policy Management MMC snap-in to create rules in Windows Defender Firewall with Advanced Security.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Create Inbound Rules to Support RPC
diff --git a/windows/security/threat-protection/windows-firewall/create-windows-firewall-rules-in-intune.md b/windows/security/operating-system-security/network-security/windows-firewall/create-windows-firewall-rules-in-intune.md
similarity index 94%
rename from windows/security/threat-protection/windows-firewall/create-windows-firewall-rules-in-intune.md
rename to windows/security/operating-system-security/network-security/windows-firewall/create-windows-firewall-rules-in-intune.md
index 83d9d7ca2e..f2316edf7e 100644
--- a/windows/security/threat-protection/windows-firewall/create-windows-firewall-rules-in-intune.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/create-windows-firewall-rules-in-intune.md
@@ -1,11 +1,8 @@
---
-title: Create Windows Firewall rules in Intune (Windows)
+title: Create Windows Firewall rules in Intune
description: Learn how to use Intune to create rules in Windows Defender Firewall with Advanced Security. Start by creating a profile in Device Configuration in Intune.
ms.prod: windows-client
ms.topic: conceptual
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
ms.date: 12/31/2017
---
diff --git a/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md b/windows/security/operating-system-security/network-security/windows-firewall/create-wmi-filters-for-the-gpo.md
similarity index 93%
rename from windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md
rename to windows/security/operating-system-security/network-security/windows-firewall/create-wmi-filters-for-the-gpo.md
index aadb54b9eb..08c06d4796 100644
--- a/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/create-wmi-filters-for-the-gpo.md
@@ -1,5 +1,5 @@
---
-title: Create WMI Filters for the GPO (Windows)
+title: Create WMI Filters for the GPO
description: Learn how to use WMI filters on a GPO to make sure that each GPO for a group can only be applied to devices running the correct version of Windows.
ms.prod: windows-client
ms.collection:
@@ -7,9 +7,6 @@ ms.collection:
- tier3
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Create WMI Filters for the GPO
diff --git a/windows/security/threat-protection/windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md b/windows/security/operating-system-security/network-security/windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md
similarity index 89%
rename from windows/security/threat-protection/windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md
rename to windows/security/operating-system-security/network-security/windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md
index 8df474f3c3..197d05a733 100644
--- a/windows/security/threat-protection/windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md
@@ -1,12 +1,9 @@
---
-title: Designing a Windows Defender Firewall Strategy (Windows)
+title: Designing a Windows Defender Firewall Strategy
description: Answer the question in this article to design an effective Windows Defender Firewall with Advanced Security Strategy.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Designing a Windows Defender Firewall with Advanced Security Strategy
diff --git a/windows/security/threat-protection/windows-firewall/determining-the-trusted-state-of-your-devices.md b/windows/security/operating-system-security/network-security/windows-firewall/determining-the-trusted-state-of-your-devices.md
similarity index 97%
rename from windows/security/threat-protection/windows-firewall/determining-the-trusted-state-of-your-devices.md
rename to windows/security/operating-system-security/network-security/windows-firewall/determining-the-trusted-state-of-your-devices.md
index 5089c8d823..62d1fcb8d8 100644
--- a/windows/security/threat-protection/windows-firewall/determining-the-trusted-state-of-your-devices.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/determining-the-trusted-state-of-your-devices.md
@@ -1,12 +1,9 @@
---
-title: Determining the Trusted State of Your Devices (Windows)
+title: Determining the Trusted State of Your Devices
description: Learn how to define the trusted state of devices in your enterprise to help design your strategy for using Windows Defender Firewall with Advanced Security.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Determining the Trusted State of Your Devices
diff --git a/windows/security/threat-protection/windows-firewall/documenting-the-zones.md b/windows/security/operating-system-security/network-security/windows-firewall/documenting-the-zones.md
similarity index 82%
rename from windows/security/threat-protection/windows-firewall/documenting-the-zones.md
rename to windows/security/operating-system-security/network-security/windows-firewall/documenting-the-zones.md
index 4db33e1b27..16cb030c90 100644
--- a/windows/security/threat-protection/windows-firewall/documenting-the-zones.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/documenting-the-zones.md
@@ -1,12 +1,9 @@
---
-title: Documenting the Zones (Windows)
+title: Documenting the Zones
description: Learn how to document the zone placement of devices in your design for Windows Defender Firewall with Advanced Security.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Documenting the Zones
diff --git a/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design-example.md b/windows/security/operating-system-security/network-security/windows-firewall/domain-isolation-policy-design-example.md
similarity index 94%
rename from windows/security/threat-protection/windows-firewall/domain-isolation-policy-design-example.md
rename to windows/security/operating-system-security/network-security/windows-firewall/domain-isolation-policy-design-example.md
index e481999a70..c01ba555ff 100644
--- a/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design-example.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/domain-isolation-policy-design-example.md
@@ -1,12 +1,9 @@
---
-title: Domain Isolation Policy Design Example (Windows)
+title: Domain Isolation Policy Design Example
description: This example uses a fictitious company to illustrate domain isolation policy design in Windows Defender Firewall with Advanced Security.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Domain Isolation Policy Design Example
diff --git a/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design.md b/windows/security/operating-system-security/network-security/windows-firewall/domain-isolation-policy-design.md
similarity index 94%
rename from windows/security/threat-protection/windows-firewall/domain-isolation-policy-design.md
rename to windows/security/operating-system-security/network-security/windows-firewall/domain-isolation-policy-design.md
index 8186a03186..abb10fe004 100644
--- a/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/domain-isolation-policy-design.md
@@ -1,12 +1,9 @@
---
-title: Domain Isolation Policy Design (Windows)
+title: Domain Isolation Policy Design
description: Learn how to design a domain isolation policy, based on which devices accept only connections from authenticated members of the same isolated domain.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Domain Isolation Policy Design
diff --git a/windows/security/threat-protection/windows-firewall/enable-predefined-inbound-rules.md b/windows/security/operating-system-security/network-security/windows-firewall/enable-predefined-inbound-rules.md
similarity index 84%
rename from windows/security/threat-protection/windows-firewall/enable-predefined-inbound-rules.md
rename to windows/security/operating-system-security/network-security/windows-firewall/enable-predefined-inbound-rules.md
index c4377b8254..68f91e5710 100644
--- a/windows/security/threat-protection/windows-firewall/enable-predefined-inbound-rules.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/enable-predefined-inbound-rules.md
@@ -1,12 +1,9 @@
---
-title: Enable Predefined Inbound Rules (Windows)
+title: Enable Predefined Inbound Rules
description: Learn the rules for Windows Defender Firewall with Advanced Security for common networking roles and functions.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Enable Predefined Inbound Rules
diff --git a/windows/security/threat-protection/windows-firewall/enable-predefined-outbound-rules.md b/windows/security/operating-system-security/network-security/windows-firewall/enable-predefined-outbound-rules.md
similarity index 85%
rename from windows/security/threat-protection/windows-firewall/enable-predefined-outbound-rules.md
rename to windows/security/operating-system-security/network-security/windows-firewall/enable-predefined-outbound-rules.md
index 83d2eec6b3..69eaebf470 100644
--- a/windows/security/threat-protection/windows-firewall/enable-predefined-outbound-rules.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/enable-predefined-outbound-rules.md
@@ -1,12 +1,9 @@
---
-title: Enable Predefined Outbound Rules (Windows)
+title: Enable Predefined Outbound Rules
description: Learn to deploy predefined firewall rules that block outbound network traffic for common network functions in Windows Defender Firewall with Advanced Security.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/07/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Enable Predefined Outbound Rules
diff --git a/windows/security/threat-protection/windows-firewall/encryption-zone-gpos.md b/windows/security/operating-system-security/network-security/windows-firewall/encryption-zone-gpos.md
similarity index 75%
rename from windows/security/threat-protection/windows-firewall/encryption-zone-gpos.md
rename to windows/security/operating-system-security/network-security/windows-firewall/encryption-zone-gpos.md
index f26b60d3f2..eb9e6e58ad 100644
--- a/windows/security/threat-protection/windows-firewall/encryption-zone-gpos.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/encryption-zone-gpos.md
@@ -1,12 +1,9 @@
---
-title: Encryption Zone GPOs (Windows)
+title: Encryption Zone GPOs
description: Learn how to add a device to an encryption zone by adding the device account to the encryption zone group in Windows Defender Firewall with Advanced Security.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Encryption Zone GPOs
diff --git a/windows/security/threat-protection/windows-firewall/encryption-zone.md b/windows/security/operating-system-security/network-security/windows-firewall/encryption-zone.md
similarity index 93%
rename from windows/security/threat-protection/windows-firewall/encryption-zone.md
rename to windows/security/operating-system-security/network-security/windows-firewall/encryption-zone.md
index 4dc931b4ea..b421043953 100644
--- a/windows/security/threat-protection/windows-firewall/encryption-zone.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/encryption-zone.md
@@ -1,12 +1,9 @@
---
-title: Encryption Zone (Windows)
+title: Encryption Zone
description: Learn how to create an encryption zone to contain devices that host sensitive data and require that the sensitive network traffic be encrypted.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Encryption Zone
diff --git a/windows/security/threat-protection/windows-firewall/exempt-icmp-from-authentication.md b/windows/security/operating-system-security/network-security/windows-firewall/exempt-icmp-from-authentication.md
similarity index 73%
rename from windows/security/threat-protection/windows-firewall/exempt-icmp-from-authentication.md
rename to windows/security/operating-system-security/network-security/windows-firewall/exempt-icmp-from-authentication.md
index 410c3c56be..572b3283f3 100644
--- a/windows/security/threat-protection/windows-firewall/exempt-icmp-from-authentication.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/exempt-icmp-from-authentication.md
@@ -1,12 +1,9 @@
---
-title: Exempt ICMP from Authentication (Windows)
+title: Exempt ICMP from Authentication
description: Learn how to add exemptions for any network traffic that uses the ICMP protocol in Windows Defender Firewall with Advanced Security.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Exempt ICMP from Authentication
diff --git a/windows/security/threat-protection/windows-firewall/exemption-list.md b/windows/security/operating-system-security/network-security/windows-firewall/exemption-list.md
similarity index 91%
rename from windows/security/threat-protection/windows-firewall/exemption-list.md
rename to windows/security/operating-system-security/network-security/windows-firewall/exemption-list.md
index 52d0334bfa..cb0b5ee9e1 100644
--- a/windows/security/threat-protection/windows-firewall/exemption-list.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/exemption-list.md
@@ -1,12 +1,9 @@
---
-title: Exemption List (Windows)
+title: Exemption List
description: Learn about reasons to add devices to an exemption list in Windows Defender Firewall with Advanced Security and the trade-offs of having too many exemptions.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Exemption List
diff --git a/windows/security/threat-protection/windows-firewall/filter-origin-documentation.md b/windows/security/operating-system-security/network-security/windows-firewall/filter-origin-documentation.md
similarity index 89%
rename from windows/security/threat-protection/windows-firewall/filter-origin-documentation.md
rename to windows/security/operating-system-security/network-security/windows-firewall/filter-origin-documentation.md
index 5b4fbe6b78..ba08eadadb 100644
--- a/windows/security/threat-protection/windows-firewall/filter-origin-documentation.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/filter-origin-documentation.md
@@ -3,9 +3,6 @@ title: Filter origin audit log improvements
description: Filter origin documentation audit log improvements
ms.prod: windows-client
ms.topic: troubleshooting
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
ms.date: 12/31/2017
---
@@ -29,19 +26,19 @@ The blocking filters can be categorized under these filter origins:
2. Firewall default block filters
- a. AppContainer loopback
+ a. AppContainer loopback
- b. Boottime default
+ b. Boottime default
- c. Quarantine default
+ c. Quarantine default
- d. Query user default
+ d. Query user default
- e. Stealth
+ e. Stealth
- f. Universal Windows Platform (UWP) default
+ f. Universal Windows Platform (UWP) default
- g. Windows Service Hardening (WSH) default
+ g. Windows Service Hardening (WSH) default
The next section describes the improvements made to audits 5157 and 5152, and how the above filter origins are used in these events. These improvements were added in the Windows Server 2022 and Windows 11 releases.
@@ -59,8 +56,8 @@ To enable a specific audit event, run the corresponding command in an administra
|**Audit #**|**Enable command**|**Link**|
|:-----|:-----|:-----|
-|**5157**|`Auditpol /set /category:"System" /SubCategory:"Filtering Platform Connection" /success:enable /failure:enable`|[5157(F): The Windows Filtering Platform has blocked a connection.](../auditing/event-5157.md)|
-|**5152**|`Auditpol /set /category:"System" /SubCategory:"Filtering Platform Packet Drop" /success:enable /failure:enable`|[5152(F): The Windows Filtering Platform blocked a packet.](../auditing/event-5152.md)|
+|**5157**|`Auditpol /set /category:"System" /SubCategory:"Filtering Platform Connection" /success:enable /failure:enable`|[5157(F): The Windows Filtering Platform has blocked a connection.](../../../threat-protection/auditing/event-5157.md)|
+|**5152**|`Auditpol /set /category:"System" /SubCategory:"Filtering Platform Packet Drop" /success:enable /failure:enable`|[5152(F): The Windows Filtering Platform blocked a packet.](../../../threat-protection/auditing/event-5152.md)|
## Example flow of debugging packet drops with filter origin
@@ -75,13 +72,13 @@ The next sections are divided by `Filter Origin` type, the value is either a rul
Run the following PowerShell command to generate the rule information using `Filter Origin`.
```Powershell
-Get-NetFirewallRule -Name “”
+Get-NetFirewallRule -Name ""
Get-NetFirewallRule -Name " {A549B7CF-0542-4B67-93F9-EEBCDD584377} "
```
-After identifying the rule that caused the drop, the network admin can now modify/disable the rule to allow the traffic they want through command prompt or using the Windows Defender UI. The network admin can find the rule in the UI with the rule’s `DisplayName`.
+After identifying the rule that caused the drop, the network admin can now modify/disable the rule to allow the traffic they want through command prompt or using the Windows Defender UI. The network admin can find the rule in the UI with the rule's `DisplayName`.
>[!NOTE]
> Firewall rules from Mobile Device Management (MDM) store cannot be searched using the Windows Defender UI. Additionally, the above method will not work when the `Filter Origin` is one of the default block filters, as they do not correspond to any firewall rules.
@@ -161,4 +158,4 @@ For more information on how to debug drops caused by UWP default block filters,
**WSH default**
-Network drops from Windows Service Hardening (WSH) default filters indicate that there wasn’t an explicit Windows Service Hardening allow rule to allow network traffic for the protected service. The service owner will need to configure allow rules for the service if the block isn't expected.
+Network drops from Windows Service Hardening (WSH) default filters indicate that there wasn't an explicit Windows Service Hardening allow rule to allow network traffic for the protected service. The service owner will need to configure allow rules for the service if the block isn't expected.
diff --git a/windows/security/threat-protection/windows-firewall/firewall-gpos.md b/windows/security/operating-system-security/network-security/windows-firewall/firewall-gpos.md
similarity index 67%
rename from windows/security/threat-protection/windows-firewall/firewall-gpos.md
rename to windows/security/operating-system-security/network-security/windows-firewall/firewall-gpos.md
index d281e5120c..526ffd83a3 100644
--- a/windows/security/threat-protection/windows-firewall/firewall-gpos.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/firewall-gpos.md
@@ -1,12 +1,9 @@
---
-title: Firewall GPOs (Windows)
+title: Firewall GPOs
description: In this example, a Group Policy Object is linked to the domain container because the domain controllers aren't part of the isolated domain.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Firewall GPOs
diff --git a/windows/security/threat-protection/windows-firewall/firewall-policy-design-example.md b/windows/security/operating-system-security/network-security/windows-firewall/firewall-policy-design-example.md
similarity index 96%
rename from windows/security/threat-protection/windows-firewall/firewall-policy-design-example.md
rename to windows/security/operating-system-security/network-security/windows-firewall/firewall-policy-design-example.md
index 3a7fd73b29..f290a9943c 100644
--- a/windows/security/threat-protection/windows-firewall/firewall-policy-design-example.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/firewall-policy-design-example.md
@@ -1,12 +1,9 @@
---
-title: Basic Firewall Policy Design Example (Windows)
+title: Basic Firewall Policy Design Example
description: This example features a fictitious company and illustrates firewall policy design for Windows Defender Firewall with Advanced Security.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Basic Firewall Policy Design Example
diff --git a/windows/security/threat-protection/windows-firewall/firewall-settings-lost-on-upgrade.md b/windows/security/operating-system-security/network-security/windows-firewall/firewall-settings-lost-on-upgrade.md
similarity index 88%
rename from windows/security/threat-protection/windows-firewall/firewall-settings-lost-on-upgrade.md
rename to windows/security/operating-system-security/network-security/windows-firewall/firewall-settings-lost-on-upgrade.md
index 2f28d5f315..0d63234aba 100644
--- a/windows/security/threat-protection/windows-firewall/firewall-settings-lost-on-upgrade.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/firewall-settings-lost-on-upgrade.md
@@ -3,9 +3,6 @@ title: Troubleshooting Windows Firewall settings after a Windows upgrade
description: Firewall settings lost on upgrade
ms.prod: windows-client
ms.topic: troubleshooting
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
ms.date: 12/31/2017
---
diff --git a/windows/security/threat-protection/windows-firewall/gathering-information-about-your-active-directory-deployment.md b/windows/security/operating-system-security/network-security/windows-firewall/gathering-information-about-your-active-directory-deployment.md
similarity index 91%
rename from windows/security/threat-protection/windows-firewall/gathering-information-about-your-active-directory-deployment.md
rename to windows/security/operating-system-security/network-security/windows-firewall/gathering-information-about-your-active-directory-deployment.md
index 8f60efe829..b030f3c63a 100644
--- a/windows/security/threat-protection/windows-firewall/gathering-information-about-your-active-directory-deployment.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/gathering-information-about-your-active-directory-deployment.md
@@ -1,12 +1,9 @@
---
-title: Gathering Information about Your Active Directory Deployment (Windows)
+title: Gathering Information about Your Active Directory Deployment
description: Learn about gathering Active Directory information, including domain layout, organizational unit architecture, and site topology, for your firewall deployment.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Gathering Information about Your Active Directory Deployment
diff --git a/windows/security/threat-protection/windows-firewall/gathering-information-about-your-current-network-infrastructure.md b/windows/security/operating-system-security/network-security/windows-firewall/gathering-information-about-your-current-network-infrastructure.md
similarity index 97%
rename from windows/security/threat-protection/windows-firewall/gathering-information-about-your-current-network-infrastructure.md
rename to windows/security/operating-system-security/network-security/windows-firewall/gathering-information-about-your-current-network-infrastructure.md
index 3aa6cef30a..13cb71d95b 100644
--- a/windows/security/threat-protection/windows-firewall/gathering-information-about-your-current-network-infrastructure.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/gathering-information-about-your-current-network-infrastructure.md
@@ -1,12 +1,9 @@
---
-title: Gathering Info about Your Network Infrastructure (Windows)
+title: Gathering Info about Your Network Infrastructure
description: Learn how to gather info about your network infrastructure so that you can effectively plan for Windows Defender Firewall with Advanced Security deployment.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Gathering Information about Your Current Network Infrastructure
diff --git a/windows/security/threat-protection/windows-firewall/gathering-information-about-your-devices.md b/windows/security/operating-system-security/network-security/windows-firewall/gathering-information-about-your-devices.md
similarity index 92%
rename from windows/security/threat-protection/windows-firewall/gathering-information-about-your-devices.md
rename to windows/security/operating-system-security/network-security/windows-firewall/gathering-information-about-your-devices.md
index 1f0cbb3885..d650107dd8 100644
--- a/windows/security/threat-protection/windows-firewall/gathering-information-about-your-devices.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/gathering-information-about-your-devices.md
@@ -1,12 +1,9 @@
---
-title: Gathering Information about Your Devices (Windows)
+title: Gathering Information about Your Devices
description: Learn what information to gather about the devices in your enterprise to plan your Windows Defender Firewall with Advanced Security deployment.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Gathering Information about Your Devices
diff --git a/windows/security/threat-protection/windows-firewall/gathering-other-relevant-information.md b/windows/security/operating-system-security/network-security/windows-firewall/gathering-other-relevant-information.md
similarity index 95%
rename from windows/security/threat-protection/windows-firewall/gathering-other-relevant-information.md
rename to windows/security/operating-system-security/network-security/windows-firewall/gathering-other-relevant-information.md
index a4fa1bcbac..f57dfc3116 100644
--- a/windows/security/threat-protection/windows-firewall/gathering-other-relevant-information.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/gathering-other-relevant-information.md
@@ -1,12 +1,9 @@
---
-title: Gathering Other Relevant Information (Windows)
+title: Gathering Other Relevant Information
description: Learn about additional information you may need to gather to deploy Windows Defender Firewall with Advanced Security policies in your organization.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Gathering Other Relevant Information
diff --git a/windows/security/threat-protection/windows-firewall/gathering-the-information-you-need.md b/windows/security/operating-system-security/network-security/windows-firewall/gathering-the-information-you-need.md
similarity index 79%
rename from windows/security/threat-protection/windows-firewall/gathering-the-information-you-need.md
rename to windows/security/operating-system-security/network-security/windows-firewall/gathering-the-information-you-need.md
index 69323a3def..b82d977445 100644
--- a/windows/security/threat-protection/windows-firewall/gathering-the-information-you-need.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/gathering-the-information-you-need.md
@@ -1,12 +1,9 @@
---
-title: Gathering the Information You Need (Windows)
+title: Gathering the Information You Need
description: Collect and analyze information about your network, directory services, and devices to prepare for Windows Defender Firewall with Advanced Security deployment.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Gathering the Information You Need
diff --git a/windows/security/threat-protection/windows-firewall/gpo-domiso-boundary.md b/windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-boundary.md
similarity index 87%
rename from windows/security/threat-protection/windows-firewall/gpo-domiso-boundary.md
rename to windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-boundary.md
index 08115f7e6c..741f91081d 100644
--- a/windows/security/threat-protection/windows-firewall/gpo-domiso-boundary.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-boundary.md
@@ -1,12 +1,9 @@
---
-title: GPO\_DOMISO\_Boundary (Windows)
+title: GPO\_DOMISO\_Boundary
description: This example GPO supports devices that aren't part of the isolated domain to access specific servers that must be available to those untrusted devices.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# GPO\_DOMISO\_Boundary
diff --git a/windows/security/threat-protection/windows-firewall/gpo-domiso-encryption.md b/windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-encryption.md
similarity index 88%
rename from windows/security/threat-protection/windows-firewall/gpo-domiso-encryption.md
rename to windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-encryption.md
index e25451e208..b5d7b1384b 100644
--- a/windows/security/threat-protection/windows-firewall/gpo-domiso-encryption.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-encryption.md
@@ -1,12 +1,9 @@
---
-title: GPO\_DOMISO\_Encryption\_WS2008 (Windows)
+title: GPO\_DOMISO\_Encryption\_WS2008
description: This example GPO supports the ability for servers that contain sensitive data to require encryption for all connection requests.
ms.topic: conceptual
ms.prod: windows-client
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# GPO\_DOMISO\_Encryption\_WS2008
diff --git a/windows/security/threat-protection/windows-firewall/gpo-domiso-firewall.md b/windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-firewall.md
similarity index 88%
rename from windows/security/threat-protection/windows-firewall/gpo-domiso-firewall.md
rename to windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-firewall.md
index 8f51e224f1..057cf7bdf5 100644
--- a/windows/security/threat-protection/windows-firewall/gpo-domiso-firewall.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-firewall.md
@@ -1,12 +1,9 @@
---
-title: GPO\_DOMISO\_Firewall (Windows)
+title: GPO\_DOMISO\_Firewall
description: Learn about the settings and rules in this example GPO, which is authored by using the Group Policy editing tools.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# GPO\_DOMISO\_Firewall
diff --git a/windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-clients.md b/windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-isolateddomain-clients.md
similarity index 91%
rename from windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-clients.md
rename to windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-isolateddomain-clients.md
index b2372a88c2..1f72fa6064 100644
--- a/windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-clients.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-isolateddomain-clients.md
@@ -1,12 +1,9 @@
---
-title: GPO\_DOMISO\_IsolatedDomain\_Clients (Windows)
+title: GPO\_DOMISO\_IsolatedDomain\_Clients
description: Author this GPO by using Windows Defender Firewall with Advanced Security interface in the Group Policy editing tools.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# GPO\_DOMISO\_IsolatedDomain\_Clients
diff --git a/windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-servers.md b/windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-isolateddomain-servers.md
similarity index 82%
rename from windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-servers.md
rename to windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-isolateddomain-servers.md
index 100d7233bc..2ca05d9120 100644
--- a/windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-servers.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-isolateddomain-servers.md
@@ -1,12 +1,9 @@
---
-title: GPO\_DOMISO\_IsolatedDomain\_Servers (Windows)
+title: GPO\_DOMISO\_IsolatedDomain\_Servers
description: Author this GPO by using the Windows Defender Firewall with Advanced Security interface in the Group Policy editing tools.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# GPO\_DOMISO\_IsolatedDomain\_Servers
diff --git a/windows/security/threat-protection/windows-firewall/identifying-your-windows-firewall-with-advanced-security-deployment-goals.md b/windows/security/operating-system-security/network-security/windows-firewall/identifying-your-windows-firewall-with-advanced-security-deployment-goals.md
similarity index 93%
rename from windows/security/threat-protection/windows-firewall/identifying-your-windows-firewall-with-advanced-security-deployment-goals.md
rename to windows/security/operating-system-security/network-security/windows-firewall/identifying-your-windows-firewall-with-advanced-security-deployment-goals.md
index d4e5b71479..c36d7effdf 100644
--- a/windows/security/threat-protection/windows-firewall/identifying-your-windows-firewall-with-advanced-security-deployment-goals.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/identifying-your-windows-firewall-with-advanced-security-deployment-goals.md
@@ -1,12 +1,9 @@
---
-title: Identify implementation goals for Windows Defender Firewall with Advanced Security Deployment (Windows)
+title: Identify implementation goals for Windows Defender Firewall with Advanced Security Deployment
description: Identifying Your Windows Defender Firewall with Advanced Security (WFAS) implementation goals
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Identifying Windows Defender Firewall with Advanced Security implementation goals
diff --git a/windows/security/threat-protection/windows-firewall/images/corpnet.gif b/windows/security/operating-system-security/network-security/windows-firewall/images/corpnet.gif
similarity index 100%
rename from windows/security/threat-protection/windows-firewall/images/corpnet.gif
rename to windows/security/operating-system-security/network-security/windows-firewall/images/corpnet.gif
diff --git a/windows/security/threat-protection/windows-firewall/images/createipsecrule.gif b/windows/security/operating-system-security/network-security/windows-firewall/images/createipsecrule.gif
similarity index 100%
rename from windows/security/threat-protection/windows-firewall/images/createipsecrule.gif
rename to windows/security/operating-system-security/network-security/windows-firewall/images/createipsecrule.gif
diff --git a/windows/security/threat-protection/windows-firewall/images/event-audit-5157.png b/windows/security/operating-system-security/network-security/windows-firewall/images/event-audit-5157.png
similarity index 100%
rename from windows/security/threat-protection/windows-firewall/images/event-audit-5157.png
rename to windows/security/operating-system-security/network-security/windows-firewall/images/event-audit-5157.png
diff --git a/windows/security/threat-protection/windows-firewall/images/event-properties-5157.png b/windows/security/operating-system-security/network-security/windows-firewall/images/event-properties-5157.png
similarity index 100%
rename from windows/security/threat-protection/windows-firewall/images/event-properties-5157.png
rename to windows/security/operating-system-security/network-security/windows-firewall/images/event-properties-5157.png
diff --git a/windows/security/threat-protection/windows-firewall/images/firewallrule.png b/windows/security/operating-system-security/network-security/windows-firewall/images/firewallrule.png
similarity index 100%
rename from windows/security/threat-protection/windows-firewall/images/firewallrule.png
rename to windows/security/operating-system-security/network-security/windows-firewall/images/firewallrule.png
diff --git a/windows/security/threat-protection/windows-firewall/images/fw01-profiles.png b/windows/security/operating-system-security/network-security/windows-firewall/images/fw01-profiles.png
similarity index 100%
rename from windows/security/threat-protection/windows-firewall/images/fw01-profiles.png
rename to windows/security/operating-system-security/network-security/windows-firewall/images/fw01-profiles.png
diff --git a/windows/security/threat-protection/windows-firewall/images/fw02-createrule.png b/windows/security/operating-system-security/network-security/windows-firewall/images/fw02-createrule.png
similarity index 100%
rename from windows/security/threat-protection/windows-firewall/images/fw02-createrule.png
rename to windows/security/operating-system-security/network-security/windows-firewall/images/fw02-createrule.png
diff --git a/windows/security/threat-protection/windows-firewall/images/fw03-defaults.png b/windows/security/operating-system-security/network-security/windows-firewall/images/fw03-defaults.png
similarity index 100%
rename from windows/security/threat-protection/windows-firewall/images/fw03-defaults.png
rename to windows/security/operating-system-security/network-security/windows-firewall/images/fw03-defaults.png
diff --git a/windows/security/threat-protection/windows-firewall/images/fw04-userquery.png b/windows/security/operating-system-security/network-security/windows-firewall/images/fw04-userquery.png
similarity index 100%
rename from windows/security/threat-protection/windows-firewall/images/fw04-userquery.png
rename to windows/security/operating-system-security/network-security/windows-firewall/images/fw04-userquery.png
diff --git a/windows/security/threat-protection/windows-firewall/images/fw05-rulemerge.png b/windows/security/operating-system-security/network-security/windows-firewall/images/fw05-rulemerge.png
similarity index 100%
rename from windows/security/threat-protection/windows-firewall/images/fw05-rulemerge.png
rename to windows/security/operating-system-security/network-security/windows-firewall/images/fw05-rulemerge.png
diff --git a/windows/security/threat-protection/windows-firewall/images/fw06-block.png b/windows/security/operating-system-security/network-security/windows-firewall/images/fw06-block.png
similarity index 100%
rename from windows/security/threat-protection/windows-firewall/images/fw06-block.png
rename to windows/security/operating-system-security/network-security/windows-firewall/images/fw06-block.png
diff --git a/windows/security/threat-protection/windows-firewall/images/fw07-legacy.png b/windows/security/operating-system-security/network-security/windows-firewall/images/fw07-legacy.png
similarity index 100%
rename from windows/security/threat-protection/windows-firewall/images/fw07-legacy.png
rename to windows/security/operating-system-security/network-security/windows-firewall/images/fw07-legacy.png
diff --git a/windows/security/threat-protection/windows-firewall/images/grouppolicy-paste.png b/windows/security/operating-system-security/network-security/windows-firewall/images/grouppolicy-paste.png
similarity index 100%
rename from windows/security/threat-protection/windows-firewall/images/grouppolicy-paste.png
rename to windows/security/operating-system-security/network-security/windows-firewall/images/grouppolicy-paste.png
diff --git a/windows/security/threat-protection/windows-firewall/images/powershelllogosmall.gif b/windows/security/operating-system-security/network-security/windows-firewall/images/powershelllogosmall.gif
similarity index 100%
rename from windows/security/threat-protection/windows-firewall/images/powershelllogosmall.gif
rename to windows/security/operating-system-security/network-security/windows-firewall/images/powershelllogosmall.gif
diff --git a/windows/security/threat-protection/windows-firewall/images/qmcryptoset.gif b/windows/security/operating-system-security/network-security/windows-firewall/images/qmcryptoset.gif
similarity index 100%
rename from windows/security/threat-protection/windows-firewall/images/qmcryptoset.gif
rename to windows/security/operating-system-security/network-security/windows-firewall/images/qmcryptoset.gif
diff --git a/windows/security/threat-protection/windows-firewall/images/quarantine-default-block-filter.png b/windows/security/operating-system-security/network-security/windows-firewall/images/quarantine-default-block-filter.png
similarity index 100%
rename from windows/security/threat-protection/windows-firewall/images/quarantine-default-block-filter.png
rename to windows/security/operating-system-security/network-security/windows-firewall/images/quarantine-default-block-filter.png
diff --git a/windows/security/threat-protection/windows-firewall/images/quarantine-default1.png b/windows/security/operating-system-security/network-security/windows-firewall/images/quarantine-default1.png
similarity index 100%
rename from windows/security/threat-protection/windows-firewall/images/quarantine-default1.png
rename to windows/security/operating-system-security/network-security/windows-firewall/images/quarantine-default1.png
diff --git a/windows/security/threat-protection/windows-firewall/images/quarantine-interfaceindex1.png b/windows/security/operating-system-security/network-security/windows-firewall/images/quarantine-interfaceindex1.png
similarity index 100%
rename from windows/security/threat-protection/windows-firewall/images/quarantine-interfaceindex1.png
rename to windows/security/operating-system-security/network-security/windows-firewall/images/quarantine-interfaceindex1.png
diff --git a/windows/security/threat-protection/windows-firewall/images/query-user-default-block-filters.png b/windows/security/operating-system-security/network-security/windows-firewall/images/query-user-default-block-filters.png
similarity index 100%
rename from windows/security/threat-protection/windows-firewall/images/query-user-default-block-filters.png
rename to windows/security/operating-system-security/network-security/windows-firewall/images/query-user-default-block-filters.png
diff --git a/windows/security/threat-protection/windows-firewall/images/wfas-design2example1.gif b/windows/security/operating-system-security/network-security/windows-firewall/images/wfas-design2example1.gif
similarity index 100%
rename from windows/security/threat-protection/windows-firewall/images/wfas-design2example1.gif
rename to windows/security/operating-system-security/network-security/windows-firewall/images/wfas-design2example1.gif
diff --git a/windows/security/threat-protection/windows-firewall/images/wfas-design3example1.gif b/windows/security/operating-system-security/network-security/windows-firewall/images/wfas-design3example1.gif
similarity index 100%
rename from windows/security/threat-protection/windows-firewall/images/wfas-design3example1.gif
rename to windows/security/operating-system-security/network-security/windows-firewall/images/wfas-design3example1.gif
diff --git a/windows/security/threat-protection/windows-firewall/images/wfas-designexample1.gif b/windows/security/operating-system-security/network-security/windows-firewall/images/wfas-designexample1.gif
similarity index 100%
rename from windows/security/threat-protection/windows-firewall/images/wfas-designexample1.gif
rename to windows/security/operating-system-security/network-security/windows-firewall/images/wfas-designexample1.gif
diff --git a/windows/security/threat-protection/windows-firewall/images/wfas-designflowchart1.gif b/windows/security/operating-system-security/network-security/windows-firewall/images/wfas-designflowchart1.gif
similarity index 100%
rename from windows/security/threat-protection/windows-firewall/images/wfas-designflowchart1.gif
rename to windows/security/operating-system-security/network-security/windows-firewall/images/wfas-designflowchart1.gif
diff --git a/windows/security/threat-protection/windows-firewall/images/wfas-domainiso.gif b/windows/security/operating-system-security/network-security/windows-firewall/images/wfas-domainiso.gif
similarity index 100%
rename from windows/security/threat-protection/windows-firewall/images/wfas-domainiso.gif
rename to windows/security/operating-system-security/network-security/windows-firewall/images/wfas-domainiso.gif
diff --git a/windows/security/threat-protection/windows-firewall/images/wfas-domainisoencrypt.gif b/windows/security/operating-system-security/network-security/windows-firewall/images/wfas-domainisoencrypt.gif
similarity index 100%
rename from windows/security/threat-protection/windows-firewall/images/wfas-domainisoencrypt.gif
rename to windows/security/operating-system-security/network-security/windows-firewall/images/wfas-domainisoencrypt.gif
diff --git a/windows/security/threat-protection/windows-firewall/images/wfas-domainisohighsec.gif b/windows/security/operating-system-security/network-security/windows-firewall/images/wfas-domainisohighsec.gif
similarity index 100%
rename from windows/security/threat-protection/windows-firewall/images/wfas-domainisohighsec.gif
rename to windows/security/operating-system-security/network-security/windows-firewall/images/wfas-domainisohighsec.gif
diff --git a/windows/security/threat-protection/windows-firewall/images/wfas-domainnag.gif b/windows/security/operating-system-security/network-security/windows-firewall/images/wfas-domainnag.gif
similarity index 100%
rename from windows/security/threat-protection/windows-firewall/images/wfas-domainnag.gif
rename to windows/security/operating-system-security/network-security/windows-firewall/images/wfas-domainnag.gif
diff --git a/windows/security/threat-protection/windows-firewall/images/wfas-implement.gif b/windows/security/operating-system-security/network-security/windows-firewall/images/wfas-implement.gif
similarity index 100%
rename from windows/security/threat-protection/windows-firewall/images/wfas-implement.gif
rename to windows/security/operating-system-security/network-security/windows-firewall/images/wfas-implement.gif
diff --git a/windows/security/threat-protection/windows-firewall/images/wfasdomainisoboundary.gif b/windows/security/operating-system-security/network-security/windows-firewall/images/wfasdomainisoboundary.gif
similarity index 100%
rename from windows/security/threat-protection/windows-firewall/images/wfasdomainisoboundary.gif
rename to windows/security/operating-system-security/network-security/windows-firewall/images/wfasdomainisoboundary.gif
diff --git a/windows/security/threat-protection/windows-firewall/images/windows-firewall-intune.png b/windows/security/operating-system-security/network-security/windows-firewall/images/windows-firewall-intune.png
similarity index 100%
rename from windows/security/threat-protection/windows-firewall/images/windows-firewall-intune.png
rename to windows/security/operating-system-security/network-security/windows-firewall/images/windows-firewall-intune.png
diff --git a/windows/security/threat-protection/windows-firewall/implementing-your-windows-firewall-with-advanced-security-design-plan.md b/windows/security/operating-system-security/network-security/windows-firewall/implementing-your-windows-firewall-with-advanced-security-design-plan.md
similarity index 92%
rename from windows/security/threat-protection/windows-firewall/implementing-your-windows-firewall-with-advanced-security-design-plan.md
rename to windows/security/operating-system-security/network-security/windows-firewall/implementing-your-windows-firewall-with-advanced-security-design-plan.md
index 86253b807a..8f0342581b 100644
--- a/windows/security/threat-protection/windows-firewall/implementing-your-windows-firewall-with-advanced-security-design-plan.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/implementing-your-windows-firewall-with-advanced-security-design-plan.md
@@ -1,12 +1,9 @@
---
-title: Implementing Your Windows Defender Firewall with Advanced Security Design Plan (Windows)
+title: Implementing Your Windows Defender Firewall with Advanced Security Design Plan
description: Implementing Your Windows Defender Firewall with Advanced Security Design Plan
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Implementing Your Windows Defender Firewall with Advanced Security Design Plan
diff --git a/windows/security/threat-protection/windows-firewall/isolated-domain-gpos.md b/windows/security/operating-system-security/network-security/windows-firewall/isolated-domain-gpos.md
similarity index 78%
rename from windows/security/threat-protection/windows-firewall/isolated-domain-gpos.md
rename to windows/security/operating-system-security/network-security/windows-firewall/isolated-domain-gpos.md
index 4cab3c840b..bc7273b8b5 100644
--- a/windows/security/threat-protection/windows-firewall/isolated-domain-gpos.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/isolated-domain-gpos.md
@@ -1,12 +1,9 @@
---
-title: Isolated Domain GPOs (Windows)
+title: Isolated Domain GPOs
description: Learn about GPOs for isolated domains in this example configuration of Windows Defender Firewall with Advanced Security.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Isolated Domain GPOs
diff --git a/windows/security/threat-protection/windows-firewall/isolated-domain.md b/windows/security/operating-system-security/network-security/windows-firewall/isolated-domain.md
similarity index 94%
rename from windows/security/threat-protection/windows-firewall/isolated-domain.md
rename to windows/security/operating-system-security/network-security/windows-firewall/isolated-domain.md
index d11cfd0fa4..9925b88452 100644
--- a/windows/security/threat-protection/windows-firewall/isolated-domain.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/isolated-domain.md
@@ -1,12 +1,9 @@
---
-title: Isolated Domain (Windows)
+title: Isolated Domain
description: Learn about the isolated domain, which is the primary zone for trusted devices, which use connection security and firewall rules to control communication.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Isolated Domain
diff --git a/windows/security/threat-protection/windows-firewall/isolating-apps-on-your-network.md b/windows/security/operating-system-security/network-security/windows-firewall/isolating-apps-on-your-network.md
similarity index 97%
rename from windows/security/threat-protection/windows-firewall/isolating-apps-on-your-network.md
rename to windows/security/operating-system-security/network-security/windows-firewall/isolating-apps-on-your-network.md
index 6d41f4d5e5..225ddf3542 100644
--- a/windows/security/threat-protection/windows-firewall/isolating-apps-on-your-network.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/isolating-apps-on-your-network.md
@@ -1,12 +1,9 @@
---
-title: Isolating Microsoft Store Apps on Your Network (Windows)
+title: Isolating Microsoft Store Apps on Your Network
description: Learn how to customize your firewall configuration to isolate the network access of the new Microsoft Store apps that run on devices added to your network.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Isolating Microsoft Store Apps on Your Network
diff --git a/windows/security/threat-protection/windows-firewall/link-the-gpo-to-the-domain.md b/windows/security/operating-system-security/network-security/windows-firewall/link-the-gpo-to-the-domain.md
similarity index 83%
rename from windows/security/threat-protection/windows-firewall/link-the-gpo-to-the-domain.md
rename to windows/security/operating-system-security/network-security/windows-firewall/link-the-gpo-to-the-domain.md
index f875516002..ca38900f59 100644
--- a/windows/security/threat-protection/windows-firewall/link-the-gpo-to-the-domain.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/link-the-gpo-to-the-domain.md
@@ -1,12 +1,9 @@
---
-title: Link the GPO to the Domain (Windows)
+title: Link the GPO to the Domain
description: Learn how to link a GPO to the Active Directory container for the target devices, after you configure it in Windows Defender Firewall with Advanced Security.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Link the GPO to the Domain
diff --git a/windows/security/threat-protection/windows-firewall/mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design.md b/windows/security/operating-system-security/network-security/windows-firewall/mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design.md
similarity index 87%
rename from windows/security/threat-protection/windows-firewall/mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design.md
rename to windows/security/operating-system-security/network-security/windows-firewall/mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design.md
index 12d13c2b22..438921b4cf 100644
--- a/windows/security/threat-protection/windows-firewall/mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design.md
@@ -1,12 +1,9 @@
---
-title: Mapping your implementation goals to a Windows Firewall with Advanced Security design (Windows)
+title: Mapping your implementation goals to a Windows Firewall with Advanced Security design
description: Mapping your implementation goals to a Windows Firewall with Advanced Security design
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Mapping your implementation goals to a Windows Firewall with Advanced Security design
diff --git a/windows/security/threat-protection/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md b/windows/security/operating-system-security/network-security/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md
similarity index 90%
rename from windows/security/threat-protection/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md
rename to windows/security/operating-system-security/network-security/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md
index d5f3a66214..90d89139a8 100644
--- a/windows/security/threat-protection/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md
@@ -1,12 +1,9 @@
---
-title: Modify GPO Filters (Windows)
+title: Modify GPO Filters
description: Learn how to modify GPO filters to apply to a different zone or version of windows in Windows Defender Firewall with Advanced Security.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Modify GPO Filters to Apply to a Different Zone or Version of Windows
diff --git a/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-ip-security-policies.md b/windows/security/operating-system-security/network-security/windows-firewall/open-the-group-policy-management-console-to-ip-security-policies.md
similarity index 78%
rename from windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-ip-security-policies.md
rename to windows/security/operating-system-security/network-security/windows-firewall/open-the-group-policy-management-console-to-ip-security-policies.md
index 992acb97d6..a9137e37d3 100644
--- a/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-ip-security-policies.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/open-the-group-policy-management-console-to-ip-security-policies.md
@@ -1,12 +1,9 @@
---
-title: Open the Group Policy Management Console to IP Security Policies (Windows)
+title: Open the Group Policy Management Console to IP Security Policies
description: Learn how to open the Group Policy Management Console to IP Security Policies to configure GPOs for earlier versions of the Windows operating system.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Open the Group Policy Management Console to IP Security Policies
diff --git a/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md b/windows/security/operating-system-security/network-security/windows-firewall/open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md
similarity index 76%
rename from windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md
rename to windows/security/operating-system-security/network-security/windows-firewall/open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md
index 4752a0a65d..874e99e9c0 100644
--- a/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md
@@ -1,5 +1,5 @@
---
-title: Group Policy Management of Windows Firewall with Advanced Security (Windows)
+title: Group Policy Management of Windows Firewall with Advanced Security
description: Group Policy Management of Windows Firewall with Advanced Security
ms.prod: windows-client
ms.collection:
@@ -7,9 +7,6 @@ ms.collection:
- tier3
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Group Policy Management of Windows Firewall with Advanced Security
diff --git a/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md b/windows/security/operating-system-security/network-security/windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md
similarity index 66%
rename from windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md
rename to windows/security/operating-system-security/network-security/windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md
index ce8f5b6d70..9ba7d78ace 100644
--- a/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md
@@ -1,12 +1,9 @@
---
-title: Group Policy Management of Windows Defender Firewall (Windows)
+title: Group Policy Management of Windows Defender Firewall
description: Group Policy Management of Windows Defender Firewall with Advanced Security
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Group Policy Management of Windows Defender Firewall
diff --git a/windows/security/threat-protection/windows-firewall/open-windows-firewall-with-advanced-security.md b/windows/security/operating-system-security/network-security/windows-firewall/open-windows-firewall-with-advanced-security.md
similarity index 74%
rename from windows/security/threat-protection/windows-firewall/open-windows-firewall-with-advanced-security.md
rename to windows/security/operating-system-security/network-security/windows-firewall/open-windows-firewall-with-advanced-security.md
index ff0894fbe9..8440460338 100644
--- a/windows/security/threat-protection/windows-firewall/open-windows-firewall-with-advanced-security.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/open-windows-firewall-with-advanced-security.md
@@ -1,12 +1,9 @@
---
-title: Open Windows Defender Firewall with Advanced Security (Windows)
+title: Open Windows Defender Firewall with Advanced Security
description: Learn how to open the Windows Defender Firewall with Advanced Security console. You must be a member of the Administrators group.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Open Windows Defender Firewall with Advanced Security
diff --git a/windows/security/threat-protection/windows-firewall/planning-certificate-based-authentication.md b/windows/security/operating-system-security/network-security/windows-firewall/planning-certificate-based-authentication.md
similarity index 92%
rename from windows/security/threat-protection/windows-firewall/planning-certificate-based-authentication.md
rename to windows/security/operating-system-security/network-security/windows-firewall/planning-certificate-based-authentication.md
index 0d2b6f0d17..da42f627c0 100644
--- a/windows/security/threat-protection/windows-firewall/planning-certificate-based-authentication.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/planning-certificate-based-authentication.md
@@ -1,12 +1,9 @@
---
-title: Planning Certificate-based Authentication (Windows)
+title: Planning Certificate-based Authentication
description: Learn how a device unable to join an Active Directory domain can still participate in an isolated domain by using certificate-based authentication.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Planning Certificate-based Authentication
diff --git a/windows/security/threat-protection/windows-firewall/planning-domain-isolation-zones.md b/windows/security/operating-system-security/network-security/windows-firewall/planning-domain-isolation-zones.md
similarity index 74%
rename from windows/security/threat-protection/windows-firewall/planning-domain-isolation-zones.md
rename to windows/security/operating-system-security/network-security/windows-firewall/planning-domain-isolation-zones.md
index b9416b2c65..70214d68c5 100644
--- a/windows/security/threat-protection/windows-firewall/planning-domain-isolation-zones.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/planning-domain-isolation-zones.md
@@ -1,12 +1,9 @@
---
-title: Planning Domain Isolation Zones (Windows)
+title: Planning Domain Isolation Zones
description: Learn how to use information you've gathered to make decisions about isolation zones for your environment in Windows Defender Firewall with Advanced Security.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Planning Domain Isolation Zones
diff --git a/windows/security/threat-protection/windows-firewall/planning-gpo-deployment.md b/windows/security/operating-system-security/network-security/windows-firewall/planning-gpo-deployment.md
similarity index 96%
rename from windows/security/threat-protection/windows-firewall/planning-gpo-deployment.md
rename to windows/security/operating-system-security/network-security/windows-firewall/planning-gpo-deployment.md
index 13d93e09de..0370e8cb08 100644
--- a/windows/security/threat-protection/windows-firewall/planning-gpo-deployment.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/planning-gpo-deployment.md
@@ -1,12 +1,9 @@
---
-title: Planning GPO Deployment (Windows)
+title: Planning GPO Deployment
description: Learn how to use security group filtering and WMI filtering to provide the most flexible options for applying GPOs to devices in Active Directory.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Planning GPO Deployment
diff --git a/windows/security/threat-protection/windows-firewall/planning-group-policy-deployment-for-your-isolation-zones.md b/windows/security/operating-system-security/network-security/windows-firewall/planning-group-policy-deployment-for-your-isolation-zones.md
similarity index 80%
rename from windows/security/threat-protection/windows-firewall/planning-group-policy-deployment-for-your-isolation-zones.md
rename to windows/security/operating-system-security/network-security/windows-firewall/planning-group-policy-deployment-for-your-isolation-zones.md
index 8fd656a093..2dc15edfc9 100644
--- a/windows/security/threat-protection/windows-firewall/planning-group-policy-deployment-for-your-isolation-zones.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/planning-group-policy-deployment-for-your-isolation-zones.md
@@ -1,12 +1,9 @@
---
-title: Planning Group Policy Deployment for Your Isolation Zones (Windows)
+title: Planning Group Policy Deployment for Your Isolation Zones
description: Learn how to plan a group policy deployment for your isolation zones after you determine the best logical design for your isolation environment.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Planning Group Policy Deployment for Your Isolation Zones
diff --git a/windows/security/threat-protection/windows-firewall/planning-isolation-groups-for-the-zones.md b/windows/security/operating-system-security/network-security/windows-firewall/planning-isolation-groups-for-the-zones.md
similarity index 91%
rename from windows/security/threat-protection/windows-firewall/planning-isolation-groups-for-the-zones.md
rename to windows/security/operating-system-security/network-security/windows-firewall/planning-isolation-groups-for-the-zones.md
index 1c78f627e8..b58bf3b769 100644
--- a/windows/security/threat-protection/windows-firewall/planning-isolation-groups-for-the-zones.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/planning-isolation-groups-for-the-zones.md
@@ -1,12 +1,9 @@
---
-title: Planning Isolation Groups for the Zones (Windows)
+title: Planning Isolation Groups for the Zones
description: Learn about planning isolation groups for the zones in Microsoft Firewall, including information on universal groups and GPOs.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Planning Isolation Groups for the Zones
diff --git a/windows/security/threat-protection/windows-firewall/planning-network-access-groups.md b/windows/security/operating-system-security/network-security/windows-firewall/planning-network-access-groups.md
similarity index 88%
rename from windows/security/threat-protection/windows-firewall/planning-network-access-groups.md
rename to windows/security/operating-system-security/network-security/windows-firewall/planning-network-access-groups.md
index a347ceb834..436bc55bbd 100644
--- a/windows/security/threat-protection/windows-firewall/planning-network-access-groups.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/planning-network-access-groups.md
@@ -1,12 +1,9 @@
---
-title: Planning Network Access Groups (Windows)
+title: Planning Network Access Groups
description: Learn how to implement a network access group for users and devices that can access an isolated server in Windows Defender Firewall with Advanced Security.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Planning Network Access Groups
diff --git a/windows/security/threat-protection/windows-firewall/planning-server-isolation-zones.md b/windows/security/operating-system-security/network-security/windows-firewall/planning-server-isolation-zones.md
similarity index 95%
rename from windows/security/threat-protection/windows-firewall/planning-server-isolation-zones.md
rename to windows/security/operating-system-security/network-security/windows-firewall/planning-server-isolation-zones.md
index 07b4cbd666..c729611dac 100644
--- a/windows/security/threat-protection/windows-firewall/planning-server-isolation-zones.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/planning-server-isolation-zones.md
@@ -1,12 +1,9 @@
---
-title: Planning Server Isolation Zones (Windows)
+title: Planning Server Isolation Zones
description: Learn how to restrict access to a server to approved users by using a server isolation zone in Windows Defender Firewall with Advanced Security.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Planning Server Isolation Zones
diff --git a/windows/security/threat-protection/windows-firewall/planning-settings-for-a-basic-firewall-policy.md b/windows/security/operating-system-security/network-security/windows-firewall/planning-settings-for-a-basic-firewall-policy.md
similarity index 93%
rename from windows/security/threat-protection/windows-firewall/planning-settings-for-a-basic-firewall-policy.md
rename to windows/security/operating-system-security/network-security/windows-firewall/planning-settings-for-a-basic-firewall-policy.md
index 44044b6641..98e6a224a8 100644
--- a/windows/security/threat-protection/windows-firewall/planning-settings-for-a-basic-firewall-policy.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/planning-settings-for-a-basic-firewall-policy.md
@@ -1,12 +1,9 @@
---
-title: Planning Settings for a Basic Firewall Policy (Windows)
+title: Planning Settings for a Basic Firewall Policy
description: Learn how to design a basic policy for Windows Defender Firewall with Advanced Security, the settings and rules that enforce your requirements on devices.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Planning Settings for a Basic Firewall Policy
diff --git a/windows/security/threat-protection/windows-firewall/planning-the-gpos.md b/windows/security/operating-system-security/network-security/windows-firewall/planning-the-gpos.md
similarity index 93%
rename from windows/security/threat-protection/windows-firewall/planning-the-gpos.md
rename to windows/security/operating-system-security/network-security/windows-firewall/planning-the-gpos.md
index 1a3b157e57..88716eaf2a 100644
--- a/windows/security/threat-protection/windows-firewall/planning-the-gpos.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/planning-the-gpos.md
@@ -1,12 +1,9 @@
---
-title: Planning the GPOs (Windows)
+title: Planning the GPOs
description: Learn about planning Group Policy Objects for your isolation zones in Windows Defender Firewall with Advanced Security, after you design the zone layout.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Planning the GPOs
diff --git a/windows/security/threat-protection/windows-firewall/planning-to-deploy-windows-firewall-with-advanced-security.md b/windows/security/operating-system-security/network-security/windows-firewall/planning-to-deploy-windows-firewall-with-advanced-security.md
similarity index 91%
rename from windows/security/threat-protection/windows-firewall/planning-to-deploy-windows-firewall-with-advanced-security.md
rename to windows/security/operating-system-security/network-security/windows-firewall/planning-to-deploy-windows-firewall-with-advanced-security.md
index 1e06c6b8aa..7e7bff476d 100644
--- a/windows/security/threat-protection/windows-firewall/planning-to-deploy-windows-firewall-with-advanced-security.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/planning-to-deploy-windows-firewall-with-advanced-security.md
@@ -1,12 +1,9 @@
---
-title: Plan to Deploy Windows Defender Firewall with Advanced Security (Windows)
+title: Plan to Deploy Windows Defender Firewall with Advanced Security
description: Use the design information in this article to plan for the deployment of Windows Defender Firewall with Advanced Security in your organization.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Planning to Deploy Windows Defender Firewall with Advanced Security
diff --git a/windows/security/threat-protection/windows-firewall/planning-your-windows-firewall-with-advanced-security-design.md b/windows/security/operating-system-security/network-security/windows-firewall/planning-your-windows-firewall-with-advanced-security-design.md
similarity index 94%
rename from windows/security/threat-protection/windows-firewall/planning-your-windows-firewall-with-advanced-security-design.md
rename to windows/security/operating-system-security/network-security/windows-firewall/planning-your-windows-firewall-with-advanced-security-design.md
index 8909eac102..e048764374 100644
--- a/windows/security/threat-protection/windows-firewall/planning-your-windows-firewall-with-advanced-security-design.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/planning-your-windows-firewall-with-advanced-security-design.md
@@ -1,12 +1,9 @@
---
-title: Planning Your Windows Defender Firewall with Advanced Security Design (Windows)
+title: Planning Your Windows Defender Firewall with Advanced Security Design
description: After you gather the relevant information, select the design or combination of designs for Windows Defender Firewall with Advanced Security in your environment.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Planning Your Windows Defender Firewall with Advanced Security Design
diff --git a/windows/security/threat-protection/windows-firewall/protect-devices-from-unwanted-network-traffic.md b/windows/security/operating-system-security/network-security/windows-firewall/protect-devices-from-unwanted-network-traffic.md
similarity index 90%
rename from windows/security/threat-protection/windows-firewall/protect-devices-from-unwanted-network-traffic.md
rename to windows/security/operating-system-security/network-security/windows-firewall/protect-devices-from-unwanted-network-traffic.md
index 9fcf79f2f1..ee0412021e 100644
--- a/windows/security/threat-protection/windows-firewall/protect-devices-from-unwanted-network-traffic.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/protect-devices-from-unwanted-network-traffic.md
@@ -1,12 +1,9 @@
---
-title: Protect devices from unwanted network traffic (Windows)
+title: Protect devices from unwanted network traffic
description: Learn how running a host-based firewall on every device in your organization can help protect against attacks as part of a defense-in-depth security strategy.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 01/18/2022
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Protect devices from unwanted network traffic
diff --git a/windows/security/threat-protection/windows-firewall/quarantine.md b/windows/security/operating-system-security/network-security/windows-firewall/quarantine.md
similarity index 96%
rename from windows/security/threat-protection/windows-firewall/quarantine.md
rename to windows/security/operating-system-security/network-security/windows-firewall/quarantine.md
index 5b7c793f7f..093f4274fb 100644
--- a/windows/security/threat-protection/windows-firewall/quarantine.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/quarantine.md
@@ -4,9 +4,6 @@ description: Quarantine behavior is explained in detail.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Quarantine behavior
diff --git a/windows/security/threat-protection/windows-firewall/require-encryption-when-accessing-sensitive-network-resources.md b/windows/security/operating-system-security/network-security/windows-firewall/require-encryption-when-accessing-sensitive-network-resources.md
similarity index 91%
rename from windows/security/threat-protection/windows-firewall/require-encryption-when-accessing-sensitive-network-resources.md
rename to windows/security/operating-system-security/network-security/windows-firewall/require-encryption-when-accessing-sensitive-network-resources.md
index 44cc1d2090..1070cb1a65 100644
--- a/windows/security/threat-protection/windows-firewall/require-encryption-when-accessing-sensitive-network-resources.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/require-encryption-when-accessing-sensitive-network-resources.md
@@ -1,12 +1,9 @@
---
-title: Require Encryption When Accessing Sensitive Network Resources (Windows)
+title: Require Encryption When Accessing Sensitive Network Resources
description: Windows Defender Firewall with Advanced Security allows you to require that all network traffic in an isolated domain be encrypted.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Require Encryption When Accessing Sensitive Network Resources
diff --git a/windows/security/threat-protection/windows-firewall/restrict-access-to-only-specified-users-or-devices.md b/windows/security/operating-system-security/network-security/windows-firewall/restrict-access-to-only-specified-users-or-devices.md
similarity index 91%
rename from windows/security/threat-protection/windows-firewall/restrict-access-to-only-specified-users-or-devices.md
rename to windows/security/operating-system-security/network-security/windows-firewall/restrict-access-to-only-specified-users-or-devices.md
index 54222bff1a..28c8049c79 100644
--- a/windows/security/threat-protection/windows-firewall/restrict-access-to-only-specified-users-or-devices.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/restrict-access-to-only-specified-users-or-devices.md
@@ -1,12 +1,9 @@
---
-title: Restrict Access to Only Specified Users or Devices (Windows)
+title: Restrict Access to Only Specified Users or Devices
description: Restrict access to devices and users that are members of domain groups authorized to access that device using Windows Defender Firewall with Advanced Security.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Restrict Access to Only Specified Users or Computers
diff --git a/windows/security/threat-protection/windows-firewall/restrict-access-to-only-trusted-devices.md b/windows/security/operating-system-security/network-security/windows-firewall/restrict-access-to-only-trusted-devices.md
similarity index 93%
rename from windows/security/threat-protection/windows-firewall/restrict-access-to-only-trusted-devices.md
rename to windows/security/operating-system-security/network-security/windows-firewall/restrict-access-to-only-trusted-devices.md
index c2298b824a..f02e9c5708 100644
--- a/windows/security/threat-protection/windows-firewall/restrict-access-to-only-trusted-devices.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/restrict-access-to-only-trusted-devices.md
@@ -1,12 +1,9 @@
---
-title: Restrict access to only trusted devices (Windows)
+title: Restrict access to only trusted devices
description: Windows Defender Firewall with Advanced Security enables you to isolate devices you trust and restrict access of untrusted devices to trusted devices.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Restrict access to only trusted devices
diff --git a/windows/security/threat-protection/windows-firewall/restrict-server-access-to-members-of-a-group-only.md b/windows/security/operating-system-security/network-security/windows-firewall/restrict-server-access-to-members-of-a-group-only.md
similarity index 87%
rename from windows/security/threat-protection/windows-firewall/restrict-server-access-to-members-of-a-group-only.md
rename to windows/security/operating-system-security/network-security/windows-firewall/restrict-server-access-to-members-of-a-group-only.md
index 5132add40c..70a23e653f 100644
--- a/windows/security/threat-protection/windows-firewall/restrict-server-access-to-members-of-a-group-only.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/restrict-server-access-to-members-of-a-group-only.md
@@ -1,12 +1,9 @@
---
-title: Restrict Server Access to Members of a Group Only (Windows)
+title: Restrict Server Access to Members of a Group Only
description: Create a firewall rule to access isolated servers running Windows Server 2008 or later and restrict server access to members of a group.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Restrict Server Access to Members of a Group Only
diff --git a/windows/security/threat-protection/windows-firewall/securing-end-to-end-ipsec-connections-by-using-ikev2.md b/windows/security/operating-system-security/network-security/windows-firewall/securing-end-to-end-ipsec-connections-by-using-ikev2.md
similarity index 96%
rename from windows/security/threat-protection/windows-firewall/securing-end-to-end-ipsec-connections-by-using-ikev2.md
rename to windows/security/operating-system-security/network-security/windows-firewall/securing-end-to-end-ipsec-connections-by-using-ikev2.md
index 8f7f607d58..43e2f9523d 100644
--- a/windows/security/threat-protection/windows-firewall/securing-end-to-end-ipsec-connections-by-using-ikev2.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/securing-end-to-end-ipsec-connections-by-using-ikev2.md
@@ -1,12 +1,9 @@
---
-title: Securing End-to-End IPsec Connections by Using IKEv2 in Windows Server 2012 (Windows)
+title: Securing End-to-End IPsec Connections by Using IKEv2 in Windows Server 2012
description: Securing End-to-End IPsec Connections by Using IKEv2 in Windows Server 2012
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Securing End-to-End IPsec connections by using IKEv2
diff --git a/windows/security/threat-protection/windows-firewall/server-isolation-gpos.md b/windows/security/operating-system-security/network-security/windows-firewall/server-isolation-gpos.md
similarity index 85%
rename from windows/security/threat-protection/windows-firewall/server-isolation-gpos.md
rename to windows/security/operating-system-security/network-security/windows-firewall/server-isolation-gpos.md
index 11d7750b21..4cf32d44c0 100644
--- a/windows/security/threat-protection/windows-firewall/server-isolation-gpos.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/server-isolation-gpos.md
@@ -1,12 +1,9 @@
---
-title: Server Isolation GPOs (Windows)
+title: Server Isolation GPOs
description: Learn about required GPOs for isolation zones and how many server isolation zones you need in Windows Defender Firewall with Advanced Security.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Server Isolation GPOs
diff --git a/windows/security/threat-protection/windows-firewall/server-isolation-policy-design-example.md b/windows/security/operating-system-security/network-security/windows-firewall/server-isolation-policy-design-example.md
similarity index 95%
rename from windows/security/threat-protection/windows-firewall/server-isolation-policy-design-example.md
rename to windows/security/operating-system-security/network-security/windows-firewall/server-isolation-policy-design-example.md
index 41824b3e09..e1129a36b1 100644
--- a/windows/security/threat-protection/windows-firewall/server-isolation-policy-design-example.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/server-isolation-policy-design-example.md
@@ -1,12 +1,9 @@
---
-title: Server Isolation Policy Design Example (Windows)
+title: Server Isolation Policy Design Example
description: Learn about server isolation policy design in Windows Defender Firewall with Advanced Security by referring to this example of a fictitious company.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Server Isolation Policy Design Example
diff --git a/windows/security/threat-protection/windows-firewall/server-isolation-policy-design.md b/windows/security/operating-system-security/network-security/windows-firewall/server-isolation-policy-design.md
similarity index 93%
rename from windows/security/threat-protection/windows-firewall/server-isolation-policy-design.md
rename to windows/security/operating-system-security/network-security/windows-firewall/server-isolation-policy-design.md
index f2bedf42fb..327863f5ac 100644
--- a/windows/security/threat-protection/windows-firewall/server-isolation-policy-design.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/server-isolation-policy-design.md
@@ -1,12 +1,9 @@
---
-title: Server Isolation Policy Design (Windows)
+title: Server Isolation Policy Design
description: Learn about server isolation policy design, where you assign servers to a zone that allows access only to members of an approved network access group.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Server Isolation Policy Design
diff --git a/windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md b/windows/security/operating-system-security/network-security/windows-firewall/troubleshooting-uwp-firewall.md
similarity index 99%
rename from windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md
rename to windows/security/operating-system-security/network-security/windows-firewall/troubleshooting-uwp-firewall.md
index 2716e511cc..e120af6116 100644
--- a/windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/troubleshooting-uwp-firewall.md
@@ -3,9 +3,6 @@ title: Troubleshooting UWP App Connectivity Issues in Windows Firewall
description: Troubleshooting UWP App Connectivity Issues in Windows Firewall
ms.prod: windows-client
ms.topic: troubleshooting
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
ms.date: 12/31/2017
---
diff --git a/windows/security/threat-protection/windows-firewall/turn-on-windows-firewall-and-configure-default-behavior.md b/windows/security/operating-system-security/network-security/windows-firewall/turn-on-windows-firewall-and-configure-default-behavior.md
similarity index 82%
rename from windows/security/threat-protection/windows-firewall/turn-on-windows-firewall-and-configure-default-behavior.md
rename to windows/security/operating-system-security/network-security/windows-firewall/turn-on-windows-firewall-and-configure-default-behavior.md
index b51780f073..91091b431c 100644
--- a/windows/security/threat-protection/windows-firewall/turn-on-windows-firewall-and-configure-default-behavior.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/turn-on-windows-firewall-and-configure-default-behavior.md
@@ -1,12 +1,9 @@
---
-title: Turn on Windows Defender Firewall with Advanced Security and Configure Default Behavior (Windows)
+title: Turn on Windows Defender Firewall with Advanced Security and Configure Default Behavior
description: Turn on Windows Defender Firewall with Advanced Security and Configure Default Behavior
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Turn on Windows Defender Firewall with Advanced Security and Configure Default Behavior
diff --git a/windows/security/threat-protection/windows-firewall/understanding-the-windows-firewall-with-advanced-security-design-process.md b/windows/security/operating-system-security/network-security/windows-firewall/understanding-the-windows-firewall-with-advanced-security-design-process.md
similarity index 79%
rename from windows/security/threat-protection/windows-firewall/understanding-the-windows-firewall-with-advanced-security-design-process.md
rename to windows/security/operating-system-security/network-security/windows-firewall/understanding-the-windows-firewall-with-advanced-security-design-process.md
index 0658883723..e397c3d8a7 100644
--- a/windows/security/threat-protection/windows-firewall/understanding-the-windows-firewall-with-advanced-security-design-process.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/understanding-the-windows-firewall-with-advanced-security-design-process.md
@@ -1,12 +1,9 @@
---
-title: Understand WFAS Deployment (Windows)
+title: Understand WFAS Deployment
description: Resources for helping you understand the Windows Defender Firewall with Advanced Security (WFAS) Design Process
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Understanding the Windows Defender Firewall with Advanced Security Design Process
diff --git a/windows/security/threat-protection/windows-firewall/verify-that-network-traffic-is-authenticated.md b/windows/security/operating-system-security/network-security/windows-firewall/verify-that-network-traffic-is-authenticated.md
similarity index 93%
rename from windows/security/threat-protection/windows-firewall/verify-that-network-traffic-is-authenticated.md
rename to windows/security/operating-system-security/network-security/windows-firewall/verify-that-network-traffic-is-authenticated.md
index c535da432a..686e2d1efc 100644
--- a/windows/security/threat-protection/windows-firewall/verify-that-network-traffic-is-authenticated.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/verify-that-network-traffic-is-authenticated.md
@@ -1,12 +1,9 @@
---
-title: Verify That Network Traffic Is Authenticated (Windows)
+title: Verify That Network Traffic Is Authenticated
description: Learn how to confirm that network traffic is being protected by IPsec authentication after you configure your domain isolation rule to require authentication.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Verify That Network Traffic Is Authenticated
diff --git a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-administration-with-windows-powershell.md b/windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security-administration-with-windows-powershell.md
similarity index 99%
rename from windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-administration-with-windows-powershell.md
rename to windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security-administration-with-windows-powershell.md
index db4d835bdb..6bf60cec66 100644
--- a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-administration-with-windows-powershell.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security-administration-with-windows-powershell.md
@@ -1,12 +1,9 @@
---
-title: Windows Defender Firewall with Advanced Security Administration with Windows PowerShell (Windows)
+title: Windows Defender Firewall with Advanced Security Administration with Windows PowerShell
description: Windows Defender Firewall with Advanced Security Administration with Windows PowerShell
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Windows Defender Firewall with Advanced Security Administration with Windows PowerShell
diff --git a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md b/windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md
similarity index 93%
rename from windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md
rename to windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md
index 708fe115d7..7e97506932 100644
--- a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md
@@ -1,12 +1,9 @@
---
-title: Windows Defender Firewall with Advanced Security deployment overview (Windows)
+title: Windows Defender Firewall with Advanced Security deployment overview
description: Use this guide to deploy Windows Defender Firewall with Advanced Security for your enterprise to help protect devices and data that they share across a network.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Windows Defender Firewall with Advanced Security deployment overview
diff --git a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-design-guide.md b/windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security-design-guide.md
similarity index 97%
rename from windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-design-guide.md
rename to windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security-design-guide.md
index 75c5a94168..02d6c56ae0 100644
--- a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-design-guide.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security-design-guide.md
@@ -1,12 +1,9 @@
---
-title: Windows Defender Firewall with Advanced Security design guide (Windows)
+title: Windows Defender Firewall with Advanced Security design guide
description: Learn about common goals for using Windows Defender Firewall with Advanced Security to choose or create a design for deploying the firewall in your enterprise.
ms.prod: windows-client
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Windows Defender Firewall with Advanced Security design guide
diff --git a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md b/windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security.md
similarity index 89%
rename from windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md
rename to windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security.md
index a5468a9a20..83418c0d85 100644
--- a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security.md
@@ -1,5 +1,5 @@
---
-title: Windows Defender Firewall with Advanced Security (Windows)
+title: Windows Defender Firewall with Advanced Security
description: Learn overview information about the Windows Defender Firewall with Advanced Security (WFAS) and Internet Protocol security (IPsec) features.
ms.prod: windows-client
ms.collection:
@@ -7,9 +7,6 @@ ms.collection:
- tier3
ms.topic: conceptual
ms.date: 09/08/2021
-appliesto:
- - ✅ Windows 10 and later
- - ✅ Windows Server 2016 and later
---
# Windows Defender Firewall with Advanced Security
@@ -23,7 +20,7 @@ Windows Defender Firewall in Windows 8, Windows 7, Windows Vista, Windows Serv
The Windows Defender Firewall with Advanced Security MMC snap-in is more flexible and provides much more functionality than the consumer-friendly Windows Defender Firewall interface found in the Control Panel. Both interfaces interact with the same underlying services, but provide different levels of control over those services. While the Windows Defender Firewall Control Panel program can protect a single device in a home environment, it doesn't provide enough centralized management or security features to help secure more complex network traffic found in a typical business enterprise environment.
-[!INCLUDE [windows-firewall](../../../../includes/licensing/windows-firewall.md)]
+[!INCLUDE [windows-firewall](../../../../../includes/licensing/windows-firewall.md)]
## Feature description
diff --git a/windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.md b/windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.md
index b4b43624b2..457a454e3b 100644
--- a/windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.md
+++ b/windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.md
@@ -1,5 +1,5 @@
---
-title: Advanced security audit policy settings (Windows 10)
+title: Advanced security audit policy settings
description: This reference for IT professionals provides information about the advanced audit policy settings that are available in Windows and the audit events that they generate.
ms.assetid: 93b28b92-796f-4036-a53b-8b9e80f9f171
ms.reviewer: This reference for IT professionals provides information about the advanced audit policy settings that are available in Windows and the audit events that they generate.
diff --git a/windows/security/threat-protection/auditing/advanced-security-auditing.md b/windows/security/threat-protection/auditing/advanced-security-auditing.md
index 37031d5f88..61475f808a 100644
--- a/windows/security/threat-protection/auditing/advanced-security-auditing.md
+++ b/windows/security/threat-protection/auditing/advanced-security-auditing.md
@@ -1,5 +1,5 @@
---
-title: Advanced security audit policies (Windows 10)
+title: Advanced security audit policies
description: Advanced security audit policy settings may appear to overlap with basic policies, but they are recorded and applied differently. Learn more about them here.
ms.assetid: 6FE8AC10-F48E-4BBF-979B-43A5DFDC5DFC
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/appendix-a-security-monitoring-recommendations-for-many-audit-events.md b/windows/security/threat-protection/auditing/appendix-a-security-monitoring-recommendations-for-many-audit-events.md
index eb734ebf54..95dffa1f91 100644
--- a/windows/security/threat-protection/auditing/appendix-a-security-monitoring-recommendations-for-many-audit-events.md
+++ b/windows/security/threat-protection/auditing/appendix-a-security-monitoring-recommendations-for-many-audit-events.md
@@ -1,5 +1,5 @@
---
-title: Appendix A, Security monitoring recommendations for many audit events (Windows 10)
+title: Appendix A, Security monitoring recommendations for many audit events
description: Learn about recommendations for the type of monitoring required for certain classes of security audit events.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/apply-a-basic-audit-policy-on-a-file-or-folder.md b/windows/security/threat-protection/auditing/apply-a-basic-audit-policy-on-a-file-or-folder.md
index 1ab3f3f08e..eb01843ba1 100644
--- a/windows/security/threat-protection/auditing/apply-a-basic-audit-policy-on-a-file-or-folder.md
+++ b/windows/security/threat-protection/auditing/apply-a-basic-audit-policy-on-a-file-or-folder.md
@@ -1,5 +1,5 @@
---
-title: Apply a basic audit policy on a file or folder (Windows 10)
+title: Apply a basic audit policy on a file or folder
description: Apply audit policies to individual files and folders on your computer by setting the permission type to record access attempts in the security log.
ms.assetid: 565E7249-5CD0-4B2E-B2C0-B3A0793A51E2
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-account-lockout.md b/windows/security/threat-protection/auditing/audit-account-lockout.md
index f2cf0cc5ec..75f5a3fd62 100644
--- a/windows/security/threat-protection/auditing/audit-account-lockout.md
+++ b/windows/security/threat-protection/auditing/audit-account-lockout.md
@@ -1,5 +1,5 @@
---
-title: Audit Account Lockout (Windows 10)
+title: Audit Account Lockout
description: The policy setting, Audit Account Lockout, enables you to audit security events generated by a failed attempt to log on to an account that is locked out.
ms.assetid: da68624b-a174-482c-9bc5-ddddab38e589
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-application-generated.md b/windows/security/threat-protection/auditing/audit-application-generated.md
index 36f8f451a0..8d219480b0 100644
--- a/windows/security/threat-protection/auditing/audit-application-generated.md
+++ b/windows/security/threat-protection/auditing/audit-application-generated.md
@@ -1,5 +1,5 @@
---
-title: Audit Application Generated (Windows 10)
+title: Audit Application Generated
description: The policy setting, Audit Application Generated, determines if audit events are generated when applications attempt to use the Windows Auditing APIs.
ms.assetid: 6c58a365-b25b-42b8-98ab-819002e31871
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-application-group-management.md b/windows/security/threat-protection/auditing/audit-application-group-management.md
index cb91f3fa61..aae81ccb4f 100644
--- a/windows/security/threat-protection/auditing/audit-application-group-management.md
+++ b/windows/security/threat-protection/auditing/audit-application-group-management.md
@@ -1,5 +1,5 @@
---
-title: Audit Application Group Management (Windows 10)
+title: Audit Application Group Management
description: The policy setting, Audit Application Group Management, determines if audit events are generated when application group management tasks are performed.
ms.assetid: 1bcaa41e-5027-4a86-96b7-f04eaf1c0606
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-audit-policy-change.md b/windows/security/threat-protection/auditing/audit-audit-policy-change.md
index 74134a5bd9..bf1ae6aef5 100644
--- a/windows/security/threat-protection/auditing/audit-audit-policy-change.md
+++ b/windows/security/threat-protection/auditing/audit-audit-policy-change.md
@@ -1,5 +1,5 @@
---
-title: Audit Audit Policy Change (Windows 10)
+title: Audit Audit Policy Change
description: The Advanced Security Audit policy setting, Audit Audit Policy Change, determines if audit events are generated when changes are made to audit policy.
ms.assetid: 7153bf75-6978-4d7e-a821-59a699efb8a9
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-authentication-policy-change.md b/windows/security/threat-protection/auditing/audit-authentication-policy-change.md
index 318f08b516..969c9e4655 100644
--- a/windows/security/threat-protection/auditing/audit-authentication-policy-change.md
+++ b/windows/security/threat-protection/auditing/audit-authentication-policy-change.md
@@ -1,5 +1,5 @@
---
-title: Audit Authentication Policy Change (Windows 10)
+title: Audit Authentication Policy Change
description: The Advanced Security Audit policy setting, Audit Authentication Policy Change, determines if audit events are generated when authentication policy is changed.
ms.assetid: aa9cea7a-aadf-47b7-b704-ac253b8e79be
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-authorization-policy-change.md b/windows/security/threat-protection/auditing/audit-authorization-policy-change.md
index caa5d33848..e2548c51f2 100644
--- a/windows/security/threat-protection/auditing/audit-authorization-policy-change.md
+++ b/windows/security/threat-protection/auditing/audit-authorization-policy-change.md
@@ -1,5 +1,5 @@
---
-title: Audit Authorization Policy Change (Windows 10)
+title: Audit Authorization Policy Change
description: The policy setting, Audit Authorization Policy Change, determines if audit events are generated when specific changes are made to the authorization policy.
ms.assetid: ca0587a2-a2b3-4300-aa5d-48b4553c3b36
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-central-access-policy-staging.md b/windows/security/threat-protection/auditing/audit-central-access-policy-staging.md
index 62ac5c925c..6e0cbcb9f3 100644
--- a/windows/security/threat-protection/auditing/audit-central-access-policy-staging.md
+++ b/windows/security/threat-protection/auditing/audit-central-access-policy-staging.md
@@ -1,5 +1,5 @@
---
-title: Audit Central Access Policy Staging (Windows 10)
+title: Audit Central Access Policy Staging
description: The Advanced Security Audit policy setting, Audit Central Access Policy Staging, determines permissions on a Central Access Policy.
ms.assetid: D9BB11CE-949A-4B48-82BF-30DC5E6FC67D
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-certification-services.md b/windows/security/threat-protection/auditing/audit-certification-services.md
index 889edc295b..5461b50847 100644
--- a/windows/security/threat-protection/auditing/audit-certification-services.md
+++ b/windows/security/threat-protection/auditing/audit-certification-services.md
@@ -1,5 +1,5 @@
---
-title: Audit Certification Services (Windows 10)
+title: Audit Certification Services
description: The policy setting, Audit Certification Services, decides if events are generated when Active Directory Certificate Services (ADA CS) operations are performed.
ms.assetid: cdefc34e-fb1f-4eff-b766-17713c5a1b03
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-computer-account-management.md b/windows/security/threat-protection/auditing/audit-computer-account-management.md
index 63ad7eaac9..30a8dc2162 100644
--- a/windows/security/threat-protection/auditing/audit-computer-account-management.md
+++ b/windows/security/threat-protection/auditing/audit-computer-account-management.md
@@ -1,5 +1,5 @@
---
-title: Audit Computer Account Management (Windows 10)
+title: Audit Computer Account Management
description: The policy setting, Audit Computer Account Management, determines if audit events are generated when a computer account is created, changed, or deleted.
ms.assetid: 6c406693-57bf-4411-bb6c-ff83ce548991
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-credential-validation.md b/windows/security/threat-protection/auditing/audit-credential-validation.md
index a5a9dc7158..ca9006d297 100644
--- a/windows/security/threat-protection/auditing/audit-credential-validation.md
+++ b/windows/security/threat-protection/auditing/audit-credential-validation.md
@@ -1,5 +1,5 @@
---
-title: Audit Credential Validation (Windows 10)
+title: Audit Credential Validation
description: The policy setting, Audit Credential Validation, determines if audit events are generated when user account logon request credentials are submitted.
ms.assetid: 6654b33a-922e-4a43-8223-ec5086dfc926
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-detailed-directory-service-replication.md b/windows/security/threat-protection/auditing/audit-detailed-directory-service-replication.md
index 7fffbad3df..a90af61434 100644
--- a/windows/security/threat-protection/auditing/audit-detailed-directory-service-replication.md
+++ b/windows/security/threat-protection/auditing/audit-detailed-directory-service-replication.md
@@ -1,5 +1,5 @@
---
-title: Audit Detailed Directory Service Replication (Windows 10)
+title: Audit Detailed Directory Service Replication
description: The Audit Detailed Directory Service Replication setting decides if audit events contain detailed tracking info about data replicated between domain controllers
ms.assetid: 1b89c8f5-bce7-4b20-8701-42585c7ab993
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-detailed-file-share.md b/windows/security/threat-protection/auditing/audit-detailed-file-share.md
index 9ec6b5c148..e836a65007 100644
--- a/windows/security/threat-protection/auditing/audit-detailed-file-share.md
+++ b/windows/security/threat-protection/auditing/audit-detailed-file-share.md
@@ -1,5 +1,5 @@
---
-title: Audit Detailed File Share (Windows 10)
+title: Audit Detailed File Share
description: The Advanced Security Audit policy setting, Audit Detailed File Share, allows you to audit attempts to access files and folders on a shared folder.
ms.assetid: 60310104-b820-4033-a1cb-022a34f064ae
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-directory-service-access.md b/windows/security/threat-protection/auditing/audit-directory-service-access.md
index e58853650d..5d052e1b17 100644
--- a/windows/security/threat-protection/auditing/audit-directory-service-access.md
+++ b/windows/security/threat-protection/auditing/audit-directory-service-access.md
@@ -1,5 +1,5 @@
---
-title: Audit Directory Service Access (Windows 10)
+title: Audit Directory Service Access
description: The policy setting Audit Directory Service Access determines if audit events are generated when an Active Directory Domain Services (AD DS) object is accessed.
ms.assetid: ba2562ba-4282-4588-b87c-a3fcb771c7d0
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-directory-service-changes.md b/windows/security/threat-protection/auditing/audit-directory-service-changes.md
index c9485389e9..18879247a3 100644
--- a/windows/security/threat-protection/auditing/audit-directory-service-changes.md
+++ b/windows/security/threat-protection/auditing/audit-directory-service-changes.md
@@ -1,5 +1,5 @@
---
-title: Audit Directory Service Changes (Windows 10)
+title: Audit Directory Service Changes
description: The policy setting Audit Directory Service Changes determines if audit events are generated when objects in Active Directory Domain Services (AD DS) are changed
ms.assetid: 9f7c0dd4-3977-47dd-a0fb-ec2f17cad05e
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-directory-service-replication.md b/windows/security/threat-protection/auditing/audit-directory-service-replication.md
index 046dd9a1e7..096a8c7235 100644
--- a/windows/security/threat-protection/auditing/audit-directory-service-replication.md
+++ b/windows/security/threat-protection/auditing/audit-directory-service-replication.md
@@ -1,5 +1,5 @@
---
-title: Audit Directory Service Replication (Windows 10)
+title: Audit Directory Service Replication
description: Audit Directory Service Replication is a policy setting that decides if audit events are created when replication between two domain controllers begins or ends.
ms.assetid: b95d296c-7993-4e8d-8064-a8bbe284bd56
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-distribution-group-management.md b/windows/security/threat-protection/auditing/audit-distribution-group-management.md
index 8eb5bb988c..79dc631db9 100644
--- a/windows/security/threat-protection/auditing/audit-distribution-group-management.md
+++ b/windows/security/threat-protection/auditing/audit-distribution-group-management.md
@@ -1,5 +1,5 @@
---
-title: Audit Distribution Group Management (Windows 10)
+title: Audit Distribution Group Management
description: The policy setting, Audit Distribution Group Management, determines if audit events are generated for specific distribution-group management tasks.
ms.assetid: d46693a4-5887-4a58-85db-2f6cba224a66
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-dpapi-activity.md b/windows/security/threat-protection/auditing/audit-dpapi-activity.md
index 79dbf17692..c86719486a 100644
--- a/windows/security/threat-protection/auditing/audit-dpapi-activity.md
+++ b/windows/security/threat-protection/auditing/audit-dpapi-activity.md
@@ -1,5 +1,5 @@
---
-title: Audit DPAPI Activity (Windows 10)
+title: Audit DPAPI Activity
description: The policy setting, Audit DPAPI Activity, decides if encryption/decryption calls to the data protection application interface (DPAPI) generate audit events.
ms.assetid: be4d4c83-c857-4e3d-a84e-8bcc3f2c99cd
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-file-share.md b/windows/security/threat-protection/auditing/audit-file-share.md
index 577c138f46..3970447680 100644
--- a/windows/security/threat-protection/auditing/audit-file-share.md
+++ b/windows/security/threat-protection/auditing/audit-file-share.md
@@ -1,5 +1,5 @@
---
-title: Audit File Share (Windows 10)
+title: Audit File Share
description: The Advanced Security Audit policy setting, Audit File Share, determines if the operating system generates audit events when a file share is accessed.
ms.assetid: 9ea985f8-8936-4b79-abdb-35cbb7138f78
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-file-system.md b/windows/security/threat-protection/auditing/audit-file-system.md
index 037faaf8f4..1ecd400b99 100644
--- a/windows/security/threat-protection/auditing/audit-file-system.md
+++ b/windows/security/threat-protection/auditing/audit-file-system.md
@@ -1,5 +1,5 @@
---
-title: Audit File System (Windows 10)
+title: Audit File System
description: The Advanced Security Audit policy setting, Audit File System, determines if audit events are generated when users attempt to access file system objects.
ms.assetid: 6a71f283-b8e5-41ac-b348-0b7ec6ea0b1f
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-filtering-platform-connection.md b/windows/security/threat-protection/auditing/audit-filtering-platform-connection.md
index 5877ab26f1..541a9ea9fa 100644
--- a/windows/security/threat-protection/auditing/audit-filtering-platform-connection.md
+++ b/windows/security/threat-protection/auditing/audit-filtering-platform-connection.md
@@ -1,5 +1,5 @@
---
-title: Audit Filtering Platform Connection (Windows 10)
+title: Audit Filtering Platform Connection
description: The policy setting, Audit Filtering Platform Connection, decides if audit events are generated when connections are allow/blocked by Windows Filtering Platform.
ms.assetid: d72936e9-ff01-4d18-b864-a4958815df59
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-filtering-platform-packet-drop.md b/windows/security/threat-protection/auditing/audit-filtering-platform-packet-drop.md
index 9003cab47c..49924db420 100644
--- a/windows/security/threat-protection/auditing/audit-filtering-platform-packet-drop.md
+++ b/windows/security/threat-protection/auditing/audit-filtering-platform-packet-drop.md
@@ -1,5 +1,5 @@
---
-title: Audit Filtering Platform Packet Drop (Windows 10)
+title: Audit Filtering Platform Packet Drop
description: The policy setting, Audit Filtering Platform Packet Drop, determines if audit events are generated when packets are dropped by the Windows Filtering Platform.
ms.assetid: 95457601-68d1-4385-af20-87916ddab906
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-filtering-platform-policy-change.md b/windows/security/threat-protection/auditing/audit-filtering-platform-policy-change.md
index 1a4cab1153..828e0a1f16 100644
--- a/windows/security/threat-protection/auditing/audit-filtering-platform-policy-change.md
+++ b/windows/security/threat-protection/auditing/audit-filtering-platform-policy-change.md
@@ -1,5 +1,5 @@
---
-title: Audit Filtering Platform Policy Change (Windows 10)
+title: Audit Filtering Platform Policy Change
description: The policy setting, Audit Filtering Platform Policy Change, determines if audit events are generated for certain IPsec and Windows Filtering Platform actions.
ms.assetid: 0eaf1c56-672b-4ea9-825a-22dc03eb4041
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-group-membership.md b/windows/security/threat-protection/auditing/audit-group-membership.md
index 9f32d9d336..11fc2eca97 100644
--- a/windows/security/threat-protection/auditing/audit-group-membership.md
+++ b/windows/security/threat-protection/auditing/audit-group-membership.md
@@ -1,5 +1,5 @@
---
-title: Audit Group Membership (Windows 10)
+title: Audit Group Membership
description: Using the advanced security audit policy setting, Audit Group Membership, you can audit group memberships when they're enumerated on the client PC.
ms.assetid: 1CD7B014-FBD9-44B9-9274-CC5715DE58B9
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-handle-manipulation.md b/windows/security/threat-protection/auditing/audit-handle-manipulation.md
index 50470902eb..feb17cf68e 100644
--- a/windows/security/threat-protection/auditing/audit-handle-manipulation.md
+++ b/windows/security/threat-protection/auditing/audit-handle-manipulation.md
@@ -1,5 +1,5 @@
---
-title: Audit Handle Manipulation (Windows 10)
+title: Audit Handle Manipulation
description: The Advanced Security Audit policy setting, Audit Handle Manipulation, determines if audit events are generated when a handle to an object is opened or closed.
ms.assetid: 1fbb004a-ccdc-4c80-b3da-a4aa7a9f4091
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-ipsec-driver.md b/windows/security/threat-protection/auditing/audit-ipsec-driver.md
index cfcefafd36..c289430fe3 100644
--- a/windows/security/threat-protection/auditing/audit-ipsec-driver.md
+++ b/windows/security/threat-protection/auditing/audit-ipsec-driver.md
@@ -1,5 +1,5 @@
---
-title: Audit IPsec Driver (Windows 10)
+title: Audit IPsec Driver
description: The Advanced Security Audit policy setting, Audit IPsec Driver, determines if audit events are generated for the activities of the IPsec driver.
ms.assetid: c8b8c02f-5ad0-4ee5-9123-ea8cdae356a5
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-ipsec-extended-mode.md b/windows/security/threat-protection/auditing/audit-ipsec-extended-mode.md
index 33bfbb485d..ce2626dfde 100644
--- a/windows/security/threat-protection/auditing/audit-ipsec-extended-mode.md
+++ b/windows/security/threat-protection/auditing/audit-ipsec-extended-mode.md
@@ -1,5 +1,5 @@
---
-title: Audit IPsec Extended Mode (Windows 10)
+title: Audit IPsec Extended Mode
description: The setting, Audit IPsec Extended Mode, determines if audit events are generated for the results of IKE protocol and AuthIP during Extended Mode negotiations.
ms.assetid: 2b4fee9e-482a-4181-88a8-6a79d8fc8049
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-ipsec-main-mode.md b/windows/security/threat-protection/auditing/audit-ipsec-main-mode.md
index 7f1d59e38c..b9833c2182 100644
--- a/windows/security/threat-protection/auditing/audit-ipsec-main-mode.md
+++ b/windows/security/threat-protection/auditing/audit-ipsec-main-mode.md
@@ -1,5 +1,5 @@
---
-title: Audit IPsec Main Mode (Windows 10)
+title: Audit IPsec Main Mode
description: Learn about the policy setting, Audit IPsec Main Mode, which determines if the results of certain protocols generate events during Main Mode negotiations.
ms.assetid: 06ed26ec-3620-4ef4-a47a-c70df9c8827b
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-ipsec-quick-mode.md b/windows/security/threat-protection/auditing/audit-ipsec-quick-mode.md
index 869e1f4dcf..2c4b89bde5 100644
--- a/windows/security/threat-protection/auditing/audit-ipsec-quick-mode.md
+++ b/windows/security/threat-protection/auditing/audit-ipsec-quick-mode.md
@@ -1,5 +1,5 @@
---
-title: Audit IPsec Quick Mode (Windows 10)
+title: Audit IPsec Quick Mode
description: The policy setting, Audit IPsec Quick Mode, decides if audit events are generated for the results of the IKE protocol and AuthIP during Quick Mode negotiations.
ms.assetid: 7be67a15-c2ce-496a-9719-e25ac7699114
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-kerberos-authentication-service.md b/windows/security/threat-protection/auditing/audit-kerberos-authentication-service.md
index 4ed0bce866..f65c550e3a 100644
--- a/windows/security/threat-protection/auditing/audit-kerberos-authentication-service.md
+++ b/windows/security/threat-protection/auditing/audit-kerberos-authentication-service.md
@@ -1,5 +1,5 @@
---
-title: Audit Kerberos Authentication Service (Windows 10)
+title: Audit Kerberos Authentication Service
description: The policy setting Audit Kerberos Authentication Service decides if audit events are generated for Kerberos authentication ticket-granting ticket (TGT) requests
ms.assetid: 990dd6d9-1a1f-4cce-97ba-5d7e0a7db859
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-kerberos-service-ticket-operations.md b/windows/security/threat-protection/auditing/audit-kerberos-service-ticket-operations.md
index ed3c49dfef..1d333d9f8e 100644
--- a/windows/security/threat-protection/auditing/audit-kerberos-service-ticket-operations.md
+++ b/windows/security/threat-protection/auditing/audit-kerberos-service-ticket-operations.md
@@ -1,5 +1,5 @@
---
-title: Audit Kerberos Service Ticket Operations (Windows 10)
+title: Audit Kerberos Service Ticket Operations
description: The policy setting, Audit Kerberos Service Ticket Operations, determines if security audit events are generated for Kerberos service ticket requests.
ms.assetid: ddc0abef-ac7f-4849-b90d-66700470ccd6
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-kernel-object.md b/windows/security/threat-protection/auditing/audit-kernel-object.md
index 0dd8928c22..b2c76daf1a 100644
--- a/windows/security/threat-protection/auditing/audit-kernel-object.md
+++ b/windows/security/threat-protection/auditing/audit-kernel-object.md
@@ -1,5 +1,5 @@
---
-title: Audit Kernel Object (Windows 10)
+title: Audit Kernel Object
description: The policy setting, Audit Kernel Object, decides if user attempts to access the system kernel (which includes mutexes and semaphores) generate audit events.
ms.assetid: 75619d8b-b1eb-445b-afc9-0f9053be97fb
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-logoff.md b/windows/security/threat-protection/auditing/audit-logoff.md
index 6a1f7f33ef..81a615fbd6 100644
--- a/windows/security/threat-protection/auditing/audit-logoff.md
+++ b/windows/security/threat-protection/auditing/audit-logoff.md
@@ -1,5 +1,5 @@
---
-title: Audit Logoff (Windows 10)
+title: Audit Logoff
description: The Advanced Security Audit policy setting, Audit Logoff, determines if audit events are generated when logon sessions are terminated.
ms.assetid: 681e51f2-ba06-46f5-af8c-d9c48d515432
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-logon.md b/windows/security/threat-protection/auditing/audit-logon.md
index 4b78d70722..2f4de511f2 100644
--- a/windows/security/threat-protection/auditing/audit-logon.md
+++ b/windows/security/threat-protection/auditing/audit-logon.md
@@ -1,5 +1,5 @@
---
-title: Audit Logon (Windows 10)
+title: Audit Logon
description: The Advanced Security Audit policy setting, Audit Logon, determines if audit events are generated when a user attempts to log on to a computer.
ms.assetid: ca968d03-7d52-48c4-ba0e-2bcd2937231b
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-mpssvc-rule-level-policy-change.md b/windows/security/threat-protection/auditing/audit-mpssvc-rule-level-policy-change.md
index 4081cf31a9..8fd95ccf30 100644
--- a/windows/security/threat-protection/auditing/audit-mpssvc-rule-level-policy-change.md
+++ b/windows/security/threat-protection/auditing/audit-mpssvc-rule-level-policy-change.md
@@ -1,5 +1,5 @@
---
-title: Audit MPSSVC Rule-Level Policy Change (Windows 10)
+title: Audit MPSSVC Rule-Level Policy Change
description: Audit MPSSVC Rule-Level Policy Change determines if audit events are generated when policy rules are altered for the Microsoft Protection Service (MPSSVC.exe).
ms.assetid: 263461b3-c61c-4ec3-9dee-851164845019
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-network-policy-server.md b/windows/security/threat-protection/auditing/audit-network-policy-server.md
index 2501fecc08..44e3ef4880 100644
--- a/windows/security/threat-protection/auditing/audit-network-policy-server.md
+++ b/windows/security/threat-protection/auditing/audit-network-policy-server.md
@@ -1,5 +1,5 @@
---
-title: Audit Network Policy Server (Windows 10)
+title: Audit Network Policy Server
description: The policy setting, Audit Network Policy Server, determines if audit events are generated for RADIUS (IAS) and NAP activity on user access requests.
ms.assetid: 43b2aea4-26df-46da-b761-2b30f51a80f7
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-non-sensitive-privilege-use.md b/windows/security/threat-protection/auditing/audit-non-sensitive-privilege-use.md
index 01b3fb153f..990e574f0c 100644
--- a/windows/security/threat-protection/auditing/audit-non-sensitive-privilege-use.md
+++ b/windows/security/threat-protection/auditing/audit-non-sensitive-privilege-use.md
@@ -1,5 +1,5 @@
---
-title: Audit Non-Sensitive Privilege Use (Windows 10)
+title: Audit Non-Sensitive Privilege Use
description: This article for the IT professional describes the Advanced Security Audit policy setting, Audit Non-Sensitive Privilege Use, which determines whether the operating system generates audit events when non-sensitive privileges (user rights) are used.
ms.assetid: 8fd74783-1059-443e-aa86-566d78606627
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-other-account-logon-events.md b/windows/security/threat-protection/auditing/audit-other-account-logon-events.md
index 23ee128d63..ed3f8fa3f2 100644
--- a/windows/security/threat-protection/auditing/audit-other-account-logon-events.md
+++ b/windows/security/threat-protection/auditing/audit-other-account-logon-events.md
@@ -1,5 +1,5 @@
---
-title: Audit Other Account Logon Events (Windows 10)
+title: Audit Other Account Logon Events
description: The policy setting, Audit Other Account Logon Events allows you to audit events when generated by responses to credential requests for certain kinds of user logons.
ms.assetid: c8c6bfe0-33d2-4600-bb1a-6afa840d75b3
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-other-account-management-events.md b/windows/security/threat-protection/auditing/audit-other-account-management-events.md
index 8f3d985309..1a3cee2068 100644
--- a/windows/security/threat-protection/auditing/audit-other-account-management-events.md
+++ b/windows/security/threat-protection/auditing/audit-other-account-management-events.md
@@ -1,5 +1,5 @@
---
-title: Audit Other Account Management Events (Windows 10)
+title: Audit Other Account Management Events
description: The Advanced Security Audit policy setting, Audit Other Account Management Events, determines if user account management audit events are generated.
ms.assetid: 4ce22eeb-a96f-4cf9-a46d-6642961a31d5
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-other-logonlogoff-events.md b/windows/security/threat-protection/auditing/audit-other-logonlogoff-events.md
index 789ab297be..4fdbf61cac 100644
--- a/windows/security/threat-protection/auditing/audit-other-logonlogoff-events.md
+++ b/windows/security/threat-protection/auditing/audit-other-logonlogoff-events.md
@@ -1,5 +1,5 @@
---
-title: Audit Other Logon/Logoff Events (Windows 10)
+title: Audit Other Logon/Logoff Events
description: The Advanced Security Audit policy setting, Audit Other Logon/Logoff Events, determines if Windows generates audit events for other logon or logoff events.
ms.assetid: 76d987cd-1917-4907-a739-dd642609a458
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-other-object-access-events.md b/windows/security/threat-protection/auditing/audit-other-object-access-events.md
index 5dc0923e42..dd8800acac 100644
--- a/windows/security/threat-protection/auditing/audit-other-object-access-events.md
+++ b/windows/security/threat-protection/auditing/audit-other-object-access-events.md
@@ -1,5 +1,5 @@
---
-title: Audit Other Object Access Events (Windows 10)
+title: Audit Other Object Access Events
description: The policy setting, Audit Other Object Access Events, determines if audit events are generated for the management of Task Scheduler jobs or COM+ objects.
ms.assetid: b9774595-595d-4199-b0c5-8dbc12b6c8b2
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-other-policy-change-events.md b/windows/security/threat-protection/auditing/audit-other-policy-change-events.md
index d088e9f929..c3e7f98b0a 100644
--- a/windows/security/threat-protection/auditing/audit-other-policy-change-events.md
+++ b/windows/security/threat-protection/auditing/audit-other-policy-change-events.md
@@ -1,5 +1,5 @@
---
-title: Audit Other Policy Change Events (Windows 10)
+title: Audit Other Policy Change Events
description: The policy setting, Audit Other Policy Change Events, determines if audit events are generated for security policy changes that are not otherwise audited.
ms.assetid: 8618502e-c21c-41cc-8a49-3dc1eb359e60
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-other-privilege-use-events.md b/windows/security/threat-protection/auditing/audit-other-privilege-use-events.md
index c2487a6b33..b395ef62a2 100644
--- a/windows/security/threat-protection/auditing/audit-other-privilege-use-events.md
+++ b/windows/security/threat-protection/auditing/audit-other-privilege-use-events.md
@@ -1,5 +1,5 @@
---
-title: Audit Other Privilege Use Events (Windows 10)
+title: Audit Other Privilege Use Events
description: Learn about the audit other privilege use events, an auditing subcategory that should not have any events in it but enables generation of event 4985(S).
ms.assetid: 5f7f5b25-42a6-499f-8aa2-01ac79a2a63c
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-other-system-events.md b/windows/security/threat-protection/auditing/audit-other-system-events.md
index 63cfb375b0..d129bae159 100644
--- a/windows/security/threat-protection/auditing/audit-other-system-events.md
+++ b/windows/security/threat-protection/auditing/audit-other-system-events.md
@@ -1,5 +1,5 @@
---
-title: Audit Other System Events (Windows 10)
+title: Audit Other System Events
description: The Advanced Security Audit policy setting, Audit Other System Events, determines if the operating system audits various system events.
ms.assetid: 2401e4cc-d94e-41ec-82a7-e10914295f8b
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-pnp-activity.md b/windows/security/threat-protection/auditing/audit-pnp-activity.md
index 224eae5fcb..9c1c5cbed6 100644
--- a/windows/security/threat-protection/auditing/audit-pnp-activity.md
+++ b/windows/security/threat-protection/auditing/audit-pnp-activity.md
@@ -1,5 +1,5 @@
---
-title: Audit PNP Activity (Windows 10)
+title: Audit PNP Activity
description: The advanced security audit policy setting, Audit PNP Activity, determines when plug and play detects an external device.
ms.assetid: A3D87B3B-EBBE-442A-953B-9EB75A5F600E
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-process-creation.md b/windows/security/threat-protection/auditing/audit-process-creation.md
index 07b283ace9..6b204e6613 100644
--- a/windows/security/threat-protection/auditing/audit-process-creation.md
+++ b/windows/security/threat-protection/auditing/audit-process-creation.md
@@ -1,5 +1,5 @@
---
-title: Audit Process Creation (Windows 10)
+title: Audit Process Creation
description: The Advanced Security Audit policy setting, Audit Process Creation, determines if audit events are generated when a process is created (starts).
ms.assetid: 67e39fcd-ded6-45e8-b1b6-d411e4e93019
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-process-termination.md b/windows/security/threat-protection/auditing/audit-process-termination.md
index b156ba658a..863513add3 100644
--- a/windows/security/threat-protection/auditing/audit-process-termination.md
+++ b/windows/security/threat-protection/auditing/audit-process-termination.md
@@ -1,5 +1,5 @@
---
-title: Audit Process Termination (Windows 10)
+title: Audit Process Termination
description: The Advanced Security Audit policy setting, Audit Process Termination, determines if audit events are generated when an attempt is made to end a process.
ms.assetid: 65d88e53-14aa-48a4-812b-557cebbf9e50
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-registry.md b/windows/security/threat-protection/auditing/audit-registry.md
index a4423aeb52..3403bd8748 100644
--- a/windows/security/threat-protection/auditing/audit-registry.md
+++ b/windows/security/threat-protection/auditing/audit-registry.md
@@ -1,5 +1,5 @@
---
-title: Audit Registry (Windows 10)
+title: Audit Registry
description: The Advanced Security Audit policy setting, Audit Registry, determines if audit events are generated when users attempt to access registry objects.
ms.assetid: 02bcc23b-4823-46ac-b822-67beedf56b32
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-removable-storage.md b/windows/security/threat-protection/auditing/audit-removable-storage.md
index c9d2586107..f244e92a4c 100644
--- a/windows/security/threat-protection/auditing/audit-removable-storage.md
+++ b/windows/security/threat-protection/auditing/audit-removable-storage.md
@@ -1,5 +1,5 @@
---
-title: Audit Removable Storage (Windows 10)
+title: Audit Removable Storage
description: The Advanced Security Audit policy setting, Audit Removable Storage, determines when there is a read or a write to a removable drive.
ms.assetid: 1746F7B3-8B41-4661-87D8-12F734AFFB26
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-rpc-events.md b/windows/security/threat-protection/auditing/audit-rpc-events.md
index bee389855a..ec13a2b45c 100644
--- a/windows/security/threat-protection/auditing/audit-rpc-events.md
+++ b/windows/security/threat-protection/auditing/audit-rpc-events.md
@@ -1,5 +1,5 @@
---
-title: Audit RPC Events (Windows 10)
+title: Audit RPC Events
description: Audit RPC Events is an audit policy setting that determines if audit events are generated when inbound remote procedure call (RPC) connections are made.
ms.assetid: 868aec2d-93b4-4bc8-a150-941f88838ba6
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-sam.md b/windows/security/threat-protection/auditing/audit-sam.md
index c92e7d5ba5..b2cacec3a5 100644
--- a/windows/security/threat-protection/auditing/audit-sam.md
+++ b/windows/security/threat-protection/auditing/audit-sam.md
@@ -1,5 +1,5 @@
---
-title: Audit SAM (Windows 10)
+title: Audit SAM
description: The Advanced Security Audit policy setting, Audit SAM, enables you to audit events generated by attempts to access Security Account Manager (SAM) objects.
ms.assetid: 1d00f955-383d-4c95-bbd1-fab4a991a46e
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-security-group-management.md b/windows/security/threat-protection/auditing/audit-security-group-management.md
index 0564c257b6..eb76f1d581 100644
--- a/windows/security/threat-protection/auditing/audit-security-group-management.md
+++ b/windows/security/threat-protection/auditing/audit-security-group-management.md
@@ -1,5 +1,5 @@
---
-title: Audit Security Group Management (Windows 10)
+title: Audit Security Group Management
description: The policy setting, Audit Security Group Management, determines if audit events are generated when specific security group management tasks are performed.
ms.assetid: ac2ee101-557b-4c84-b9fa-4fb23331f1aa
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-security-state-change.md b/windows/security/threat-protection/auditing/audit-security-state-change.md
index 25686b4f33..a9b4d3ea8f 100644
--- a/windows/security/threat-protection/auditing/audit-security-state-change.md
+++ b/windows/security/threat-protection/auditing/audit-security-state-change.md
@@ -1,5 +1,5 @@
---
-title: Audit Security State Change (Windows 10)
+title: Audit Security State Change
description: The policy setting, Audit Security State Change, which determines whether Windows generates audit events for changes in the security state of a system.
ms.assetid: decb3218-a67d-4efa-afc0-337c79a89a2d
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-security-system-extension.md b/windows/security/threat-protection/auditing/audit-security-system-extension.md
index 72a72a15aa..3a230a5cfe 100644
--- a/windows/security/threat-protection/auditing/audit-security-system-extension.md
+++ b/windows/security/threat-protection/auditing/audit-security-system-extension.md
@@ -1,5 +1,5 @@
---
-title: Audit Security System Extension (Windows 10)
+title: Audit Security System Extension
description: The Advanced Security Audit policy setting, Audit Security System Extension, determines if audit events related to security system extensions are generated.
ms.assetid: 9f3c6bde-42b2-4a0a-b353-ed3106ebc005
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-sensitive-privilege-use.md b/windows/security/threat-protection/auditing/audit-sensitive-privilege-use.md
index c79520f698..3773c3c44d 100644
--- a/windows/security/threat-protection/auditing/audit-sensitive-privilege-use.md
+++ b/windows/security/threat-protection/auditing/audit-sensitive-privilege-use.md
@@ -1,5 +1,5 @@
---
-title: Audit Sensitive Privilege Use (Windows 10)
+title: Audit Sensitive Privilege Use
description: The policy setting, Audit Sensitive Privilege Use, determines if the operating system generates audit events when sensitive privileges (user rights) are used.
ms.assetid: 915abf50-42d2-45f6-9fd1-e7bd201b193d
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-special-logon.md b/windows/security/threat-protection/auditing/audit-special-logon.md
index e9958ffa2e..4b1edc838c 100644
--- a/windows/security/threat-protection/auditing/audit-special-logon.md
+++ b/windows/security/threat-protection/auditing/audit-special-logon.md
@@ -1,5 +1,5 @@
---
-title: Audit Special Logon (Windows 10)
+title: Audit Special Logon
description: The Advanced Security Audit policy setting, Audit Special Logon, determines if audit events are generated under special sign in (or logon) circumstances.
ms.assetid: e1501bac-1d09-4593-8ebb-f311231567d3
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-system-integrity.md b/windows/security/threat-protection/auditing/audit-system-integrity.md
index 4a313d8ae0..58d0a44687 100644
--- a/windows/security/threat-protection/auditing/audit-system-integrity.md
+++ b/windows/security/threat-protection/auditing/audit-system-integrity.md
@@ -1,5 +1,5 @@
---
-title: Audit System Integrity (Windows 10)
+title: Audit System Integrity
description: The policy setting, Audit System Integrity, determines if the operating system audits events that violate the integrity of the security subsystem.
ms.assetid: 942a9a7f-fa31-4067-88c7-f73978bf2034
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-token-right-adjusted.md b/windows/security/threat-protection/auditing/audit-token-right-adjusted.md
index d0969156b5..fd97b2de5e 100644
--- a/windows/security/threat-protection/auditing/audit-token-right-adjusted.md
+++ b/windows/security/threat-protection/auditing/audit-token-right-adjusted.md
@@ -1,5 +1,5 @@
---
-title: Audit Token Right Adjusted (Windows 10)
+title: Audit Token Right Adjusted
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Token Right Adjusted, which determines whether the operating system generates audit events when specific changes are made to the privileges of a token.
manager: aaroncz
author: vinaypamnani-msft
diff --git a/windows/security/threat-protection/auditing/audit-user-account-management.md b/windows/security/threat-protection/auditing/audit-user-account-management.md
index 2faba55a60..74dc66d2c4 100644
--- a/windows/security/threat-protection/auditing/audit-user-account-management.md
+++ b/windows/security/threat-protection/auditing/audit-user-account-management.md
@@ -1,5 +1,5 @@
---
-title: Audit User Account Management (Windows 10)
+title: Audit User Account Management
description: Audit User Account Management is an audit policy setting that determines if the operating system generates audit events when certain tasks are performed.
ms.assetid: f7e72998-3858-4197-a443-19586ecc4bfb
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/audit-user-device-claims.md b/windows/security/threat-protection/auditing/audit-user-device-claims.md
index e22930f47a..08a53b6cd8 100644
--- a/windows/security/threat-protection/auditing/audit-user-device-claims.md
+++ b/windows/security/threat-protection/auditing/audit-user-device-claims.md
@@ -1,5 +1,5 @@
---
-title: Audit User/Device Claims (Windows 10)
+title: Audit User/Device Claims
description: Audit User/Device Claims is an audit policy setting that enables you to audit security events that are generated by user and device claims.
ms.assetid: D3D2BFAF-F2C0-462A-9377-673DB49D5486
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/basic-audit-account-logon-events.md b/windows/security/threat-protection/auditing/basic-audit-account-logon-events.md
index da74741832..7623c4fb3c 100644
--- a/windows/security/threat-protection/auditing/basic-audit-account-logon-events.md
+++ b/windows/security/threat-protection/auditing/basic-audit-account-logon-events.md
@@ -1,5 +1,5 @@
---
-title: Audit account logon events (Windows 10)
+title: Audit account logon events
description: Determines whether to audit each instance of a user logging on to or logging off from another device in which this device is used to validate the account.
ms.assetid: 84B44181-E325-49A1-8398-AECC3CE0A516
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/basic-audit-account-management.md b/windows/security/threat-protection/auditing/basic-audit-account-management.md
index 22824ae059..7059ff21f3 100644
--- a/windows/security/threat-protection/auditing/basic-audit-account-management.md
+++ b/windows/security/threat-protection/auditing/basic-audit-account-management.md
@@ -1,5 +1,5 @@
---
-title: Audit account management (Windows 10)
+title: Audit account management
description: Determines whether to audit each event of account management on a device.
ms.assetid: 369197E1-7E0E-45A4-89EA-16D91EF01689
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/basic-audit-directory-service-access.md b/windows/security/threat-protection/auditing/basic-audit-directory-service-access.md
index e9bd4f0117..a77f8d8468 100644
--- a/windows/security/threat-protection/auditing/basic-audit-directory-service-access.md
+++ b/windows/security/threat-protection/auditing/basic-audit-directory-service-access.md
@@ -1,5 +1,5 @@
---
-title: Basic audit directory service access (Windows 10)
+title: Basic audit directory service access
description: Determines whether to audit the event of a user accessing an Active Directory object that has its own system access control list (SACL) specified.
ms.assetid: 52F02EED-3CFE-4307-8D06-CF1E27693D09
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/basic-audit-logon-events.md b/windows/security/threat-protection/auditing/basic-audit-logon-events.md
index 45ec095169..075921f764 100644
--- a/windows/security/threat-protection/auditing/basic-audit-logon-events.md
+++ b/windows/security/threat-protection/auditing/basic-audit-logon-events.md
@@ -1,5 +1,5 @@
---
-title: Audit logon events (Windows 10)
+title: Audit logon events
description: Determines whether to audit each instance of a user logging on to or logging off from a device.
ms.assetid: 78B5AFCB-0BBD-4C38-9FE9-6B4571B94A35
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/basic-audit-object-access.md b/windows/security/threat-protection/auditing/basic-audit-object-access.md
index 1b5014823a..1376b57216 100644
--- a/windows/security/threat-protection/auditing/basic-audit-object-access.md
+++ b/windows/security/threat-protection/auditing/basic-audit-object-access.md
@@ -1,5 +1,5 @@
---
-title: Audit object access (Windows 10)
+title: Audit object access
description: The policy setting, Audit object access, determines whether to audit the event generated when a user accesses an object that has its own SACL specified.
ms.assetid: D15B6D67-7886-44C2-9972-3F192D5407EA
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/basic-audit-policy-change.md b/windows/security/threat-protection/auditing/basic-audit-policy-change.md
index e698be1f37..feb9487f03 100644
--- a/windows/security/threat-protection/auditing/basic-audit-policy-change.md
+++ b/windows/security/threat-protection/auditing/basic-audit-policy-change.md
@@ -1,5 +1,5 @@
---
-title: Audit policy change (Windows 10)
+title: Audit policy change
description: Determines whether to audit every incident of a change to user rights assignment policies, audit policies, or trust policies.
ms.assetid: 1025A648-6B22-4C85-9F47-FE0897F1FA31
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/basic-audit-privilege-use.md b/windows/security/threat-protection/auditing/basic-audit-privilege-use.md
index 4e70e2b0f1..c459cc1086 100644
--- a/windows/security/threat-protection/auditing/basic-audit-privilege-use.md
+++ b/windows/security/threat-protection/auditing/basic-audit-privilege-use.md
@@ -1,5 +1,5 @@
---
-title: Audit privilege use (Windows 10)
+title: Audit privilege use
description: Determines whether to audit each instance of a user exercising a user right.
ms.assetid: C5C6DAAF-8B58-4DFB-B1CE-F0675AE0E9F8
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/basic-audit-process-tracking.md b/windows/security/threat-protection/auditing/basic-audit-process-tracking.md
index e2d32e164d..8adcb1235c 100644
--- a/windows/security/threat-protection/auditing/basic-audit-process-tracking.md
+++ b/windows/security/threat-protection/auditing/basic-audit-process-tracking.md
@@ -1,5 +1,5 @@
---
-title: Audit process tracking (Windows 10)
+title: Audit process tracking
description: Determines whether to audit detailed tracking information for events such as program activation, process exit, handle duplication, and indirect object access.
ms.assetid: 91AC5C1E-F4DA-4B16-BEE2-C92D66E4CEEA
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/basic-audit-system-events.md b/windows/security/threat-protection/auditing/basic-audit-system-events.md
index e1c1c1a64c..9ea0655ee8 100644
--- a/windows/security/threat-protection/auditing/basic-audit-system-events.md
+++ b/windows/security/threat-protection/auditing/basic-audit-system-events.md
@@ -1,5 +1,5 @@
---
-title: Audit system events (Windows 10)
+title: Audit system events
description: Determines whether to audit when a user restarts or shuts down the computer or when an event occurs that affects either the system security or the security log.
ms.assetid: BF27588C-2AA7-4365-A4BF-3BB377916447
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/basic-security-audit-policies.md b/windows/security/threat-protection/auditing/basic-security-audit-policies.md
index 5a4bec26db..e8e67ff791 100644
--- a/windows/security/threat-protection/auditing/basic-security-audit-policies.md
+++ b/windows/security/threat-protection/auditing/basic-security-audit-policies.md
@@ -1,5 +1,5 @@
---
-title: Basic security audit policies (Windows 10)
+title: Basic security audit policies
description: Learn about basic security audit policies that specify the categories of security-related events that you want to audit for the needs of your organization.
ms.assetid: 3B678568-7AD7-4734-9BB4-53CF5E04E1D3
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/basic-security-audit-policy-settings.md b/windows/security/threat-protection/auditing/basic-security-audit-policy-settings.md
index aa0e4c7ea2..85d95b74f6 100644
--- a/windows/security/threat-protection/auditing/basic-security-audit-policy-settings.md
+++ b/windows/security/threat-protection/auditing/basic-security-audit-policy-settings.md
@@ -1,5 +1,5 @@
---
-title: Basic security audit policy settings (Windows 10)
+title: Basic security audit policy settings
description: Basic security audit policy settings are found under Computer Configuration\\Windows Settings\\Security Settings\\Local Policies\\Audit Policy.
ms.assetid: 31C2C453-2CFC-4D9E-BC88-8CE1C1A8F900
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/create-a-basic-audit-policy-settings-for-an-event-category.md b/windows/security/threat-protection/auditing/create-a-basic-audit-policy-settings-for-an-event-category.md
index f27b911fa2..9b03c40bbf 100644
--- a/windows/security/threat-protection/auditing/create-a-basic-audit-policy-settings-for-an-event-category.md
+++ b/windows/security/threat-protection/auditing/create-a-basic-audit-policy-settings-for-an-event-category.md
@@ -1,5 +1,5 @@
---
-title: Create a basic audit policy for an event category (Windows 10)
+title: Create a basic audit policy for an event category
description: By defining auditing settings for specific event categories, you can create an auditing policy that suits the security needs of your organization.
ms.assetid: C9F52751-B40D-482E-BE9D-2C61098249D3
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/event-1100.md b/windows/security/threat-protection/auditing/event-1100.md
index b0606e87da..5757c2d6ae 100644
--- a/windows/security/threat-protection/auditing/event-1100.md
+++ b/windows/security/threat-protection/auditing/event-1100.md
@@ -1,5 +1,5 @@
---
-title: 1100(S) The event logging service has shut down. (Windows 10)
+title: 1100(S) The event logging service has shut down.
description: Describes security event 1100(S) The event logging service has shut down.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-1102.md b/windows/security/threat-protection/auditing/event-1102.md
index c319070f2a..16c59d4352 100644
--- a/windows/security/threat-protection/auditing/event-1102.md
+++ b/windows/security/threat-protection/auditing/event-1102.md
@@ -1,5 +1,5 @@
---
-title: 1102(S) The audit log was cleared. (Windows 10)
+title: 1102(S) The audit log was cleared.
description: Though you shouldn't normally see it, this event generates every time Windows Security audit log is cleared. This is for event 1102(S).
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-1104.md b/windows/security/threat-protection/auditing/event-1104.md
index 7768b7a43a..3f61cee0ab 100644
--- a/windows/security/threat-protection/auditing/event-1104.md
+++ b/windows/security/threat-protection/auditing/event-1104.md
@@ -1,5 +1,5 @@
---
-title: 1104(S) The security log is now full. (Windows 10)
+title: 1104(S) The security log is now full.
description: This event generates every time Windows security log becomes full and the event log retention method is set to Do not overwrite events.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-1105.md b/windows/security/threat-protection/auditing/event-1105.md
index 2c10dd205e..cac285228f 100644
--- a/windows/security/threat-protection/auditing/event-1105.md
+++ b/windows/security/threat-protection/auditing/event-1105.md
@@ -1,5 +1,5 @@
---
-title: 1105(S) Event log automatic backup. (Windows 10)
+title: 1105(S) Event log automatic backup.
description: This event generates every time Windows security log becomes full and new event log file was created.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-1108.md b/windows/security/threat-protection/auditing/event-1108.md
index 3412104704..68ae9463dc 100644
--- a/windows/security/threat-protection/auditing/event-1108.md
+++ b/windows/security/threat-protection/auditing/event-1108.md
@@ -1,5 +1,5 @@
---
-title: The event logging service encountered an error (Windows 10)
+title: The event logging service encountered an error
description: Describes security event 1108(S) The event logging service encountered an error while processing an incoming event published from %1.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4608.md b/windows/security/threat-protection/auditing/event-4608.md
index bbcb45e073..8c603dd52e 100644
--- a/windows/security/threat-protection/auditing/event-4608.md
+++ b/windows/security/threat-protection/auditing/event-4608.md
@@ -1,5 +1,5 @@
---
-title: 4608(S) Windows is starting up. (Windows 10)
+title: 4608(S) Windows is starting up.
description: Describes security event 4608(S) Windows is starting up. This event is logged when the LSASS.EXE process starts and the auditing subsystem is initialized.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4610.md b/windows/security/threat-protection/auditing/event-4610.md
index 2307a50732..714b4c0d5a 100644
--- a/windows/security/threat-protection/auditing/event-4610.md
+++ b/windows/security/threat-protection/auditing/event-4610.md
@@ -1,5 +1,5 @@
---
-title: 4610(S) An authentication package has been loaded by the Local Security Authority. (Windows 10)
+title: 4610(S) An authentication package has been loaded by the Local Security Authority.
description: Describes security event 4610(S) An authentication package has been loaded by the Local Security Authority.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4611.md b/windows/security/threat-protection/auditing/event-4611.md
index 54b57cc223..6c30ed7235 100644
--- a/windows/security/threat-protection/auditing/event-4611.md
+++ b/windows/security/threat-protection/auditing/event-4611.md
@@ -1,5 +1,5 @@
---
-title: 4611(S) A trusted logon process has been registered with the Local Security Authority. (Windows 10)
+title: 4611(S) A trusted logon process has been registered with the Local Security Authority.
description: Describes security event 4611(S) A trusted logon process has been registered with the Local Security Authority.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4612.md b/windows/security/threat-protection/auditing/event-4612.md
index 111fa80c83..70ee3338ae 100644
--- a/windows/security/threat-protection/auditing/event-4612.md
+++ b/windows/security/threat-protection/auditing/event-4612.md
@@ -1,5 +1,5 @@
---
-title: 4612(S) Internal resources allocated for the queuing of audit messages have been exhausted, leading to the loss of some audits. (Windows 10)
+title: 4612(S) Internal resources allocated for the queuing of audit messages have been exhausted, leading to the loss of some audits.
description: Describes security event 4612(S) Internal resources allocated for the queuing of audit messages have been exhausted, leading to the loss of some audits.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4614.md b/windows/security/threat-protection/auditing/event-4614.md
index edb915b91d..5a7d10d8a8 100644
--- a/windows/security/threat-protection/auditing/event-4614.md
+++ b/windows/security/threat-protection/auditing/event-4614.md
@@ -1,5 +1,5 @@
---
-title: 4614(S) A notification package has been loaded by the Security Account Manager. (Windows 10)
+title: 4614(S) A notification package has been loaded by the Security Account Manager.
description: Describes security event 4614(S) A notification package has been loaded by the Security Account Manager.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4615.md b/windows/security/threat-protection/auditing/event-4615.md
index f74209909e..92134c76a4 100644
--- a/windows/security/threat-protection/auditing/event-4615.md
+++ b/windows/security/threat-protection/auditing/event-4615.md
@@ -1,5 +1,5 @@
---
-title: 4615(S) Invalid use of LPC port. (Windows 10)
+title: 4615(S) Invalid use of LPC port.
description: Describes security event 4615(S) Invalid use of LPC port. It appears that the Invalid use of LPC port event never occurs.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4616.md b/windows/security/threat-protection/auditing/event-4616.md
index 166b695ebb..fa1166e46d 100644
--- a/windows/security/threat-protection/auditing/event-4616.md
+++ b/windows/security/threat-protection/auditing/event-4616.md
@@ -1,5 +1,5 @@
---
-title: 4616(S) The system time was changed. (Windows 10)
+title: 4616(S) The system time was changed.
description: Describes security event 4616(S) The system time was changed. This event is generated every time system time is changed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4618.md b/windows/security/threat-protection/auditing/event-4618.md
index f35815a20c..8d50584182 100644
--- a/windows/security/threat-protection/auditing/event-4618.md
+++ b/windows/security/threat-protection/auditing/event-4618.md
@@ -1,5 +1,5 @@
---
-title: 4618(S) A monitored security event pattern has occurred. (Windows 10)
+title: 4618(S) A monitored security event pattern has occurred.
description: Describes security event 4618(S) A monitored security event pattern has occurred.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4621.md b/windows/security/threat-protection/auditing/event-4621.md
index 64e4f81134..56fa6c3379 100644
--- a/windows/security/threat-protection/auditing/event-4621.md
+++ b/windows/security/threat-protection/auditing/event-4621.md
@@ -1,5 +1,5 @@
---
-title: 4621(S) Administrator recovered system from CrashOnAuditFail. (Windows 10)
+title: 4621(S) Administrator recovered system from CrashOnAuditFail.
description: Describes security event 4621(S) Administrator recovered system from CrashOnAuditFail.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4622.md b/windows/security/threat-protection/auditing/event-4622.md
index 5dc147c077..50bec63d42 100644
--- a/windows/security/threat-protection/auditing/event-4622.md
+++ b/windows/security/threat-protection/auditing/event-4622.md
@@ -1,5 +1,5 @@
---
-title: 4622(S) A security package has been loaded by the Local Security Authority. (Windows 10)
+title: 4622(S) A security package has been loaded by the Local Security Authority.
description: Describes security event 4622(S) A security package has been loaded by the Local Security Authority.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4624.md b/windows/security/threat-protection/auditing/event-4624.md
index e081fcb3f0..ad06ba99ab 100644
--- a/windows/security/threat-protection/auditing/event-4624.md
+++ b/windows/security/threat-protection/auditing/event-4624.md
@@ -1,5 +1,5 @@
---
-title: 4624(S) An account was successfully logged on. (Windows 10)
+title: 4624(S) An account was successfully logged on.
description: Describes security event 4624(S) An account was successfully logged on.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4625.md b/windows/security/threat-protection/auditing/event-4625.md
index 45f8a019b0..2379077b79 100644
--- a/windows/security/threat-protection/auditing/event-4625.md
+++ b/windows/security/threat-protection/auditing/event-4625.md
@@ -1,5 +1,5 @@
---
-title: 4625(F) An account failed to log on. (Windows 10)
+title: 4625(F) An account failed to log on.
description: Describes security event 4625(F) An account failed to log on. This event is generated if an account logon attempt failed for a locked out account.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4626.md b/windows/security/threat-protection/auditing/event-4626.md
index addb26abce..804389426d 100644
--- a/windows/security/threat-protection/auditing/event-4626.md
+++ b/windows/security/threat-protection/auditing/event-4626.md
@@ -1,5 +1,5 @@
---
-title: 4626(S) User/Device claims information. (Windows 10)
+title: 4626(S) User/Device claims information.
description: Describes security event 4626(S) User/Device claims information. This event is generated for new account logons.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4627.md b/windows/security/threat-protection/auditing/event-4627.md
index 0da1f08aee..111b2523c8 100644
--- a/windows/security/threat-protection/auditing/event-4627.md
+++ b/windows/security/threat-protection/auditing/event-4627.md
@@ -1,5 +1,5 @@
---
-title: 4627(S) Group membership information. (Windows 10)
+title: 4627(S) Group membership information.
description: Describes security event 4627(S) Group membership information. This event is generated with event 4624(S) An account was successfully logged on.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4634.md b/windows/security/threat-protection/auditing/event-4634.md
index 6d8ed22539..086b8f85cf 100644
--- a/windows/security/threat-protection/auditing/event-4634.md
+++ b/windows/security/threat-protection/auditing/event-4634.md
@@ -1,5 +1,5 @@
---
-title: 4634(S) An account was logged off. (Windows 10)
+title: 4634(S) An account was logged off.
description: Describes security event 4634(S) An account was logged off. This event is generated when a logon session is terminated and no longer exists.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4647.md b/windows/security/threat-protection/auditing/event-4647.md
index 64c7e02466..05586a8c05 100644
--- a/windows/security/threat-protection/auditing/event-4647.md
+++ b/windows/security/threat-protection/auditing/event-4647.md
@@ -1,5 +1,5 @@
---
-title: 4647(S) User initiated logoff. (Windows 10)
+title: 4647(S) User initiated logoff.
description: Describes security event 4647(S) User initiated logoff. This event is generated when a logoff is initiated. No further user-initiated activity can occur.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4648.md b/windows/security/threat-protection/auditing/event-4648.md
index 5ffebb9c04..73012d0cf2 100644
--- a/windows/security/threat-protection/auditing/event-4648.md
+++ b/windows/security/threat-protection/auditing/event-4648.md
@@ -1,5 +1,5 @@
---
-title: 4648(S) A logon was attempted using explicit credentials. (Windows 10)
+title: 4648(S) A logon was attempted using explicit credentials.
description: Describes security event 4648(S) A logon was attempted using explicit credentials.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4649.md b/windows/security/threat-protection/auditing/event-4649.md
index 98a1c9ad18..c4caa3d98d 100644
--- a/windows/security/threat-protection/auditing/event-4649.md
+++ b/windows/security/threat-protection/auditing/event-4649.md
@@ -1,5 +1,5 @@
---
-title: 4649(S) A replay attack was detected. (Windows 10)
+title: 4649(S) A replay attack was detected.
description: Describes security event 4649(S) A replay attack was detected. This event is generated when a KRB_AP_ERR_REPEAT Kerberos response is sent to the client.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4656.md b/windows/security/threat-protection/auditing/event-4656.md
index 7d974fa3fa..81803532eb 100644
--- a/windows/security/threat-protection/auditing/event-4656.md
+++ b/windows/security/threat-protection/auditing/event-4656.md
@@ -1,5 +1,5 @@
---
-title: 4656(S, F) A handle to an object was requested. (Windows 10)
+title: 4656(S, F) A handle to an object was requested.
description: Describes security event 4656(S, F) A handle to an object was requested.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4657.md b/windows/security/threat-protection/auditing/event-4657.md
index cb4ecc3ae1..73a89ae5ff 100644
--- a/windows/security/threat-protection/auditing/event-4657.md
+++ b/windows/security/threat-protection/auditing/event-4657.md
@@ -1,5 +1,5 @@
---
-title: 4657(S) A registry value was modified. (Windows 10)
+title: 4657(S) A registry value was modified.
description: Describes security event 4657(S) A registry value was modified. This event is generated when a registry key value is modified.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4658.md b/windows/security/threat-protection/auditing/event-4658.md
index 532558cd00..95ec14dff4 100644
--- a/windows/security/threat-protection/auditing/event-4658.md
+++ b/windows/security/threat-protection/auditing/event-4658.md
@@ -1,5 +1,5 @@
---
-title: 4658(S) The handle to an object was closed. (Windows 10)
+title: 4658(S) The handle to an object was closed.
description: Describes security event 4658(S) The handle to an object was closed. This event is generated when the handle to an object is closed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4660.md b/windows/security/threat-protection/auditing/event-4660.md
index b0124437c6..348903da4c 100644
--- a/windows/security/threat-protection/auditing/event-4660.md
+++ b/windows/security/threat-protection/auditing/event-4660.md
@@ -1,5 +1,5 @@
---
-title: 4660(S) An object was deleted. (Windows 10)
+title: 4660(S) An object was deleted.
description: Describes security event 4660(S) An object was deleted. This event is generated when an object is deleted.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4661.md b/windows/security/threat-protection/auditing/event-4661.md
index 6cc68892c8..cbafd424c3 100644
--- a/windows/security/threat-protection/auditing/event-4661.md
+++ b/windows/security/threat-protection/auditing/event-4661.md
@@ -1,5 +1,5 @@
---
-title: 4661(S, F) A handle to an object was requested. (Windows 10)
+title: 4661(S, F) A handle to an object was requested.
description: Describes security event 4661(S, F) A handle to an object was requested.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4662.md b/windows/security/threat-protection/auditing/event-4662.md
index cf19827489..1b85e12b87 100644
--- a/windows/security/threat-protection/auditing/event-4662.md
+++ b/windows/security/threat-protection/auditing/event-4662.md
@@ -1,5 +1,5 @@
---
-title: 4662(S, F) An operation was performed on an object. (Windows 10)
+title: 4662(S, F) An operation was performed on an object.
description: Describes security event 4662(S, F) An operation was performed on an object.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4663.md b/windows/security/threat-protection/auditing/event-4663.md
index cf790af491..5a1134b2d1 100644
--- a/windows/security/threat-protection/auditing/event-4663.md
+++ b/windows/security/threat-protection/auditing/event-4663.md
@@ -1,5 +1,5 @@
---
-title: 4663(S) An attempt was made to access an object. (Windows 10)
+title: 4663(S) An attempt was made to access an object.
description: Describes security event 4663(S) An attempt was made to access an object.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4664.md b/windows/security/threat-protection/auditing/event-4664.md
index 0a27e27f7d..b6673c7380 100644
--- a/windows/security/threat-protection/auditing/event-4664.md
+++ b/windows/security/threat-protection/auditing/event-4664.md
@@ -1,5 +1,5 @@
---
-title: 4664(S) An attempt was made to create a hard link. (Windows 10)
+title: 4664(S) An attempt was made to create a hard link.
description: Describes security event 4664(S) An attempt was made to create a hard link.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4670.md b/windows/security/threat-protection/auditing/event-4670.md
index f20653ded7..d0e48676ce 100644
--- a/windows/security/threat-protection/auditing/event-4670.md
+++ b/windows/security/threat-protection/auditing/event-4670.md
@@ -1,5 +1,5 @@
---
-title: 4670(S) Permissions on an object were changed. (Windows 10)
+title: 4670(S) Permissions on an object were changed.
description: Describes security event 4670(S) Permissions on an object were changed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4671.md b/windows/security/threat-protection/auditing/event-4671.md
index 3215da12d8..5e922fa30c 100644
--- a/windows/security/threat-protection/auditing/event-4671.md
+++ b/windows/security/threat-protection/auditing/event-4671.md
@@ -1,5 +1,5 @@
---
-title: 4671(-) An application attempted to access a blocked ordinal through the TBS. (Windows 10)
+title: 4671(-) An application attempted to access a blocked ordinal through the TBS.
description: Describes security event 4671(-) An application attempted to access a blocked ordinal through the TBS.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4672.md b/windows/security/threat-protection/auditing/event-4672.md
index 3b61e352a2..c2f050300a 100644
--- a/windows/security/threat-protection/auditing/event-4672.md
+++ b/windows/security/threat-protection/auditing/event-4672.md
@@ -1,5 +1,5 @@
---
-title: 4672(S) Special privileges assigned to new logon. (Windows 10)
+title: 4672(S) Special privileges assigned to new logon.
description: Describes security event 4672(S) Special privileges assigned to new logon.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4673.md b/windows/security/threat-protection/auditing/event-4673.md
index e63486e9fa..bb5004ff58 100644
--- a/windows/security/threat-protection/auditing/event-4673.md
+++ b/windows/security/threat-protection/auditing/event-4673.md
@@ -1,5 +1,5 @@
---
-title: 4673(S, F) A privileged service was called. (Windows 10)
+title: 4673(S, F) A privileged service was called.
description: Describes security event 4673(S, F) A privileged service was called. This event is generated for an attempt to perform privileged system service operations.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4674.md b/windows/security/threat-protection/auditing/event-4674.md
index 11f8c3fb62..df0a45b3a2 100644
--- a/windows/security/threat-protection/auditing/event-4674.md
+++ b/windows/security/threat-protection/auditing/event-4674.md
@@ -1,5 +1,5 @@
---
-title: 4674(S, F) An operation was attempted on a privileged object. (Windows 10)
+title: 4674(S, F) An operation was attempted on a privileged object.
description: Describes security event 4674(S, F) An operation was attempted on a privileged object.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4675.md b/windows/security/threat-protection/auditing/event-4675.md
index 6daf08eef3..0b62ce8d8a 100644
--- a/windows/security/threat-protection/auditing/event-4675.md
+++ b/windows/security/threat-protection/auditing/event-4675.md
@@ -1,5 +1,5 @@
---
-title: 4675(S) SIDs were filtered. (Windows 10)
+title: 4675(S) SIDs were filtered.
description: Describes security event 4675(S) SIDs were filtered. This event is generated when SIDs were filtered for a specific Active Directory trust.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4688.md b/windows/security/threat-protection/auditing/event-4688.md
index 5742fbd554..45d85659b3 100644
--- a/windows/security/threat-protection/auditing/event-4688.md
+++ b/windows/security/threat-protection/auditing/event-4688.md
@@ -1,5 +1,5 @@
---
-title: 4688(S) A new process has been created. (Windows 10)
+title: 4688(S) A new process has been created.
description: Describes security event 4688(S) A new process has been created. This event is generated when a new process starts.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4689.md b/windows/security/threat-protection/auditing/event-4689.md
index f2014c9a1e..3d1ab863dd 100644
--- a/windows/security/threat-protection/auditing/event-4689.md
+++ b/windows/security/threat-protection/auditing/event-4689.md
@@ -1,5 +1,5 @@
---
-title: 4689(S) A process has exited. (Windows 10)
+title: 4689(S) A process has exited.
description: Describes security event 4689(S) A process has exited. This event is generates when a process exits.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4690.md b/windows/security/threat-protection/auditing/event-4690.md
index e0b54b2afe..c019ad6c0e 100644
--- a/windows/security/threat-protection/auditing/event-4690.md
+++ b/windows/security/threat-protection/auditing/event-4690.md
@@ -1,5 +1,5 @@
---
-title: 4690(S) An attempt was made to duplicate a handle to an object. (Windows 10)
+title: 4690(S) An attempt was made to duplicate a handle to an object.
description: Describes security event 4690(S) An attempt was made to duplicate a handle to an object.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4691.md b/windows/security/threat-protection/auditing/event-4691.md
index 9f88bf0d9b..6a3f99ac6d 100644
--- a/windows/security/threat-protection/auditing/event-4691.md
+++ b/windows/security/threat-protection/auditing/event-4691.md
@@ -1,5 +1,5 @@
---
-title: 4691(S) Indirect access to an object was requested. (Windows 10)
+title: 4691(S) Indirect access to an object was requested.
description: Describes security event 4691(S) Indirect access to an object was requested.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4692.md b/windows/security/threat-protection/auditing/event-4692.md
index fb56e8e4c9..d439754ca0 100644
--- a/windows/security/threat-protection/auditing/event-4692.md
+++ b/windows/security/threat-protection/auditing/event-4692.md
@@ -1,5 +1,5 @@
---
-title: 4692(S, F) Backup of data protection master key was attempted. (Windows 10)
+title: 4692(S, F) Backup of data protection master key was attempted.
description: Describes security event 4692(S, F) Backup of data protection master key was attempted.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4693.md b/windows/security/threat-protection/auditing/event-4693.md
index bd99d76424..3c3ccec111 100644
--- a/windows/security/threat-protection/auditing/event-4693.md
+++ b/windows/security/threat-protection/auditing/event-4693.md
@@ -1,5 +1,5 @@
---
-title: 4693(S, F) Recovery of data protection master key was attempted. (Windows 10)
+title: 4693(S, F) Recovery of data protection master key was attempted.
description: Describes security event 4693(S, F) Recovery of data protection master key was attempted.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4694.md b/windows/security/threat-protection/auditing/event-4694.md
index f66fb36e4d..c32e3f5f45 100644
--- a/windows/security/threat-protection/auditing/event-4694.md
+++ b/windows/security/threat-protection/auditing/event-4694.md
@@ -1,5 +1,5 @@
---
-title: 4694(S, F) Protection of auditable protected data was attempted. (Windows 10)
+title: 4694(S, F) Protection of auditable protected data was attempted.
description: Describes security event 4694(S, F) Protection of auditable protected data was attempted.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4695.md b/windows/security/threat-protection/auditing/event-4695.md
index 68c0ac644a..56c60185f8 100644
--- a/windows/security/threat-protection/auditing/event-4695.md
+++ b/windows/security/threat-protection/auditing/event-4695.md
@@ -1,5 +1,5 @@
---
-title: 4695(S, F) Unprotection of auditable protected data was attempted. (Windows 10)
+title: 4695(S, F) Unprotection of auditable protected data was attempted.
description: Describes security event 4695(S, F) Unprotection of auditable protected data was attempted.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4696.md b/windows/security/threat-protection/auditing/event-4696.md
index fc3d8432ee..9168383e9a 100644
--- a/windows/security/threat-protection/auditing/event-4696.md
+++ b/windows/security/threat-protection/auditing/event-4696.md
@@ -1,5 +1,5 @@
---
-title: 4696(S) A primary token was assigned to process. (Windows 10)
+title: 4696(S) A primary token was assigned to process.
description: Describes security event 4696(S) A primary token was assigned to process.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4697.md b/windows/security/threat-protection/auditing/event-4697.md
index 5d1072f99b..216ab77c68 100644
--- a/windows/security/threat-protection/auditing/event-4697.md
+++ b/windows/security/threat-protection/auditing/event-4697.md
@@ -1,5 +1,5 @@
---
-title: 4697(S) A service was installed in the system. (Windows 10)
+title: 4697(S) A service was installed in the system.
description: Describes security event 4697(S) A service was installed in the system.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4698.md b/windows/security/threat-protection/auditing/event-4698.md
index cfbe0e3f96..faf3e412ad 100644
--- a/windows/security/threat-protection/auditing/event-4698.md
+++ b/windows/security/threat-protection/auditing/event-4698.md
@@ -1,5 +1,5 @@
---
-title: 4698(S) A scheduled task was created. (Windows 10)
+title: 4698(S) A scheduled task was created.
description: Describes security event 4698(S) A scheduled task was created. This event is generated when a scheduled task is created.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4699.md b/windows/security/threat-protection/auditing/event-4699.md
index 56935a1da0..449c346434 100644
--- a/windows/security/threat-protection/auditing/event-4699.md
+++ b/windows/security/threat-protection/auditing/event-4699.md
@@ -1,5 +1,5 @@
---
-title: 4699(S) A scheduled task was deleted. (Windows 10)
+title: 4699(S) A scheduled task was deleted.
description: Describes security event 4699(S) A scheduled task was deleted. This event is generated every time a scheduled task is deleted.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4700.md b/windows/security/threat-protection/auditing/event-4700.md
index 3c45c92cf4..c1593bb721 100644
--- a/windows/security/threat-protection/auditing/event-4700.md
+++ b/windows/security/threat-protection/auditing/event-4700.md
@@ -1,5 +1,5 @@
---
-title: 4700(S) A scheduled task was enabled. (Windows 10)
+title: 4700(S) A scheduled task was enabled.
description: Describes security event 4700(S) A scheduled task was enabled. This event is generated every time a scheduled task is enabled.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4701.md b/windows/security/threat-protection/auditing/event-4701.md
index 0a9639837b..106ed9b28e 100644
--- a/windows/security/threat-protection/auditing/event-4701.md
+++ b/windows/security/threat-protection/auditing/event-4701.md
@@ -1,5 +1,5 @@
---
-title: 4701(S) A scheduled task was disabled. (Windows 10)
+title: 4701(S) A scheduled task was disabled.
description: Describes security event 4701(S) A scheduled task was disabled. This event is generated every time a scheduled task is disabled.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4702.md b/windows/security/threat-protection/auditing/event-4702.md
index 96c7f0b93b..e51feda768 100644
--- a/windows/security/threat-protection/auditing/event-4702.md
+++ b/windows/security/threat-protection/auditing/event-4702.md
@@ -1,5 +1,5 @@
---
-title: 4702(S) A scheduled task was updated. (Windows 10)
+title: 4702(S) A scheduled task was updated.
description: Describes security event 4702(S) A scheduled task was updated. This event is generated when a scheduled task is updated/changed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4703.md b/windows/security/threat-protection/auditing/event-4703.md
index f10d935aa1..3f5d60a214 100644
--- a/windows/security/threat-protection/auditing/event-4703.md
+++ b/windows/security/threat-protection/auditing/event-4703.md
@@ -1,5 +1,5 @@
---
-title: 4703(S) A user right was adjusted. (Windows 10)
+title: 4703(S) A user right was adjusted.
description: Describes security event 4703(S) A user right was adjusted. This event is generated when token privileges are enabled or disabled for a specific account.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4704.md b/windows/security/threat-protection/auditing/event-4704.md
index 4b0b4ef478..8baf62d9d3 100644
--- a/windows/security/threat-protection/auditing/event-4704.md
+++ b/windows/security/threat-protection/auditing/event-4704.md
@@ -1,5 +1,5 @@
---
-title: 4704(S) A user right was assigned. (Windows 10)
+title: 4704(S) A user right was assigned.
description: Describes security event 4704(S) A user right was assigned. This event is generated when a user right is assigned to an account.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4705.md b/windows/security/threat-protection/auditing/event-4705.md
index c66295ce0d..3efba6fe63 100644
--- a/windows/security/threat-protection/auditing/event-4705.md
+++ b/windows/security/threat-protection/auditing/event-4705.md
@@ -1,5 +1,5 @@
---
-title: 4705(S) A user right was removed. (Windows 10)
+title: 4705(S) A user right was removed.
description: Describes security event 4705(S) A user right was removed. This event is generated when a user right is removed from an account.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4706.md b/windows/security/threat-protection/auditing/event-4706.md
index 01ce8db4cd..f326216f0e 100644
--- a/windows/security/threat-protection/auditing/event-4706.md
+++ b/windows/security/threat-protection/auditing/event-4706.md
@@ -1,5 +1,5 @@
---
-title: 4706(S) A new trust was created to a domain. (Windows 10)
+title: 4706(S) A new trust was created to a domain.
description: Describes security event 4706(S) A new trust was created to a domain. This event is generated when a new trust is created for a domain.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4707.md b/windows/security/threat-protection/auditing/event-4707.md
index a47a9ea3ea..55d9629ffc 100644
--- a/windows/security/threat-protection/auditing/event-4707.md
+++ b/windows/security/threat-protection/auditing/event-4707.md
@@ -1,5 +1,5 @@
---
-title: 4707(S) A trust to a domain was removed. (Windows 10)
+title: 4707(S) A trust to a domain was removed.
description: Describes security event 4707(S) A trust to a domain was removed. This event is generated when a domain trust is removed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4713.md b/windows/security/threat-protection/auditing/event-4713.md
index 218134046e..20b49c9c8b 100644
--- a/windows/security/threat-protection/auditing/event-4713.md
+++ b/windows/security/threat-protection/auditing/event-4713.md
@@ -1,5 +1,5 @@
---
-title: 4713(S) Kerberos policy was changed. (Windows 10)
+title: 4713(S) Kerberos policy was changed.
description: Describes security event 4713(S) Kerberos policy was changed. This event is generated when Kerberos policy is changed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4714.md b/windows/security/threat-protection/auditing/event-4714.md
index fc40a49c6e..f266113293 100644
--- a/windows/security/threat-protection/auditing/event-4714.md
+++ b/windows/security/threat-protection/auditing/event-4714.md
@@ -1,5 +1,5 @@
---
-title: 4714(S) Encrypted data recovery policy was changed. (Windows 10)
+title: 4714(S) Encrypted data recovery policy was changed.
description: Describes security event 4714(S) Encrypted data recovery policy was changed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4715.md b/windows/security/threat-protection/auditing/event-4715.md
index f128397767..ab59295e22 100644
--- a/windows/security/threat-protection/auditing/event-4715.md
+++ b/windows/security/threat-protection/auditing/event-4715.md
@@ -1,5 +1,5 @@
---
-title: 4715(S) The audit policy (SACL) on an object was changed. (Windows 10)
+title: 4715(S) The audit policy (SACL) on an object was changed.
description: Describes security event 4715(S) The audit policy (SACL) on an object was changed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4716.md b/windows/security/threat-protection/auditing/event-4716.md
index 3d1ec5f975..1c77e985f8 100644
--- a/windows/security/threat-protection/auditing/event-4716.md
+++ b/windows/security/threat-protection/auditing/event-4716.md
@@ -1,5 +1,5 @@
---
-title: 4716(S) Trusted domain information was modified. (Windows 10)
+title: 4716(S) Trusted domain information was modified.
description: Describes security event 4716(S) Trusted domain information was modified.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4717.md b/windows/security/threat-protection/auditing/event-4717.md
index 8a1f14e022..d72fd9ca59 100644
--- a/windows/security/threat-protection/auditing/event-4717.md
+++ b/windows/security/threat-protection/auditing/event-4717.md
@@ -1,5 +1,5 @@
---
-title: 4717(S) System security access was granted to an account. (Windows 10)
+title: 4717(S) System security access was granted to an account.
description: Describes security event 4717(S) System security access was granted to an account.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4718.md b/windows/security/threat-protection/auditing/event-4718.md
index e8ec6b8039..03b924f369 100644
--- a/windows/security/threat-protection/auditing/event-4718.md
+++ b/windows/security/threat-protection/auditing/event-4718.md
@@ -1,5 +1,5 @@
---
-title: 4718(S) System security access was removed from an account. (Windows 10)
+title: 4718(S) System security access was removed from an account.
description: Describes security event 4718(S) System security access was removed from an account.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4719.md b/windows/security/threat-protection/auditing/event-4719.md
index dae615acf4..b05dbcbc20 100644
--- a/windows/security/threat-protection/auditing/event-4719.md
+++ b/windows/security/threat-protection/auditing/event-4719.md
@@ -1,5 +1,5 @@
---
-title: 4719(S) System audit policy was changed. (Windows 10)
+title: 4719(S) System audit policy was changed.
description: Describes security event 4719(S) System audit policy was changed. This event is generated when the computer audit policy changes.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4720.md b/windows/security/threat-protection/auditing/event-4720.md
index b53966664d..e1cfbc29b4 100644
--- a/windows/security/threat-protection/auditing/event-4720.md
+++ b/windows/security/threat-protection/auditing/event-4720.md
@@ -1,5 +1,5 @@
---
-title: 4720(S) A user account was created. (Windows 10)
+title: 4720(S) A user account was created.
description: Describes security event 4720(S) A user account was created. This event is generated a user object is created.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4722.md b/windows/security/threat-protection/auditing/event-4722.md
index 4388873aa0..c8c30f7220 100644
--- a/windows/security/threat-protection/auditing/event-4722.md
+++ b/windows/security/threat-protection/auditing/event-4722.md
@@ -1,5 +1,5 @@
---
-title: 4722(S) A user account was enabled. (Windows 10)
+title: 4722(S) A user account was enabled.
description: Describes security event 4722(S) A user account was enabled. This event is generated when a user or computer object is enabled.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4723.md b/windows/security/threat-protection/auditing/event-4723.md
index 8b8b7975a1..ac4e3d2e04 100644
--- a/windows/security/threat-protection/auditing/event-4723.md
+++ b/windows/security/threat-protection/auditing/event-4723.md
@@ -1,5 +1,5 @@
---
-title: 4723(S, F) An attempt was made to change an account's password. (Windows 10)
+title: 4723(S, F) An attempt was made to change an account's password.
description: Describes security event 4723(S, F) An attempt was made to change an account's password.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4724.md b/windows/security/threat-protection/auditing/event-4724.md
index 00c98b63e4..09d1e8a757 100644
--- a/windows/security/threat-protection/auditing/event-4724.md
+++ b/windows/security/threat-protection/auditing/event-4724.md
@@ -1,5 +1,5 @@
---
-title: 4724(S, F) An attempt was made to reset an account's password. (Windows 10)
+title: 4724(S, F) An attempt was made to reset an account's password.
description: Describes security event 4724(S, F) An attempt was made to reset an account's password.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4725.md b/windows/security/threat-protection/auditing/event-4725.md
index ad5b546a6d..84bed2bd84 100644
--- a/windows/security/threat-protection/auditing/event-4725.md
+++ b/windows/security/threat-protection/auditing/event-4725.md
@@ -1,5 +1,5 @@
---
-title: 4725(S) A user account was disabled. (Windows 10)
+title: 4725(S) A user account was disabled.
description: Describes security event 4725(S) A user account was disabled. This event is generated when a user or computer object is disabled.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4726.md b/windows/security/threat-protection/auditing/event-4726.md
index 7df0779c4a..ed6d64686d 100644
--- a/windows/security/threat-protection/auditing/event-4726.md
+++ b/windows/security/threat-protection/auditing/event-4726.md
@@ -1,5 +1,5 @@
---
-title: 4726(S) A user account was deleted. (Windows 10)
+title: 4726(S) A user account was deleted.
description: Describes security event 4726(S) A user account was deleted. This event is generated when a user object is deleted.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4731.md b/windows/security/threat-protection/auditing/event-4731.md
index ca1c673af4..c288f85c6f 100644
--- a/windows/security/threat-protection/auditing/event-4731.md
+++ b/windows/security/threat-protection/auditing/event-4731.md
@@ -1,5 +1,5 @@
---
-title: 4731(S) A security-enabled local group was created. (Windows 10)
+title: 4731(S) A security-enabled local group was created.
description: Describes security event 4731(S) A security-enabled local group was created.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4732.md b/windows/security/threat-protection/auditing/event-4732.md
index 8afb300906..11c945bcea 100644
--- a/windows/security/threat-protection/auditing/event-4732.md
+++ b/windows/security/threat-protection/auditing/event-4732.md
@@ -1,5 +1,5 @@
---
-title: 4732(S) A member was added to a security-enabled local group. (Windows 10)
+title: 4732(S) A member was added to a security-enabled local group.
description: Describes security event 4732(S) A member was added to a security-enabled local group.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4733.md b/windows/security/threat-protection/auditing/event-4733.md
index 3a24b2ef0f..e158ac5a84 100644
--- a/windows/security/threat-protection/auditing/event-4733.md
+++ b/windows/security/threat-protection/auditing/event-4733.md
@@ -1,5 +1,5 @@
---
-title: 4733(S) A member was removed from a security-enabled local group. (Windows 10)
+title: 4733(S) A member was removed from a security-enabled local group.
description: Describes security event 4733(S) A member was removed from a security-enabled local group.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4734.md b/windows/security/threat-protection/auditing/event-4734.md
index ac2c5d7b93..2e81dd497b 100644
--- a/windows/security/threat-protection/auditing/event-4734.md
+++ b/windows/security/threat-protection/auditing/event-4734.md
@@ -1,5 +1,5 @@
---
-title: 4734(S) A security-enabled local group was deleted. (Windows 10)
+title: 4734(S) A security-enabled local group was deleted.
description: Describes security event 4734(S) A security-enabled local group was deleted.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4735.md b/windows/security/threat-protection/auditing/event-4735.md
index 4842263179..2e4ba076bf 100644
--- a/windows/security/threat-protection/auditing/event-4735.md
+++ b/windows/security/threat-protection/auditing/event-4735.md
@@ -1,5 +1,5 @@
---
-title: 4735(S) A security-enabled local group was changed. (Windows 10)
+title: 4735(S) A security-enabled local group was changed.
description: Describes security event 4735(S) A security-enabled local group was changed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4738.md b/windows/security/threat-protection/auditing/event-4738.md
index 63352ed67e..de8fcd1cdc 100644
--- a/windows/security/threat-protection/auditing/event-4738.md
+++ b/windows/security/threat-protection/auditing/event-4738.md
@@ -1,5 +1,5 @@
---
-title: 4738(S) A user account was changed. (Windows 10)
+title: 4738(S) A user account was changed.
description: Describes security event 4738(S) A user account was changed. This event is generated when a user object is changed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4739.md b/windows/security/threat-protection/auditing/event-4739.md
index d43bdb27e2..cfafc9acff 100644
--- a/windows/security/threat-protection/auditing/event-4739.md
+++ b/windows/security/threat-protection/auditing/event-4739.md
@@ -1,5 +1,5 @@
---
-title: 4739(S) Domain Policy was changed. (Windows 10)
+title: 4739(S) Domain Policy was changed.
description: Describes security event 4739(S) Domain Policy was changed. This event is generated when certain changes are made to the local computer security policy.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4740.md b/windows/security/threat-protection/auditing/event-4740.md
index 46c0cdcb9d..82bd56c48f 100644
--- a/windows/security/threat-protection/auditing/event-4740.md
+++ b/windows/security/threat-protection/auditing/event-4740.md
@@ -1,5 +1,5 @@
---
-title: 4740(S) A user account was locked out. (Windows 10)
+title: 4740(S) A user account was locked out.
description: Describes security event 4740(S) A user account was locked out. This event is generated every time a user account is locked out.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4741.md b/windows/security/threat-protection/auditing/event-4741.md
index 5245280f11..b7f36e0237 100644
--- a/windows/security/threat-protection/auditing/event-4741.md
+++ b/windows/security/threat-protection/auditing/event-4741.md
@@ -1,5 +1,5 @@
---
-title: 4741(S) A computer account was created. (Windows 10)
+title: 4741(S) A computer account was created.
description: Describes security event 4741(S) A computer account was created. This event is generated every time a computer object is created.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4742.md b/windows/security/threat-protection/auditing/event-4742.md
index 3f5f9c2eb6..d9c538c5a2 100644
--- a/windows/security/threat-protection/auditing/event-4742.md
+++ b/windows/security/threat-protection/auditing/event-4742.md
@@ -1,5 +1,5 @@
---
-title: 4742(S) A computer account was changed. (Windows 10)
+title: 4742(S) A computer account was changed.
description: Describes security event 4742(S) A computer account was changed. This event is generated every time a computer object is changed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4743.md b/windows/security/threat-protection/auditing/event-4743.md
index 50411689a9..465301edbd 100644
--- a/windows/security/threat-protection/auditing/event-4743.md
+++ b/windows/security/threat-protection/auditing/event-4743.md
@@ -1,5 +1,5 @@
---
-title: 4743(S) A computer account was deleted. (Windows 10)
+title: 4743(S) A computer account was deleted.
description: Describes security event 4743(S) A computer account was deleted. This event is generated every time a computer object is deleted.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4749.md b/windows/security/threat-protection/auditing/event-4749.md
index 8293c95b2b..de945822b8 100644
--- a/windows/security/threat-protection/auditing/event-4749.md
+++ b/windows/security/threat-protection/auditing/event-4749.md
@@ -1,5 +1,5 @@
---
-title: 4749(S) A security-disabled global group was created. (Windows 10)
+title: 4749(S) A security-disabled global group was created.
description: Describes security event 4749(S) A security-disabled global group was created.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4750.md b/windows/security/threat-protection/auditing/event-4750.md
index d106e10077..d976995cab 100644
--- a/windows/security/threat-protection/auditing/event-4750.md
+++ b/windows/security/threat-protection/auditing/event-4750.md
@@ -1,5 +1,5 @@
---
-title: 4750(S) A security-disabled global group was changed. (Windows 10)
+title: 4750(S) A security-disabled global group was changed.
description: Describes security event 4750(S) A security-disabled global group was changed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4751.md b/windows/security/threat-protection/auditing/event-4751.md
index e3bdca780e..7417a17f37 100644
--- a/windows/security/threat-protection/auditing/event-4751.md
+++ b/windows/security/threat-protection/auditing/event-4751.md
@@ -1,5 +1,5 @@
---
-title: 4751(S) A member was added to a security-disabled global group. (Windows 10)
+title: 4751(S) A member was added to a security-disabled global group.
description: Describes security event 4751(S) A member was added to a security-disabled global group.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4752.md b/windows/security/threat-protection/auditing/event-4752.md
index f6b4fc37dd..e76939b914 100644
--- a/windows/security/threat-protection/auditing/event-4752.md
+++ b/windows/security/threat-protection/auditing/event-4752.md
@@ -1,5 +1,5 @@
---
-title: 4752(S) A member was removed from a security-disabled global group. (Windows 10)
+title: 4752(S) A member was removed from a security-disabled global group.
description: Describes security event 4752(S) A member was removed from a security-disabled global group.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4753.md b/windows/security/threat-protection/auditing/event-4753.md
index 6bdf28a86b..b8ac802619 100644
--- a/windows/security/threat-protection/auditing/event-4753.md
+++ b/windows/security/threat-protection/auditing/event-4753.md
@@ -1,5 +1,5 @@
---
-title: 4753(S) A security-disabled global group was deleted. (Windows 10)
+title: 4753(S) A security-disabled global group was deleted.
description: Describes security event 4753(S) A security-disabled global group was deleted.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4764.md b/windows/security/threat-protection/auditing/event-4764.md
index f959fc103a..c730eb1235 100644
--- a/windows/security/threat-protection/auditing/event-4764.md
+++ b/windows/security/threat-protection/auditing/event-4764.md
@@ -1,5 +1,5 @@
---
-title: 4764(S) A group's type was changed. (Windows 10)
+title: 4764(S) A group's type was changed.
description: Describes security event 4764(S) A group's type was changed. This event is generated when the type of a group is changed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4765.md b/windows/security/threat-protection/auditing/event-4765.md
index 5789319e57..3c87e554ae 100644
--- a/windows/security/threat-protection/auditing/event-4765.md
+++ b/windows/security/threat-protection/auditing/event-4765.md
@@ -1,5 +1,5 @@
---
-title: 4765(S) SID History was added to an account. (Windows 10)
+title: 4765(S) SID History was added to an account.
description: Describes security event 4765(S) SID History was added to an account. This event is generated when SID History is added to an account.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4766.md b/windows/security/threat-protection/auditing/event-4766.md
index 4d0ec7ae25..2108a07108 100644
--- a/windows/security/threat-protection/auditing/event-4766.md
+++ b/windows/security/threat-protection/auditing/event-4766.md
@@ -1,5 +1,5 @@
---
-title: 4766(F) An attempt to add SID History to an account failed. (Windows 10)
+title: 4766(F) An attempt to add SID History to an account failed.
description: Describes security event 4766(F) An attempt to add SID History to an account failed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4767.md b/windows/security/threat-protection/auditing/event-4767.md
index 9dbf921ebf..e106edc272 100644
--- a/windows/security/threat-protection/auditing/event-4767.md
+++ b/windows/security/threat-protection/auditing/event-4767.md
@@ -1,5 +1,5 @@
---
-title: 4767(S) A user account was unlocked. (Windows 10)
+title: 4767(S) A user account was unlocked.
description: Describes security event 4767(S) A user account was unlocked. This event is generated every time a user account is unlocked.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4768.md b/windows/security/threat-protection/auditing/event-4768.md
index 825ba47534..037a6989a1 100644
--- a/windows/security/threat-protection/auditing/event-4768.md
+++ b/windows/security/threat-protection/auditing/event-4768.md
@@ -1,5 +1,5 @@
---
-title: 4768(S, F) A Kerberos authentication ticket (TGT) was requested. (Windows 10)
+title: 4768(S, F) A Kerberos authentication ticket (TGT) was requested.
description: Describes security event 4768(S, F) A Kerberos authentication ticket (TGT) was requested.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4769.md b/windows/security/threat-protection/auditing/event-4769.md
index ea8fbab15b..a3b8c712ac 100644
--- a/windows/security/threat-protection/auditing/event-4769.md
+++ b/windows/security/threat-protection/auditing/event-4769.md
@@ -1,5 +1,5 @@
---
-title: 4769(S, F) A Kerberos service ticket was requested. (Windows 10)
+title: 4769(S, F) A Kerberos service ticket was requested.
description: Describes security event 4769(S, F) A Kerberos service ticket was requested.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4770.md b/windows/security/threat-protection/auditing/event-4770.md
index 2027d8504f..4cc852f971 100644
--- a/windows/security/threat-protection/auditing/event-4770.md
+++ b/windows/security/threat-protection/auditing/event-4770.md
@@ -1,5 +1,5 @@
---
-title: 4770(S) A Kerberos service ticket was renewed. (Windows 10)
+title: 4770(S) A Kerberos service ticket was renewed.
description: Describes security event 4770(S) A Kerberos service ticket was renewed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4771.md b/windows/security/threat-protection/auditing/event-4771.md
index 2cefaaced0..2613c3b467 100644
--- a/windows/security/threat-protection/auditing/event-4771.md
+++ b/windows/security/threat-protection/auditing/event-4771.md
@@ -1,5 +1,5 @@
---
-title: 4771(F) Kerberos pre-authentication failed. (Windows 10)
+title: 4771(F) Kerberos pre-authentication failed.
description: Describes security event 4771(F) Kerberos pre-authentication failed. This event is generated when the Key Distribution Center fails to issue a Kerberos TGT.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4772.md b/windows/security/threat-protection/auditing/event-4772.md
index 3c378ccc0b..345f69caeb 100644
--- a/windows/security/threat-protection/auditing/event-4772.md
+++ b/windows/security/threat-protection/auditing/event-4772.md
@@ -1,5 +1,5 @@
---
-title: 4772(F) A Kerberos authentication ticket request failed. (Windows 10)
+title: 4772(F) A Kerberos authentication ticket request failed.
description: Describes security event 4772(F) A Kerberos authentication ticket request failed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4773.md b/windows/security/threat-protection/auditing/event-4773.md
index 30c32b9f8d..da91824310 100644
--- a/windows/security/threat-protection/auditing/event-4773.md
+++ b/windows/security/threat-protection/auditing/event-4773.md
@@ -1,5 +1,5 @@
---
-title: 4773(F) A Kerberos service ticket request failed. (Windows 10)
+title: 4773(F) A Kerberos service ticket request failed.
description: Describes security event 4773(F) A Kerberos service ticket request failed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4774.md b/windows/security/threat-protection/auditing/event-4774.md
index 2f9b37c352..d0f52fad53 100644
--- a/windows/security/threat-protection/auditing/event-4774.md
+++ b/windows/security/threat-protection/auditing/event-4774.md
@@ -1,5 +1,5 @@
---
-title: 4774(S, F) An account was mapped for logon. (Windows 10)
+title: 4774(S, F) An account was mapped for logon.
description: Describes security event 4774(S, F) An account was mapped for logon. This event is generated when an account is mapped for logon.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4775.md b/windows/security/threat-protection/auditing/event-4775.md
index 8281bb27e5..0d7bcb316f 100644
--- a/windows/security/threat-protection/auditing/event-4775.md
+++ b/windows/security/threat-protection/auditing/event-4775.md
@@ -1,5 +1,5 @@
---
-title: 4775(F) An account could not be mapped for logon. (Windows 10)
+title: 4775(F) An account could not be mapped for logon.
description: Describes security event 4775(F) An account could not be mapped for logon.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4776.md b/windows/security/threat-protection/auditing/event-4776.md
index ad57e347c4..c8a9ec6ea6 100644
--- a/windows/security/threat-protection/auditing/event-4776.md
+++ b/windows/security/threat-protection/auditing/event-4776.md
@@ -1,5 +1,5 @@
---
-title: 4776(S, F) The computer attempted to validate the credentials for an account. (Windows 10)
+title: 4776(S, F) The computer attempted to validate the credentials for an account.
description: Describes security event 4776(S, F) The computer attempted to validate the credentials for an account.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4777.md b/windows/security/threat-protection/auditing/event-4777.md
index e534dbee25..faf25d8424 100644
--- a/windows/security/threat-protection/auditing/event-4777.md
+++ b/windows/security/threat-protection/auditing/event-4777.md
@@ -1,5 +1,5 @@
---
-title: 4777(F) The domain controller failed to validate the credentials for an account. (Windows 10)
+title: 4777(F) The domain controller failed to validate the credentials for an account.
description: Describes security event 4777(F) The domain controller failed to validate the credentials for an account.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4778.md b/windows/security/threat-protection/auditing/event-4778.md
index 76aac3738e..d8e0a7e284 100644
--- a/windows/security/threat-protection/auditing/event-4778.md
+++ b/windows/security/threat-protection/auditing/event-4778.md
@@ -1,5 +1,5 @@
---
-title: 4778(S) A session was reconnected to a Window Station. (Windows 10)
+title: 4778(S) A session was reconnected to a Window Station.
description: Describes security event 4778(S) A session was reconnected to a Window Station.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4779.md b/windows/security/threat-protection/auditing/event-4779.md
index 7f6568c1cb..8630dfd13b 100644
--- a/windows/security/threat-protection/auditing/event-4779.md
+++ b/windows/security/threat-protection/auditing/event-4779.md
@@ -1,5 +1,5 @@
---
-title: 4779(S) A session was disconnected from a Window Station. (Windows 10)
+title: 4779(S) A session was disconnected from a Window Station.
description: Describes security event 4779(S) A session was disconnected from a Window Station.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4780.md b/windows/security/threat-protection/auditing/event-4780.md
index 5195929a0e..6cbf2068a6 100644
--- a/windows/security/threat-protection/auditing/event-4780.md
+++ b/windows/security/threat-protection/auditing/event-4780.md
@@ -1,5 +1,5 @@
---
-title: 4780(S) The ACL was set on accounts which are members of administrators groups. (Windows 10)
+title: 4780(S) The ACL was set on accounts which are members of administrators groups.
description: Describes security event 4780(S) The ACL was set on accounts which are members of administrators groups.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4781.md b/windows/security/threat-protection/auditing/event-4781.md
index fc2aaffc53..79a8d4b9d9 100644
--- a/windows/security/threat-protection/auditing/event-4781.md
+++ b/windows/security/threat-protection/auditing/event-4781.md
@@ -1,5 +1,5 @@
---
-title: 4781(S) The name of an account was changed. (Windows 10)
+title: 4781(S) The name of an account was changed.
description: Describes security event 4781(S) The name of an account was changed. This event is generated every time a user or computer account name is changed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4782.md b/windows/security/threat-protection/auditing/event-4782.md
index a0615135c6..4bc46fec39 100644
--- a/windows/security/threat-protection/auditing/event-4782.md
+++ b/windows/security/threat-protection/auditing/event-4782.md
@@ -1,5 +1,5 @@
---
-title: 4782(S) The password hash of an account was accessed. (Windows 10)
+title: 4782(S) The password hash of an account was accessed.
description: Describes security event 4782(S) The password hash of an account was accessed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4793.md b/windows/security/threat-protection/auditing/event-4793.md
index cc197ccb60..b12af0683a 100644
--- a/windows/security/threat-protection/auditing/event-4793.md
+++ b/windows/security/threat-protection/auditing/event-4793.md
@@ -1,5 +1,5 @@
---
-title: 4793(S) The Password Policy Checking API was called. (Windows 10)
+title: 4793(S) The Password Policy Checking API was called.
description: Describes security event 4793(S) The Password Policy Checking API was called.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4794.md b/windows/security/threat-protection/auditing/event-4794.md
index 6bcb12e02c..4484b2fda8 100644
--- a/windows/security/threat-protection/auditing/event-4794.md
+++ b/windows/security/threat-protection/auditing/event-4794.md
@@ -1,5 +1,5 @@
---
-title: 4794(S, F) An attempt was made to set the Directory Services Restore Mode administrator password. (Windows 10)
+title: 4794(S, F) An attempt was made to set the Directory Services Restore Mode administrator password.
description: Describes security event 4794(S, F) An attempt was made to set the Directory Services Restore Mode administrator password.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4798.md b/windows/security/threat-protection/auditing/event-4798.md
index 696366f22d..980d130473 100644
--- a/windows/security/threat-protection/auditing/event-4798.md
+++ b/windows/security/threat-protection/auditing/event-4798.md
@@ -1,5 +1,5 @@
---
-title: 4798(S) A user's local group membership was enumerated. (Windows 10)
+title: 4798(S) A user's local group membership was enumerated.
description: Describes security event 4798(S) A user's local group membership was enumerated.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4799.md b/windows/security/threat-protection/auditing/event-4799.md
index 1cf362be1d..0da5ecd1cd 100644
--- a/windows/security/threat-protection/auditing/event-4799.md
+++ b/windows/security/threat-protection/auditing/event-4799.md
@@ -1,5 +1,5 @@
---
-title: 4799(S) A security-enabled local group membership was enumerated. (Windows 10)
+title: 4799(S) A security-enabled local group membership was enumerated.
description: Describes security event 4799(S) A security-enabled local group membership was enumerated.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4800.md b/windows/security/threat-protection/auditing/event-4800.md
index 89c94ade64..7df74117a0 100644
--- a/windows/security/threat-protection/auditing/event-4800.md
+++ b/windows/security/threat-protection/auditing/event-4800.md
@@ -1,5 +1,5 @@
---
-title: 4800(S) The workstation was locked. (Windows 10)
+title: 4800(S) The workstation was locked.
description: Describes security event 4800(S) The workstation was locked. This event is generated when a workstation is locked.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4801.md b/windows/security/threat-protection/auditing/event-4801.md
index 906e46fcd3..c85128fdc2 100644
--- a/windows/security/threat-protection/auditing/event-4801.md
+++ b/windows/security/threat-protection/auditing/event-4801.md
@@ -1,5 +1,5 @@
---
-title: 4801(S) The workstation was unlocked. (Windows 10)
+title: 4801(S) The workstation was unlocked.
description: Describes security event 4801(S) The workstation was unlocked. This event is generated when workstation is unlocked.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4802.md b/windows/security/threat-protection/auditing/event-4802.md
index 1b423f29ee..db0f725fb8 100644
--- a/windows/security/threat-protection/auditing/event-4802.md
+++ b/windows/security/threat-protection/auditing/event-4802.md
@@ -1,5 +1,5 @@
---
-title: 4802(S) The screen saver was invoked. (Windows 10)
+title: 4802(S) The screen saver was invoked.
description: Describes security event 4802(S) The screen saver was invoked. This event is generated when screen saver is invoked.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4803.md b/windows/security/threat-protection/auditing/event-4803.md
index 247e3c704d..f802b88740 100644
--- a/windows/security/threat-protection/auditing/event-4803.md
+++ b/windows/security/threat-protection/auditing/event-4803.md
@@ -1,5 +1,5 @@
---
-title: 4803(S) The screen saver was dismissed. (Windows 10)
+title: 4803(S) The screen saver was dismissed.
description: Describes security event 4803(S) The screen saver was dismissed. This event is generated when screen saver is dismissed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4816.md b/windows/security/threat-protection/auditing/event-4816.md
index 8636e1abef..d0218f8b0d 100644
--- a/windows/security/threat-protection/auditing/event-4816.md
+++ b/windows/security/threat-protection/auditing/event-4816.md
@@ -1,5 +1,5 @@
---
-title: 4816(S) RPC detected an integrity violation while decrypting an incoming message. (Windows 10)
+title: 4816(S) RPC detected an integrity violation while decrypting an incoming message.
description: Describes security event 4816(S) RPC detected an integrity violation while decrypting an incoming message.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4817.md b/windows/security/threat-protection/auditing/event-4817.md
index ff20520062..56eff0bfbe 100644
--- a/windows/security/threat-protection/auditing/event-4817.md
+++ b/windows/security/threat-protection/auditing/event-4817.md
@@ -1,5 +1,5 @@
---
-title: 4817(S) Auditing settings on object were changed. (Windows 10)
+title: 4817(S) Auditing settings on object were changed.
description: Describes security event 4817(S) Auditing settings on object were changed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4818.md b/windows/security/threat-protection/auditing/event-4818.md
index c884c2e7a8..802e07d8d9 100644
--- a/windows/security/threat-protection/auditing/event-4818.md
+++ b/windows/security/threat-protection/auditing/event-4818.md
@@ -1,5 +1,5 @@
---
-title: 4818(S) Proposed Central Access Policy does not grant the same access permissions as the current Central Access Policy. (Windows 10)
+title: 4818(S) Proposed Central Access Policy does not grant the same access permissions as the current Central Access Policy.
description: Describes security event 4818(S) Proposed Central Access Policy does not grant the same access permissions as the current Central Access Policy.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4819.md b/windows/security/threat-protection/auditing/event-4819.md
index e8bca4427e..ff590bf233 100644
--- a/windows/security/threat-protection/auditing/event-4819.md
+++ b/windows/security/threat-protection/auditing/event-4819.md
@@ -1,5 +1,5 @@
---
-title: 4819(S) Central Access Policies on the machine have been changed. (Windows 10)
+title: 4819(S) Central Access Policies on the machine have been changed.
description: Describes security event 4819(S) Central Access Policies on the machine have been changed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4826.md b/windows/security/threat-protection/auditing/event-4826.md
index 001e6c6026..186973544b 100644
--- a/windows/security/threat-protection/auditing/event-4826.md
+++ b/windows/security/threat-protection/auditing/event-4826.md
@@ -1,5 +1,5 @@
---
-title: 4826(S) Boot Configuration Data loaded. (Windows 10)
+title: 4826(S) Boot Configuration Data loaded.
description: Describes security event 4826(S) Boot Configuration Data loaded. This event is generated every time system starts and loads Boot Configuration Data settings.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4864.md b/windows/security/threat-protection/auditing/event-4864.md
index a26b552f4a..7cbe35ae7d 100644
--- a/windows/security/threat-protection/auditing/event-4864.md
+++ b/windows/security/threat-protection/auditing/event-4864.md
@@ -1,5 +1,5 @@
---
-title: 4864(S) A namespace collision was detected. (Windows 10)
+title: 4864(S) A namespace collision was detected.
description: Describes security event 4864(S) A namespace collision was detected. This event is generated when a namespace collision is detected.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4865.md b/windows/security/threat-protection/auditing/event-4865.md
index aa44c9bb6a..2ee1eee9d2 100644
--- a/windows/security/threat-protection/auditing/event-4865.md
+++ b/windows/security/threat-protection/auditing/event-4865.md
@@ -1,5 +1,5 @@
---
-title: 4865(S) A trusted forest information entry was added. (Windows 10)
+title: 4865(S) A trusted forest information entry was added.
description: Describes security event 4865(S) A trusted forest information entry was added.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4866.md b/windows/security/threat-protection/auditing/event-4866.md
index 1fcc07f446..93bcff89c1 100644
--- a/windows/security/threat-protection/auditing/event-4866.md
+++ b/windows/security/threat-protection/auditing/event-4866.md
@@ -1,5 +1,5 @@
---
-title: 4866(S) A trusted forest information entry was removed. (Windows 10)
+title: 4866(S) A trusted forest information entry was removed.
description: Describes security event 4866(S) A trusted forest information entry was removed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4867.md b/windows/security/threat-protection/auditing/event-4867.md
index ce30699bfa..5188e70e84 100644
--- a/windows/security/threat-protection/auditing/event-4867.md
+++ b/windows/security/threat-protection/auditing/event-4867.md
@@ -1,5 +1,5 @@
---
-title: 4867(S) A trusted forest information entry was modified. (Windows 10)
+title: 4867(S) A trusted forest information entry was modified.
description: Describes security event 4867(S) A trusted forest information entry was modified.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4902.md b/windows/security/threat-protection/auditing/event-4902.md
index 7185b9f3da..c9723497d5 100644
--- a/windows/security/threat-protection/auditing/event-4902.md
+++ b/windows/security/threat-protection/auditing/event-4902.md
@@ -1,5 +1,5 @@
---
-title: 4902(S) The Per-user audit policy table was created. (Windows 10)
+title: 4902(S) The Per-user audit policy table was created.
description: Describes security event 4902(S) The Per-user audit policy table was created.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4904.md b/windows/security/threat-protection/auditing/event-4904.md
index 90858c5844..2108eb415c 100644
--- a/windows/security/threat-protection/auditing/event-4904.md
+++ b/windows/security/threat-protection/auditing/event-4904.md
@@ -1,5 +1,5 @@
---
-title: 4904(S) An attempt was made to register a security event source. (Windows 10)
+title: 4904(S) An attempt was made to register a security event source.
description: Describes security event 4904(S) An attempt was made to register a security event source.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4905.md b/windows/security/threat-protection/auditing/event-4905.md
index 14eb6cfa8b..af4f74d165 100644
--- a/windows/security/threat-protection/auditing/event-4905.md
+++ b/windows/security/threat-protection/auditing/event-4905.md
@@ -1,5 +1,5 @@
---
-title: 4905(S) An attempt was made to unregister a security event source. (Windows 10)
+title: 4905(S) An attempt was made to unregister a security event source.
description: Describes security event 4905(S) An attempt was made to unregister a security event source.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4906.md b/windows/security/threat-protection/auditing/event-4906.md
index 2058342aa0..9208e75d52 100644
--- a/windows/security/threat-protection/auditing/event-4906.md
+++ b/windows/security/threat-protection/auditing/event-4906.md
@@ -1,5 +1,5 @@
---
-title: 4906(S) The CrashOnAuditFail value has changed. (Windows 10)
+title: 4906(S) The CrashOnAuditFail value has changed.
description: Describes security event 4906(S) The CrashOnAuditFail value has changed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4907.md b/windows/security/threat-protection/auditing/event-4907.md
index c38b66d51b..71c6f4389e 100644
--- a/windows/security/threat-protection/auditing/event-4907.md
+++ b/windows/security/threat-protection/auditing/event-4907.md
@@ -1,5 +1,5 @@
---
-title: 4907(S) Auditing settings on object were changed. (Windows 10)
+title: 4907(S) Auditing settings on object were changed.
description: Describes security event 4907(S) Auditing settings on object were changed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4908.md b/windows/security/threat-protection/auditing/event-4908.md
index 3314e94436..a7e2609569 100644
--- a/windows/security/threat-protection/auditing/event-4908.md
+++ b/windows/security/threat-protection/auditing/event-4908.md
@@ -1,5 +1,5 @@
---
-title: 4908(S) Special Groups Logon table modified. (Windows 10)
+title: 4908(S) Special Groups Logon table modified.
description: Describes security event 4908(S) Special Groups Logon table modified. This event is generated when the Special Groups Logon table is modified.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4909.md b/windows/security/threat-protection/auditing/event-4909.md
index 8a8631489a..a08a312aa7 100644
--- a/windows/security/threat-protection/auditing/event-4909.md
+++ b/windows/security/threat-protection/auditing/event-4909.md
@@ -1,5 +1,5 @@
---
-title: 4909(-) The local policy settings for the TBS were changed. (Windows 10)
+title: 4909(-) The local policy settings for the TBS were changed.
description: Describes security event 4909(-) The local policy settings for the TBS were changed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4910.md b/windows/security/threat-protection/auditing/event-4910.md
index 15276f29ce..a42f7d4976 100644
--- a/windows/security/threat-protection/auditing/event-4910.md
+++ b/windows/security/threat-protection/auditing/event-4910.md
@@ -1,5 +1,5 @@
---
-title: 4910(-) The group policy settings for the TBS were changed. (Windows 10)
+title: 4910(-) The group policy settings for the TBS were changed.
description: Describes security event 4910(-) The group policy settings for the TBS were changed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4911.md b/windows/security/threat-protection/auditing/event-4911.md
index abc112dbb4..62d52c4a39 100644
--- a/windows/security/threat-protection/auditing/event-4911.md
+++ b/windows/security/threat-protection/auditing/event-4911.md
@@ -1,5 +1,5 @@
---
-title: 4911(S) Resource attributes of the object were changed. (Windows 10)
+title: 4911(S) Resource attributes of the object were changed.
description: Describes security event 4911(S) Resource attributes of the object were changed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4912.md b/windows/security/threat-protection/auditing/event-4912.md
index 0c0e66f90e..497e033748 100644
--- a/windows/security/threat-protection/auditing/event-4912.md
+++ b/windows/security/threat-protection/auditing/event-4912.md
@@ -1,5 +1,5 @@
---
-title: 4912(S) Per User Audit Policy was changed. (Windows 10)
+title: 4912(S) Per User Audit Policy was changed.
description: Describes security event 4912(S) Per User Audit Policy was changed. This event is generated every time Per User Audit Policy is changed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4913.md b/windows/security/threat-protection/auditing/event-4913.md
index e15a691617..249b87fddf 100644
--- a/windows/security/threat-protection/auditing/event-4913.md
+++ b/windows/security/threat-protection/auditing/event-4913.md
@@ -1,5 +1,5 @@
---
-title: 4913(S) Central Access Policy on the object was changed. (Windows 10)
+title: 4913(S) Central Access Policy on the object was changed.
description: Describes security event 4913(S) Central Access Policy on the object was changed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4928.md b/windows/security/threat-protection/auditing/event-4928.md
index 902113bb5c..87aa133b56 100644
--- a/windows/security/threat-protection/auditing/event-4928.md
+++ b/windows/security/threat-protection/auditing/event-4928.md
@@ -1,5 +1,5 @@
---
-title: 4928(S, F) An Active Directory replica source naming context was established. (Windows 10)
+title: 4928(S, F) An Active Directory replica source naming context was established.
description: Describes security event 4928(S, F) An Active Directory replica source naming context was established.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4929.md b/windows/security/threat-protection/auditing/event-4929.md
index 3fd978d0e3..9e2cebecfa 100644
--- a/windows/security/threat-protection/auditing/event-4929.md
+++ b/windows/security/threat-protection/auditing/event-4929.md
@@ -1,5 +1,5 @@
---
-title: 4929(S, F) An Active Directory replica source naming context was removed. (Windows 10)
+title: 4929(S, F) An Active Directory replica source naming context was removed.
description: Describes security event 4929(S, F) An Active Directory replica source naming context was removed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4930.md b/windows/security/threat-protection/auditing/event-4930.md
index 1b7bee26bf..d3358dfb20 100644
--- a/windows/security/threat-protection/auditing/event-4930.md
+++ b/windows/security/threat-protection/auditing/event-4930.md
@@ -1,5 +1,5 @@
---
-title: 4930(S, F) An Active Directory replica source naming context was modified. (Windows 10)
+title: 4930(S, F) An Active Directory replica source naming context was modified.
description: Describes security event 4930(S, F) An Active Directory replica source naming context was modified.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4931.md b/windows/security/threat-protection/auditing/event-4931.md
index 75acecb89f..a7194bed81 100644
--- a/windows/security/threat-protection/auditing/event-4931.md
+++ b/windows/security/threat-protection/auditing/event-4931.md
@@ -1,5 +1,5 @@
---
-title: 4931(S, F) An Active Directory replica destination naming context was modified. (Windows 10)
+title: 4931(S, F) An Active Directory replica destination naming context was modified.
description: Describes security event 4931(S, F) An Active Directory replica destination naming context was modified.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4932.md b/windows/security/threat-protection/auditing/event-4932.md
index 4cdd6b7bdd..e93c24be96 100644
--- a/windows/security/threat-protection/auditing/event-4932.md
+++ b/windows/security/threat-protection/auditing/event-4932.md
@@ -1,5 +1,5 @@
---
-title: 4932(S) Synchronization of a replica of an Active Directory naming context has begun. (Windows 10)
+title: 4932(S) Synchronization of a replica of an Active Directory naming context has begun.
description: Describes security event 4932(S) Synchronization of a replica of an Active Directory naming context has begun.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4933.md b/windows/security/threat-protection/auditing/event-4933.md
index b1636e8e63..74f78f813e 100644
--- a/windows/security/threat-protection/auditing/event-4933.md
+++ b/windows/security/threat-protection/auditing/event-4933.md
@@ -1,5 +1,5 @@
---
-title: 4933(S, F) Synchronization of a replica of an Active Directory naming context has ended. (Windows 10)
+title: 4933(S, F) Synchronization of a replica of an Active Directory naming context has ended.
description: Describes security event 4933(S, F) Synchronization of a replica of an Active Directory naming context has ended.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4934.md b/windows/security/threat-protection/auditing/event-4934.md
index efafcb9b79..19906099da 100644
--- a/windows/security/threat-protection/auditing/event-4934.md
+++ b/windows/security/threat-protection/auditing/event-4934.md
@@ -1,5 +1,5 @@
---
-title: 4934(S) Attributes of an Active Directory object were replicated. (Windows 10)
+title: 4934(S) Attributes of an Active Directory object were replicated.
description: Describes security event 4934(S) Attributes of an Active Directory object were replicated.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4935.md b/windows/security/threat-protection/auditing/event-4935.md
index a126742afb..4e0c3d1f56 100644
--- a/windows/security/threat-protection/auditing/event-4935.md
+++ b/windows/security/threat-protection/auditing/event-4935.md
@@ -1,5 +1,5 @@
---
-title: 4935(F) Replication failure begins. (Windows 10)
+title: 4935(F) Replication failure begins.
description: Describes security event 4935(F) Replication failure begins. This event is generated when Active Directory replication failure begins.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4936.md b/windows/security/threat-protection/auditing/event-4936.md
index e2818ec6ee..01eda75a08 100644
--- a/windows/security/threat-protection/auditing/event-4936.md
+++ b/windows/security/threat-protection/auditing/event-4936.md
@@ -1,5 +1,5 @@
---
-title: 4936(S) Replication failure ends. (Windows 10)
+title: 4936(S) Replication failure ends.
description: Describes security event 4936(S) Replication failure ends. This event is generated when Active Directory replication failure ends.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4937.md b/windows/security/threat-protection/auditing/event-4937.md
index 8296ce75c4..fa37062d68 100644
--- a/windows/security/threat-protection/auditing/event-4937.md
+++ b/windows/security/threat-protection/auditing/event-4937.md
@@ -1,5 +1,5 @@
---
-title: 4937(S) A lingering object was removed from a replica. (Windows 10)
+title: 4937(S) A lingering object was removed from a replica.
description: Describes security event 4937(S) A lingering object was removed from a replica.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4944.md b/windows/security/threat-protection/auditing/event-4944.md
index bb08c3a077..d152fa7bd0 100644
--- a/windows/security/threat-protection/auditing/event-4944.md
+++ b/windows/security/threat-protection/auditing/event-4944.md
@@ -1,5 +1,5 @@
---
-title: 4944(S) The following policy was active when the Windows Firewall started. (Windows 10)
+title: 4944(S) The following policy was active when the Windows Firewall started.
description: Describes security event 4944(S) The following policy was active when the Windows Firewall started.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4945.md b/windows/security/threat-protection/auditing/event-4945.md
index 852ed5f03e..93de0900e5 100644
--- a/windows/security/threat-protection/auditing/event-4945.md
+++ b/windows/security/threat-protection/auditing/event-4945.md
@@ -1,5 +1,5 @@
---
-title: 4945(S) A rule was listed when the Windows Firewall started. (Windows 10)
+title: 4945(S) A rule was listed when the Windows Firewall started.
description: Describes security event 4945(S) A rule was listed when the Windows Firewall started.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4946.md b/windows/security/threat-protection/auditing/event-4946.md
index ab355b85c1..987fcd7711 100644
--- a/windows/security/threat-protection/auditing/event-4946.md
+++ b/windows/security/threat-protection/auditing/event-4946.md
@@ -1,5 +1,5 @@
---
-title: 4946(S) A change has been made to Windows Firewall exception list. A rule was added. (Windows 10)
+title: 4946(S) A change has been made to Windows Firewall exception list. A rule was added.
description: Describes security event 4946(S) A change has been made to Windows Firewall exception list. A rule was added.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4947.md b/windows/security/threat-protection/auditing/event-4947.md
index 284d2d4303..5a37c3b10a 100644
--- a/windows/security/threat-protection/auditing/event-4947.md
+++ b/windows/security/threat-protection/auditing/event-4947.md
@@ -1,5 +1,5 @@
---
-title: 4947(S) A change has been made to Windows Firewall exception list. A rule was modified. (Windows 10)
+title: 4947(S) A change has been made to Windows Firewall exception list. A rule was modified.
description: Describes security event 4947(S) A change has been made to Windows Firewall exception list. A rule was modified.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4948.md b/windows/security/threat-protection/auditing/event-4948.md
index da8f423b29..72913611bc 100644
--- a/windows/security/threat-protection/auditing/event-4948.md
+++ b/windows/security/threat-protection/auditing/event-4948.md
@@ -1,5 +1,5 @@
---
-title: 4948(S) A change has been made to Windows Firewall exception list. A rule was deleted. (Windows 10)
+title: 4948(S) A change has been made to Windows Firewall exception list. A rule was deleted.
description: Describes security event 4948(S) A change has been made to Windows Firewall exception list. A rule was deleted.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4949.md b/windows/security/threat-protection/auditing/event-4949.md
index 528ad262bb..76dd0e123b 100644
--- a/windows/security/threat-protection/auditing/event-4949.md
+++ b/windows/security/threat-protection/auditing/event-4949.md
@@ -1,5 +1,5 @@
---
-title: 4949(S) Windows Firewall settings were restored to the default values. (Windows 10)
+title: 4949(S) Windows Firewall settings were restored to the default values.
description: Describes security event 4949(S) Windows Firewall settings were restored to the default values.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4950.md b/windows/security/threat-protection/auditing/event-4950.md
index 8a3aa4274a..1ec890e457 100644
--- a/windows/security/threat-protection/auditing/event-4950.md
+++ b/windows/security/threat-protection/auditing/event-4950.md
@@ -1,5 +1,5 @@
---
-title: 4950(S) A Windows Firewall setting has changed. (Windows 10)
+title: 4950(S) A Windows Firewall setting has changed.
description: Describes security event 4950(S) A Windows Firewall setting has changed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4951.md b/windows/security/threat-protection/auditing/event-4951.md
index 7addb69d77..00b861d546 100644
--- a/windows/security/threat-protection/auditing/event-4951.md
+++ b/windows/security/threat-protection/auditing/event-4951.md
@@ -1,5 +1,5 @@
---
-title: 4951(F) A rule has been ignored because its major version number wasn't recognized by Windows Firewall. (Windows 10)
+title: 4951(F) A rule has been ignored because its major version number wasn't recognized by Windows Firewall.
description: Describes security event 4951(F) A rule has been ignored because its major version number wasn't recognized by Windows Firewall.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4952.md b/windows/security/threat-protection/auditing/event-4952.md
index 1dd166db54..68ff52f7f0 100644
--- a/windows/security/threat-protection/auditing/event-4952.md
+++ b/windows/security/threat-protection/auditing/event-4952.md
@@ -1,5 +1,5 @@
---
-title: 4952(F) Parts of a rule have been ignored because its minor version number was not recognized by Windows Firewall. The other parts of the rule will be enforced. (Windows 10)
+title: 4952(F) Parts of a rule have been ignored because its minor version number was not recognized by Windows Firewall. The other parts of the rule will be enforced.
description: Security event 4952(F) Parts of a rule have been ignored because its minor version number was not recognized by Windows Firewall.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4953.md b/windows/security/threat-protection/auditing/event-4953.md
index 5a5a97d56a..7e81b25fcc 100644
--- a/windows/security/threat-protection/auditing/event-4953.md
+++ b/windows/security/threat-protection/auditing/event-4953.md
@@ -1,5 +1,5 @@
---
-title: 4953(F) Windows Firewall ignored a rule because it couldn't be parsed. (Windows 10)
+title: 4953(F) Windows Firewall ignored a rule because it couldn't be parsed.
description: Describes security event 4953(F) Windows Firewall ignored a rule because it couldn't be parsed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4954.md b/windows/security/threat-protection/auditing/event-4954.md
index 07977d6aff..695bfd873d 100644
--- a/windows/security/threat-protection/auditing/event-4954.md
+++ b/windows/security/threat-protection/auditing/event-4954.md
@@ -1,5 +1,5 @@
---
-title: 4954(S) Windows Firewall Group Policy settings have changed. The new settings have been applied. (Windows 10)
+title: 4954(S) Windows Firewall Group Policy settings have changed. The new settings have been applied.
description: Describes security event 4954(S) Windows Firewall Group Policy settings have changed. The new settings have been applied.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4956.md b/windows/security/threat-protection/auditing/event-4956.md
index 105b780984..d3a52d5b51 100644
--- a/windows/security/threat-protection/auditing/event-4956.md
+++ b/windows/security/threat-protection/auditing/event-4956.md
@@ -1,5 +1,5 @@
---
-title: 4956(S) Windows Firewall has changed the active profile. (Windows 10)
+title: 4956(S) Windows Firewall has changed the active profile.
description: Describes security event 4956(S) Windows Firewall has changed the active profile.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4957.md b/windows/security/threat-protection/auditing/event-4957.md
index 49fae3fef5..2aeb05c373 100644
--- a/windows/security/threat-protection/auditing/event-4957.md
+++ b/windows/security/threat-protection/auditing/event-4957.md
@@ -1,5 +1,5 @@
---
-title: 4957(F) Windows Firewall did not apply the following rule. (Windows 10)
+title: 4957(F) Windows Firewall did not apply the following rule.
description: Describes security event 4957(F) Windows Firewall didn't apply the following rule.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4958.md b/windows/security/threat-protection/auditing/event-4958.md
index 45964176a6..5db7fef518 100644
--- a/windows/security/threat-protection/auditing/event-4958.md
+++ b/windows/security/threat-protection/auditing/event-4958.md
@@ -1,5 +1,5 @@
---
-title: 4958(F) Windows Firewall did not apply the following rule because the rule referred to items not configured on this computer. (Windows 10)
+title: 4958(F) Windows Firewall did not apply the following rule because the rule referred to items not configured on this computer.
description: Describes security event 4958(F) Windows Firewall didn't apply the following rule because the rule referred to items not configured on this computer.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4964.md b/windows/security/threat-protection/auditing/event-4964.md
index 51893d2572..e7947201b5 100644
--- a/windows/security/threat-protection/auditing/event-4964.md
+++ b/windows/security/threat-protection/auditing/event-4964.md
@@ -1,5 +1,5 @@
---
-title: 4964(S) Special groups have been assigned to a new logon. (Windows 10)
+title: 4964(S) Special groups have been assigned to a new logon.
description: Describes security event 4964(S) Special groups have been assigned to a new logon.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-4985.md b/windows/security/threat-protection/auditing/event-4985.md
index 8150e62b11..57d8caa9b1 100644
--- a/windows/security/threat-protection/auditing/event-4985.md
+++ b/windows/security/threat-protection/auditing/event-4985.md
@@ -1,5 +1,5 @@
---
-title: 4985(S) The state of a transaction has changed. (Windows 10)
+title: 4985(S) The state of a transaction has changed.
description: Describes security event 4985(S) The state of a transaction has changed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5024.md b/windows/security/threat-protection/auditing/event-5024.md
index 9e06608869..57a2f34679 100644
--- a/windows/security/threat-protection/auditing/event-5024.md
+++ b/windows/security/threat-protection/auditing/event-5024.md
@@ -1,5 +1,5 @@
---
-title: 5024(S) The Windows Firewall Service has started successfully. (Windows 10)
+title: 5024(S) The Windows Firewall Service has started successfully.
description: Describes security event 5024(S) The Windows Firewall Service has started successfully.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5025.md b/windows/security/threat-protection/auditing/event-5025.md
index 9ae2fe14d0..5cc6c360e1 100644
--- a/windows/security/threat-protection/auditing/event-5025.md
+++ b/windows/security/threat-protection/auditing/event-5025.md
@@ -1,5 +1,5 @@
---
-title: 5025(S) The Windows Firewall Service has been stopped. (Windows 10)
+title: 5025(S) The Windows Firewall Service has been stopped.
description: Describes security event 5025(S) The Windows Firewall Service has been stopped.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5027.md b/windows/security/threat-protection/auditing/event-5027.md
index d654b82a01..cb0c821e16 100644
--- a/windows/security/threat-protection/auditing/event-5027.md
+++ b/windows/security/threat-protection/auditing/event-5027.md
@@ -1,5 +1,5 @@
---
-title: 5027(F) The Windows Firewall Service was unable to retrieve the security policy from the local storage. The service will continue enforcing the current policy. (Windows 10)
+title: 5027(F) The Windows Firewall Service was unable to retrieve the security policy from the local storage. The service will continue enforcing the current policy.
description: Details on security event 5027(F) The Windows Firewall Service was unable to retrieve the security policy from the local storage.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5028.md b/windows/security/threat-protection/auditing/event-5028.md
index bf9c62d91a..b4cf9d9daf 100644
--- a/windows/security/threat-protection/auditing/event-5028.md
+++ b/windows/security/threat-protection/auditing/event-5028.md
@@ -1,5 +1,5 @@
---
-title: 5028(F) The Windows Firewall Service was unable to parse the new security policy. The service will continue with currently enforced policy. (Windows 10)
+title: 5028(F) The Windows Firewall Service was unable to parse the new security policy. The service will continue with currently enforced policy.
description: Describes security event 5028(F) The Windows Firewall Service was unable to parse the new security policy. The service will continue with currently enforced policy.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5029.md b/windows/security/threat-protection/auditing/event-5029.md
index 4a36c10d4d..727e18d0b8 100644
--- a/windows/security/threat-protection/auditing/event-5029.md
+++ b/windows/security/threat-protection/auditing/event-5029.md
@@ -1,5 +1,5 @@
---
-title: 5029(F) The Windows Firewall Service failed to initialize the driver. The service will continue to enforce the current policy. (Windows 10)
+title: 5029(F) The Windows Firewall Service failed to initialize the driver. The service will continue to enforce the current policy.
description: Describes security event 5029(F) The Windows Firewall Service failed to initialize the driver. The service will continue to enforce the current policy.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5030.md b/windows/security/threat-protection/auditing/event-5030.md
index aa78cb3b62..cf0d618c0c 100644
--- a/windows/security/threat-protection/auditing/event-5030.md
+++ b/windows/security/threat-protection/auditing/event-5030.md
@@ -1,5 +1,5 @@
---
-title: 5030(F) The Windows Firewall Service failed to start. (Windows 10)
+title: 5030(F) The Windows Firewall Service failed to start.
description: Describes security event 5030(F) The Windows Firewall Service failed to start.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5031.md b/windows/security/threat-protection/auditing/event-5031.md
index 04c03b1ee6..577a8d4b8a 100644
--- a/windows/security/threat-protection/auditing/event-5031.md
+++ b/windows/security/threat-protection/auditing/event-5031.md
@@ -1,5 +1,5 @@
---
-title: 5031(F) The Windows Firewall Service blocked an application from accepting incoming connections on the network. (Windows 10)
+title: 5031(F) The Windows Firewall Service blocked an application from accepting incoming connections on the network.
ms.reviewer:
manager: aaroncz
ms.author: vinpa
diff --git a/windows/security/threat-protection/auditing/event-5032.md b/windows/security/threat-protection/auditing/event-5032.md
index af43e8ea73..c03cf24c26 100644
--- a/windows/security/threat-protection/auditing/event-5032.md
+++ b/windows/security/threat-protection/auditing/event-5032.md
@@ -1,5 +1,5 @@
---
-title: 5032(F) Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network. (Windows 10)
+title: 5032(F) Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network.
description: Describes security event 5032(F) Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5033.md b/windows/security/threat-protection/auditing/event-5033.md
index 467ba04e40..720d4db20a 100644
--- a/windows/security/threat-protection/auditing/event-5033.md
+++ b/windows/security/threat-protection/auditing/event-5033.md
@@ -1,5 +1,5 @@
---
-title: 5033(S) The Windows Firewall Driver has started successfully. (Windows 10)
+title: 5033(S) The Windows Firewall Driver has started successfully.
description: Describes security event 5033(S) The Windows Firewall Driver has started successfully.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5034.md b/windows/security/threat-protection/auditing/event-5034.md
index dc2d097c4a..f1bbdec7bb 100644
--- a/windows/security/threat-protection/auditing/event-5034.md
+++ b/windows/security/threat-protection/auditing/event-5034.md
@@ -1,5 +1,5 @@
---
-title: 5034(S) The Windows Firewall Driver was stopped. (Windows 10)
+title: 5034(S) The Windows Firewall Driver was stopped.
description: Describes security event 5034(S) The Windows Firewall Driver was stopped.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5035.md b/windows/security/threat-protection/auditing/event-5035.md
index 88a49892a6..9884e30c6f 100644
--- a/windows/security/threat-protection/auditing/event-5035.md
+++ b/windows/security/threat-protection/auditing/event-5035.md
@@ -1,5 +1,5 @@
---
-title: 5035(F) The Windows Firewall Driver failed to start. (Windows 10)
+title: 5035(F) The Windows Firewall Driver failed to start.
description: Describes security event 5035(F) The Windows Firewall Driver failed to start.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5037.md b/windows/security/threat-protection/auditing/event-5037.md
index f25a054fe7..b33b0b7f4e 100644
--- a/windows/security/threat-protection/auditing/event-5037.md
+++ b/windows/security/threat-protection/auditing/event-5037.md
@@ -1,5 +1,5 @@
---
-title: 5037(F) The Windows Firewall Driver detected critical runtime error. Terminating. (Windows 10)
+title: 5037(F) The Windows Firewall Driver detected critical runtime error. Terminating.
description: Describes security event 5037(F) The Windows Firewall Driver detected critical runtime error. Terminating.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5038.md b/windows/security/threat-protection/auditing/event-5038.md
index e824e93afe..8fc4f1ce69 100644
--- a/windows/security/threat-protection/auditing/event-5038.md
+++ b/windows/security/threat-protection/auditing/event-5038.md
@@ -1,5 +1,5 @@
---
-title: 5038(F) Code integrity determined that the image hash of a file is not valid. (Windows 10)
+title: 5038(F) Code integrity determined that the image hash of a file is not valid.
description: Describes security event 5038(F) Code integrity determined that the image hash of a file isn't valid.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5039.md b/windows/security/threat-protection/auditing/event-5039.md
index 7bf2bf5471..a69a2f51d9 100644
--- a/windows/security/threat-protection/auditing/event-5039.md
+++ b/windows/security/threat-protection/auditing/event-5039.md
@@ -1,5 +1,5 @@
---
-title: 5039(-) A registry key was virtualized. (Windows 10)
+title: 5039(-) A registry key was virtualized.
description: Describes security event 5039(-) A registry key was virtualized. This event is generated when a registry key is virtualized using LUAFV.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5051.md b/windows/security/threat-protection/auditing/event-5051.md
index 38a07353b3..cbd5e8cd4f 100644
--- a/windows/security/threat-protection/auditing/event-5051.md
+++ b/windows/security/threat-protection/auditing/event-5051.md
@@ -1,5 +1,5 @@
---
-title: 5051(-) A file was virtualized. (Windows 10)
+title: 5051(-) A file was virtualized.
description: Describes security event 5051(-) A file was virtualized. This event is generated when a file is virtualized using LUAFV.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5056.md b/windows/security/threat-protection/auditing/event-5056.md
index 3711acef2d..d79db9f877 100644
--- a/windows/security/threat-protection/auditing/event-5056.md
+++ b/windows/security/threat-protection/auditing/event-5056.md
@@ -1,5 +1,5 @@
---
-title: 5056(S) A cryptographic self-test was performed. (Windows 10)
+title: 5056(S) A cryptographic self-test was performed.
description: Describes security event 5056(S) A cryptographic self-test was performed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5057.md b/windows/security/threat-protection/auditing/event-5057.md
index 4fc7113c1b..a9c17ce454 100644
--- a/windows/security/threat-protection/auditing/event-5057.md
+++ b/windows/security/threat-protection/auditing/event-5057.md
@@ -1,5 +1,5 @@
---
-title: 5057(F) A cryptographic primitive operation failed. (Windows 10)
+title: 5057(F) A cryptographic primitive operation failed.
description: Describes security event 5057(F) A cryptographic primitive operation failed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5058.md b/windows/security/threat-protection/auditing/event-5058.md
index b95c545e7c..b5420ecbbb 100644
--- a/windows/security/threat-protection/auditing/event-5058.md
+++ b/windows/security/threat-protection/auditing/event-5058.md
@@ -1,5 +1,5 @@
---
-title: 5058(S, F) Key file operation. (Windows 10)
+title: 5058(S, F) Key file operation.
description: Describes security event 5058(S, F) Key file operation. This event is generated when an operation is performed on a file that contains a KSP key.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5059.md b/windows/security/threat-protection/auditing/event-5059.md
index cdbae47721..9fd58f5976 100644
--- a/windows/security/threat-protection/auditing/event-5059.md
+++ b/windows/security/threat-protection/auditing/event-5059.md
@@ -1,5 +1,5 @@
---
-title: 5059(S, F) Key migration operation. (Windows 10)
+title: 5059(S, F) Key migration operation.
description: Describes security event 5059(S, F) Key migration operation. This event is generated when a cryptographic key is exported/imported using a Key Storage Provider.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5060.md b/windows/security/threat-protection/auditing/event-5060.md
index 60ec2cbd3e..56c8924e9c 100644
--- a/windows/security/threat-protection/auditing/event-5060.md
+++ b/windows/security/threat-protection/auditing/event-5060.md
@@ -1,5 +1,5 @@
---
-title: 5060(F) Verification operation failed. (Windows 10)
+title: 5060(F) Verification operation failed.
description: Describes security event 5060(F) Verification operation failed. This event is generated when the CNG verification operation fails.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5061.md b/windows/security/threat-protection/auditing/event-5061.md
index 802ee6cc60..26630fa96f 100644
--- a/windows/security/threat-protection/auditing/event-5061.md
+++ b/windows/security/threat-protection/auditing/event-5061.md
@@ -1,5 +1,5 @@
---
-title: 5061(S, F) Cryptographic operation. (Windows 10)
+title: 5061(S, F) Cryptographic operation.
description: Describes security event 5061(S, F) Cryptographic operation. This event is generated when a cryptographic operation is performed using a Key Storage Provider.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5062.md b/windows/security/threat-protection/auditing/event-5062.md
index a76dabb95e..99771cf63c 100644
--- a/windows/security/threat-protection/auditing/event-5062.md
+++ b/windows/security/threat-protection/auditing/event-5062.md
@@ -1,5 +1,5 @@
---
-title: 5062(S) A kernel-mode cryptographic self-test was performed. (Windows 10)
+title: 5062(S) A kernel-mode cryptographic self-test was performed.
description: Describes security event 5062(S) A kernel-mode cryptographic self-test was performed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5063.md b/windows/security/threat-protection/auditing/event-5063.md
index 41ac047786..7b1e2f20be 100644
--- a/windows/security/threat-protection/auditing/event-5063.md
+++ b/windows/security/threat-protection/auditing/event-5063.md
@@ -1,5 +1,5 @@
---
-title: 5063(S, F) A cryptographic provider operation was attempted. (Windows 10)
+title: 5063(S, F) A cryptographic provider operation was attempted.
description: Describes security event 5063(S, F) A cryptographic provider operation was attempted.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5064.md b/windows/security/threat-protection/auditing/event-5064.md
index 3467a2816a..50967e8e1d 100644
--- a/windows/security/threat-protection/auditing/event-5064.md
+++ b/windows/security/threat-protection/auditing/event-5064.md
@@ -1,5 +1,5 @@
---
-title: 5064(S, F) A cryptographic context operation was attempted. (Windows 10)
+title: 5064(S, F) A cryptographic context operation was attempted.
description: Describes security event 5064(S, F) A cryptographic context operation was attempted.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5065.md b/windows/security/threat-protection/auditing/event-5065.md
index 66bfddb1d1..607adf75b2 100644
--- a/windows/security/threat-protection/auditing/event-5065.md
+++ b/windows/security/threat-protection/auditing/event-5065.md
@@ -1,5 +1,5 @@
---
-title: 5065(S, F) A cryptographic context modification was attempted. (Windows 10)
+title: 5065(S, F) A cryptographic context modification was attempted.
description: Describes security event 5065(S, F) A cryptographic context modification was attempted.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5066.md b/windows/security/threat-protection/auditing/event-5066.md
index 62a0920fb7..a77382fdbd 100644
--- a/windows/security/threat-protection/auditing/event-5066.md
+++ b/windows/security/threat-protection/auditing/event-5066.md
@@ -1,5 +1,5 @@
---
-title: 5066(S, F) A cryptographic function operation was attempted. (Windows 10)
+title: 5066(S, F) A cryptographic function operation was attempted.
description: Describes security event 5066(S, F) A cryptographic function operation was attempted.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5067.md b/windows/security/threat-protection/auditing/event-5067.md
index 78cd9d24aa..83a9960d2c 100644
--- a/windows/security/threat-protection/auditing/event-5067.md
+++ b/windows/security/threat-protection/auditing/event-5067.md
@@ -1,5 +1,5 @@
---
-title: 5067(S, F) A cryptographic function modification was attempted. (Windows 10)
+title: 5067(S, F) A cryptographic function modification was attempted.
description: Describes security event 5067(S, F) A cryptographic function modification was attempted.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5068.md b/windows/security/threat-protection/auditing/event-5068.md
index 791301bc3b..1eec94b8e7 100644
--- a/windows/security/threat-protection/auditing/event-5068.md
+++ b/windows/security/threat-protection/auditing/event-5068.md
@@ -1,5 +1,5 @@
---
-title: 5068(S, F) A cryptographic function provider operation was attempted. (Windows 10)
+title: 5068(S, F) A cryptographic function provider operation was attempted.
description: Describes security event 5068(S, F) A cryptographic function provider operation was attempted.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5069.md b/windows/security/threat-protection/auditing/event-5069.md
index 9894285dad..d8914e5d08 100644
--- a/windows/security/threat-protection/auditing/event-5069.md
+++ b/windows/security/threat-protection/auditing/event-5069.md
@@ -1,5 +1,5 @@
---
-title: 5069(S, F) A cryptographic function property operation was attempted. (Windows 10)
+title: 5069(S, F) A cryptographic function property operation was attempted.
description: Describes security event 5069(S, F) A cryptographic function property operation was attempted.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5070.md b/windows/security/threat-protection/auditing/event-5070.md
index ba4785e01b..1e2423d3f3 100644
--- a/windows/security/threat-protection/auditing/event-5070.md
+++ b/windows/security/threat-protection/auditing/event-5070.md
@@ -1,5 +1,5 @@
---
-title: 5070(S, F) A cryptographic function property modification was attempted. (Windows 10)
+title: 5070(S, F) A cryptographic function property modification was attempted.
description: Describes security event 5070(S, F) A cryptographic function property modification was attempted.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5136.md b/windows/security/threat-protection/auditing/event-5136.md
index e935d656d9..cdebfbac73 100644
--- a/windows/security/threat-protection/auditing/event-5136.md
+++ b/windows/security/threat-protection/auditing/event-5136.md
@@ -1,5 +1,5 @@
---
-title: 5136(S) A directory service object was modified. (Windows 10)
+title: 5136(S) A directory service object was modified.
description: Describes security event 5136(S) A directory service object was modified.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5137.md b/windows/security/threat-protection/auditing/event-5137.md
index bed5eae208..540d0187a2 100644
--- a/windows/security/threat-protection/auditing/event-5137.md
+++ b/windows/security/threat-protection/auditing/event-5137.md
@@ -1,5 +1,5 @@
---
-title: 5137(S) A directory service object was created. (Windows 10)
+title: 5137(S) A directory service object was created.
description: Describes security event 5137(S) A directory service object was created.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5138.md b/windows/security/threat-protection/auditing/event-5138.md
index 12d981909a..09c8e7ddeb 100644
--- a/windows/security/threat-protection/auditing/event-5138.md
+++ b/windows/security/threat-protection/auditing/event-5138.md
@@ -1,5 +1,5 @@
---
-title: 5138(S) A directory service object was undeleted. (Windows 10)
+title: 5138(S) A directory service object was undeleted.
description: Describes security event 5138(S) A directory service object was undeleted.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5139.md b/windows/security/threat-protection/auditing/event-5139.md
index 6799a4e50d..2e65bd8c4c 100644
--- a/windows/security/threat-protection/auditing/event-5139.md
+++ b/windows/security/threat-protection/auditing/event-5139.md
@@ -1,5 +1,5 @@
---
-title: 5139(S) A directory service object was moved. (Windows 10)
+title: 5139(S) A directory service object was moved.
description: Describes security event 5139(S) A directory service object was moved.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5140.md b/windows/security/threat-protection/auditing/event-5140.md
index 602e1d4024..e04f04c79d 100644
--- a/windows/security/threat-protection/auditing/event-5140.md
+++ b/windows/security/threat-protection/auditing/event-5140.md
@@ -1,5 +1,5 @@
---
-title: 5140(S, F) A network share object was accessed. (Windows 10)
+title: 5140(S, F) A network share object was accessed.
description: Describes security event 5140(S, F) A network share object was accessed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5141.md b/windows/security/threat-protection/auditing/event-5141.md
index 046ca20f9d..5204b0bc87 100644
--- a/windows/security/threat-protection/auditing/event-5141.md
+++ b/windows/security/threat-protection/auditing/event-5141.md
@@ -1,5 +1,5 @@
---
-title: 5141(S) A directory service object was deleted. (Windows 10)
+title: 5141(S) A directory service object was deleted.
description: Describes security event 5141(S) A directory service object was deleted.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5142.md b/windows/security/threat-protection/auditing/event-5142.md
index 3a69208c29..9f5e758229 100644
--- a/windows/security/threat-protection/auditing/event-5142.md
+++ b/windows/security/threat-protection/auditing/event-5142.md
@@ -1,5 +1,5 @@
---
-title: 5142(S) A network share object was added. (Windows 10)
+title: 5142(S) A network share object was added.
description: Describes security event 5142(S) A network share object was added. This event is generated when a network share object is added.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5143.md b/windows/security/threat-protection/auditing/event-5143.md
index e92068c93a..fb42c41529 100644
--- a/windows/security/threat-protection/auditing/event-5143.md
+++ b/windows/security/threat-protection/auditing/event-5143.md
@@ -1,5 +1,5 @@
---
-title: 5143(S) A network share object was modified. (Windows 10)
+title: 5143(S) A network share object was modified.
description: Describes security event 5143(S) A network share object was modified. This event is generated when a network share object is modified.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5144.md b/windows/security/threat-protection/auditing/event-5144.md
index da401f212d..b9b86c4142 100644
--- a/windows/security/threat-protection/auditing/event-5144.md
+++ b/windows/security/threat-protection/auditing/event-5144.md
@@ -1,5 +1,5 @@
---
-title: 5144(S) A network share object was deleted. (Windows 10)
+title: 5144(S) A network share object was deleted.
description: Describes security event 5144(S) A network share object was deleted. This event is generated when a network share object is deleted.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5145.md b/windows/security/threat-protection/auditing/event-5145.md
index 7b34010d4c..191b70ddbe 100644
--- a/windows/security/threat-protection/auditing/event-5145.md
+++ b/windows/security/threat-protection/auditing/event-5145.md
@@ -1,5 +1,5 @@
---
-title: 5145(S, F) A network share object was checked to see whether client can be granted desired access. (Windows 10)
+title: 5145(S, F) A network share object was checked to see whether client can be granted desired access.
description: Describes security event 5145(S, F) A network share object was checked to see whether client can be granted desired access.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5148.md b/windows/security/threat-protection/auditing/event-5148.md
index 5442a8a705..25114d8d2b 100644
--- a/windows/security/threat-protection/auditing/event-5148.md
+++ b/windows/security/threat-protection/auditing/event-5148.md
@@ -1,5 +1,5 @@
---
-title: 5148(F) The Windows Filtering Platform has detected a DoS attack and entered a defensive mode; packets associated with this attack will be discarded. (Windows 10)
+title: 5148(F) The Windows Filtering Platform has detected a DoS attack and entered a defensive mode; packets associated with this attack will be discarded.
description: Details on Security event 5148(F), The Windows Filtering Platform has detected a DoS attack and entered a defensive mode.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5149.md b/windows/security/threat-protection/auditing/event-5149.md
index 7e0dc6dd45..adb0eeb2cc 100644
--- a/windows/security/threat-protection/auditing/event-5149.md
+++ b/windows/security/threat-protection/auditing/event-5149.md
@@ -1,5 +1,5 @@
---
-title: 5149(F) The DoS attack has subsided and normal processing is being resumed. (Windows 10)
+title: 5149(F) The DoS attack has subsided and normal processing is being resumed.
description: Describes security event 5149(F) The DoS attack has subsided and normal processing is being resumed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5150.md b/windows/security/threat-protection/auditing/event-5150.md
index 80c82d807e..9dce2ef7fe 100644
--- a/windows/security/threat-protection/auditing/event-5150.md
+++ b/windows/security/threat-protection/auditing/event-5150.md
@@ -1,5 +1,5 @@
---
-title: 5150(-) The Windows Filtering Platform blocked a packet. (Windows 10)
+title: 5150(-) The Windows Filtering Platform blocked a packet.
description: Describes security event 5150(-) The Windows Filtering Platform blocked a packet.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5151.md b/windows/security/threat-protection/auditing/event-5151.md
index 6b7d1453bf..acf986a555 100644
--- a/windows/security/threat-protection/auditing/event-5151.md
+++ b/windows/security/threat-protection/auditing/event-5151.md
@@ -1,5 +1,5 @@
---
-title: 5151(-) A more restrictive Windows Filtering Platform filter has blocked a packet. (Windows 10)
+title: 5151(-) A more restrictive Windows Filtering Platform filter has blocked a packet.
description: Describes security event 5151(-) A more restrictive Windows Filtering Platform filter has blocked a packet.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5152.md b/windows/security/threat-protection/auditing/event-5152.md
index e5a76da383..c051185452 100644
--- a/windows/security/threat-protection/auditing/event-5152.md
+++ b/windows/security/threat-protection/auditing/event-5152.md
@@ -1,5 +1,5 @@
---
-title: 5152(F) The Windows Filtering Platform blocked a packet. (Windows 10)
+title: 5152(F) The Windows Filtering Platform blocked a packet.
description: Describes security event 5152(F) The Windows Filtering Platform blocked a packet.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5153.md b/windows/security/threat-protection/auditing/event-5153.md
index a321b76f20..e969dc8a2e 100644
--- a/windows/security/threat-protection/auditing/event-5153.md
+++ b/windows/security/threat-protection/auditing/event-5153.md
@@ -1,5 +1,5 @@
---
-title: 5153(S) A more restrictive Windows Filtering Platform filter has blocked a packet. (Windows 10)
+title: 5153(S) A more restrictive Windows Filtering Platform filter has blocked a packet.
description: Describes security event 5153(S) A more restrictive Windows Filtering Platform filter has blocked a packet.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5154.md b/windows/security/threat-protection/auditing/event-5154.md
index 9b2425ff9c..ac6d1c65ff 100644
--- a/windows/security/threat-protection/auditing/event-5154.md
+++ b/windows/security/threat-protection/auditing/event-5154.md
@@ -1,5 +1,5 @@
---
-title: 5154(S) The Windows Filtering Platform has permitted an application or service to listen on a port for incoming connections. (Windows 10)
+title: 5154(S) The Windows Filtering Platform has permitted an application or service to listen on a port for incoming connections.
description: Describes security event 5154(S) The Windows Filtering Platform has permitted an application or service to listen on a port for incoming connections.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5155.md b/windows/security/threat-protection/auditing/event-5155.md
index e6efebdae1..5bf71f6985 100644
--- a/windows/security/threat-protection/auditing/event-5155.md
+++ b/windows/security/threat-protection/auditing/event-5155.md
@@ -1,5 +1,5 @@
---
-title: 5155(F) The Windows Filtering Platform has blocked an application or service from listening on a port for incoming connections. (Windows 10)
+title: 5155(F) The Windows Filtering Platform has blocked an application or service from listening on a port for incoming connections.
description: Describes security event 5155(F) The Windows Filtering Platform has blocked an application or service from listening on a port for incoming connections.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5156.md b/windows/security/threat-protection/auditing/event-5156.md
index 3d56301b24..724eaef46c 100644
--- a/windows/security/threat-protection/auditing/event-5156.md
+++ b/windows/security/threat-protection/auditing/event-5156.md
@@ -1,5 +1,5 @@
---
-title: 5156(S) The Windows Filtering Platform has permitted a connection. (Windows 10)
+title: 5156(S) The Windows Filtering Platform has permitted a connection.
description: Describes security event 5156(S) The Windows Filtering Platform has permitted a connection.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5157.md b/windows/security/threat-protection/auditing/event-5157.md
index 4f62c99d51..1e39f7ffb8 100644
--- a/windows/security/threat-protection/auditing/event-5157.md
+++ b/windows/security/threat-protection/auditing/event-5157.md
@@ -1,5 +1,5 @@
---
-title: 5157(F) The Windows Filtering Platform has blocked a connection. (Windows 10)
+title: 5157(F) The Windows Filtering Platform has blocked a connection.
description: Describes security event 5157(F) The Windows Filtering Platform has blocked a connection.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5158.md b/windows/security/threat-protection/auditing/event-5158.md
index cbc0d2d4ee..38240c1959 100644
--- a/windows/security/threat-protection/auditing/event-5158.md
+++ b/windows/security/threat-protection/auditing/event-5158.md
@@ -1,5 +1,5 @@
---
-title: 5158(S) The Windows Filtering Platform has permitted a bind to a local port. (Windows 10)
+title: 5158(S) The Windows Filtering Platform has permitted a bind to a local port.
description: Describes security event 5158(S) The Windows Filtering Platform has permitted a bind to a local port.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5159.md b/windows/security/threat-protection/auditing/event-5159.md
index ffe34518c5..ac4d655290 100644
--- a/windows/security/threat-protection/auditing/event-5159.md
+++ b/windows/security/threat-protection/auditing/event-5159.md
@@ -1,5 +1,5 @@
---
-title: 5159(F) The Windows Filtering Platform has blocked a bind to a local port. (Windows 10)
+title: 5159(F) The Windows Filtering Platform has blocked a bind to a local port.
description: Describes security event 5159(F) The Windows Filtering Platform has blocked a bind to a local port.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5168.md b/windows/security/threat-protection/auditing/event-5168.md
index f0ae1f47a8..6e3c96eb23 100644
--- a/windows/security/threat-protection/auditing/event-5168.md
+++ b/windows/security/threat-protection/auditing/event-5168.md
@@ -1,5 +1,5 @@
---
-title: 5168(F) SPN check for SMB/SMB2 failed. (Windows 10)
+title: 5168(F) SPN check for SMB/SMB2 failed.
description: Describes security event 5168(F) SPN check for SMB/SMB2 failed. This event is generated when an SMB SPN check fails.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5376.md b/windows/security/threat-protection/auditing/event-5376.md
index ee08c45c93..a16faf1299 100644
--- a/windows/security/threat-protection/auditing/event-5376.md
+++ b/windows/security/threat-protection/auditing/event-5376.md
@@ -1,5 +1,5 @@
---
-title: 5376(S) Credential Manager credentials were backed up. (Windows 10)
+title: 5376(S) Credential Manager credentials were backed up.
description: Describes security event 5376(S) Credential Manager credentials were backed up.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5377.md b/windows/security/threat-protection/auditing/event-5377.md
index a6f12f74f5..3507bd16cb 100644
--- a/windows/security/threat-protection/auditing/event-5377.md
+++ b/windows/security/threat-protection/auditing/event-5377.md
@@ -1,5 +1,5 @@
---
-title: 5377(S) Credential Manager credentials were restored from a backup. (Windows 10)
+title: 5377(S) Credential Manager credentials were restored from a backup.
description: Describes security event 5377(S) Credential Manager credentials were restored from a backup.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5378.md b/windows/security/threat-protection/auditing/event-5378.md
index b6391769da..fe25938e5e 100644
--- a/windows/security/threat-protection/auditing/event-5378.md
+++ b/windows/security/threat-protection/auditing/event-5378.md
@@ -1,5 +1,5 @@
---
-title: 5378(F) The requested credentials delegation was disallowed by policy. (Windows 10)
+title: 5378(F) The requested credentials delegation was disallowed by policy.
description: Describes security event 5378(F) The requested credentials delegation was disallowed by policy.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5447.md b/windows/security/threat-protection/auditing/event-5447.md
index 96b013cf8c..0acc7c3617 100644
--- a/windows/security/threat-protection/auditing/event-5447.md
+++ b/windows/security/threat-protection/auditing/event-5447.md
@@ -1,5 +1,5 @@
---
-title: 5447(S) A Windows Filtering Platform filter has been changed. (Windows 10)
+title: 5447(S) A Windows Filtering Platform filter has been changed.
description: Describes security event 5447(S) A Windows Filtering Platform filter has been changed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5632.md b/windows/security/threat-protection/auditing/event-5632.md
index 676a79172e..4318afccfa 100644
--- a/windows/security/threat-protection/auditing/event-5632.md
+++ b/windows/security/threat-protection/auditing/event-5632.md
@@ -1,5 +1,5 @@
---
-title: 5632(S, F) A request was made to authenticate to a wireless network. (Windows 10)
+title: 5632(S, F) A request was made to authenticate to a wireless network.
description: Describes security event 5632(S, F) A request was made to authenticate to a wireless network.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5633.md b/windows/security/threat-protection/auditing/event-5633.md
index e661c80301..e1c83e2ce0 100644
--- a/windows/security/threat-protection/auditing/event-5633.md
+++ b/windows/security/threat-protection/auditing/event-5633.md
@@ -1,5 +1,5 @@
---
-title: 5633(S, F) A request was made to authenticate to a wired network. (Windows 10)
+title: 5633(S, F) A request was made to authenticate to a wired network.
description: Describes security event 5633(S, F) A request was made to authenticate to a wired network.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5712.md b/windows/security/threat-protection/auditing/event-5712.md
index 32d5ba732a..a16b225c22 100644
--- a/windows/security/threat-protection/auditing/event-5712.md
+++ b/windows/security/threat-protection/auditing/event-5712.md
@@ -1,5 +1,5 @@
---
-title: 5712(S) A Remote Procedure Call (RPC) was attempted. (Windows 10)
+title: 5712(S) A Remote Procedure Call (RPC) was attempted.
description: Describes security event 5712(S) A Remote Procedure Call (RPC) was attempted.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5888.md b/windows/security/threat-protection/auditing/event-5888.md
index 72e18b5e28..9883763620 100644
--- a/windows/security/threat-protection/auditing/event-5888.md
+++ b/windows/security/threat-protection/auditing/event-5888.md
@@ -1,5 +1,5 @@
---
-title: 5888(S) An object in the COM+ Catalog was modified. (Windows 10)
+title: 5888(S) An object in the COM+ Catalog was modified.
description: Describes security event 5888(S) An object in the COM+ Catalog was modified.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5889.md b/windows/security/threat-protection/auditing/event-5889.md
index 178ec29a4f..35333b2c0a 100644
--- a/windows/security/threat-protection/auditing/event-5889.md
+++ b/windows/security/threat-protection/auditing/event-5889.md
@@ -1,5 +1,5 @@
---
-title: 5889(S) An object was deleted from the COM+ Catalog. (Windows 10)
+title: 5889(S) An object was deleted from the COM+ Catalog.
description: Describes security event 5889(S) An object was deleted from the COM+ Catalog.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-5890.md b/windows/security/threat-protection/auditing/event-5890.md
index 4f473d2a4e..62ffc37aef 100644
--- a/windows/security/threat-protection/auditing/event-5890.md
+++ b/windows/security/threat-protection/auditing/event-5890.md
@@ -1,5 +1,5 @@
---
-title: 5890(S) An object was added to the COM+ Catalog. (Windows 10)
+title: 5890(S) An object was added to the COM+ Catalog.
description: Describes security event 5890(S) An object was added to the COM+ Catalog.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-6144.md b/windows/security/threat-protection/auditing/event-6144.md
index 3eb1181321..f48236f8f6 100644
--- a/windows/security/threat-protection/auditing/event-6144.md
+++ b/windows/security/threat-protection/auditing/event-6144.md
@@ -1,5 +1,5 @@
---
-title: 6144(S) Security policy in the group policy objects has been applied successfully. (Windows 10)
+title: 6144(S) Security policy in the group policy objects has been applied successfully.
description: Describes security event 6144(S) Security policy in the group policy objects has been applied successfully.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-6145.md b/windows/security/threat-protection/auditing/event-6145.md
index b062b5e023..6b7c90a16e 100644
--- a/windows/security/threat-protection/auditing/event-6145.md
+++ b/windows/security/threat-protection/auditing/event-6145.md
@@ -1,5 +1,5 @@
---
-title: 6145(F) One or more errors occurred while processing security policy in the group policy objects. (Windows 10)
+title: 6145(F) One or more errors occurred while processing security policy in the group policy objects.
description: Describes security event 6145(F) One or more errors occurred while processing security policy in the group policy objects.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-6281.md b/windows/security/threat-protection/auditing/event-6281.md
index 38f432d51a..574a3854b0 100644
--- a/windows/security/threat-protection/auditing/event-6281.md
+++ b/windows/security/threat-protection/auditing/event-6281.md
@@ -1,5 +1,5 @@
---
-title: 6281(F) Code Integrity determined that the page hashes of an image file aren't valid. (Windows 10)
+title: 6281(F) Code Integrity determined that the page hashes of an image file aren't valid.
description: Describes security event 6281(F) Code Integrity determined that the page hashes of an image file aren't valid.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-6400.md b/windows/security/threat-protection/auditing/event-6400.md
index a588c35204..dc64fd05a5 100644
--- a/windows/security/threat-protection/auditing/event-6400.md
+++ b/windows/security/threat-protection/auditing/event-6400.md
@@ -1,5 +1,5 @@
---
-title: 6400(-) BranchCache Received an incorrectly formatted response while discovering availability of content. (Windows 10)
+title: 6400(-) BranchCache Received an incorrectly formatted response while discovering availability of content.
description: Describes security event 6400(-) BranchCache Received an incorrectly formatted response while discovering availability of content.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-6401.md b/windows/security/threat-protection/auditing/event-6401.md
index 82502eb7ff..94f6633a46 100644
--- a/windows/security/threat-protection/auditing/event-6401.md
+++ b/windows/security/threat-protection/auditing/event-6401.md
@@ -1,5 +1,5 @@
---
-title: 6401(-) BranchCache Received invalid data from a peer. Data discarded. (Windows 10)
+title: 6401(-) BranchCache Received invalid data from a peer. Data discarded.
description: Describes security event 6401(-) BranchCache Received invalid data from a peer. Data discarded.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-6402.md b/windows/security/threat-protection/auditing/event-6402.md
index d5d3febf63..73129dfd29 100644
--- a/windows/security/threat-protection/auditing/event-6402.md
+++ b/windows/security/threat-protection/auditing/event-6402.md
@@ -1,5 +1,5 @@
---
-title: 6402(-) BranchCache The message to the hosted cache offering it data is incorrectly formatted. (Windows 10)
+title: 6402(-) BranchCache The message to the hosted cache offering it data is incorrectly formatted.
description: Describes security event 6402(-) BranchCache The message to the hosted cache offering it data is incorrectly formatted.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-6403.md b/windows/security/threat-protection/auditing/event-6403.md
index 2f9d945388..58d24830a0 100644
--- a/windows/security/threat-protection/auditing/event-6403.md
+++ b/windows/security/threat-protection/auditing/event-6403.md
@@ -1,5 +1,5 @@
---
-title: 6403(-) BranchCache The hosted cache sent an incorrectly formatted response to the client. (Windows 10)
+title: 6403(-) BranchCache The hosted cache sent an incorrectly formatted response to the client.
description: Describes security event 6403(-) BranchCache The hosted cache sent an incorrectly formatted response to the client.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-6404.md b/windows/security/threat-protection/auditing/event-6404.md
index f37bea1b9e..dbe0f13d14 100644
--- a/windows/security/threat-protection/auditing/event-6404.md
+++ b/windows/security/threat-protection/auditing/event-6404.md
@@ -1,5 +1,5 @@
---
-title: 6404(-) BranchCache Hosted cache could not be authenticated using the provisioned SSL certificate. (Windows 10)
+title: 6404(-) BranchCache Hosted cache could not be authenticated using the provisioned SSL certificate.
description: Describes security event 6404(-) BranchCache Hosted cache could not be authenticated using the provisioned SSL certificate.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-6405.md b/windows/security/threat-protection/auditing/event-6405.md
index 1feed0f6a6..a4f439d202 100644
--- a/windows/security/threat-protection/auditing/event-6405.md
+++ b/windows/security/threat-protection/auditing/event-6405.md
@@ -1,5 +1,5 @@
---
-title: 6405(-) BranchCache %2 instance(s) of event id %1 occurred. (Windows 10)
+title: 6405(-) BranchCache %2 instance(s) of event id %1 occurred.
description: Describes security event 6405(-) BranchCache %2 instance(s) of event id %1 occurred.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-6406.md b/windows/security/threat-protection/auditing/event-6406.md
index fdd75af38b..f0c92f84f6 100644
--- a/windows/security/threat-protection/auditing/event-6406.md
+++ b/windows/security/threat-protection/auditing/event-6406.md
@@ -1,5 +1,5 @@
---
-title: 6406(-) %1 registered to Windows Firewall to control filtering for the following %2. (Windows 10)
+title: 6406(-) %1 registered to Windows Firewall to control filtering for the following %2.
description: Describes security event 6406(-) %1 registered to Windows Firewall to control filtering for the following %2.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-6407.md b/windows/security/threat-protection/auditing/event-6407.md
index c2f279466e..5341074ad2 100644
--- a/windows/security/threat-protection/auditing/event-6407.md
+++ b/windows/security/threat-protection/auditing/event-6407.md
@@ -1,5 +1,5 @@
---
-title: 6407(-) 1%. (Windows 10)
+title: 6407(-) 1%.
description: Describes security event 6407(-) 1%. This event is a BranchCache event, which is outside the scope of this document.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-6408.md b/windows/security/threat-protection/auditing/event-6408.md
index 36f25a9b69..aafcea4c9c 100644
--- a/windows/security/threat-protection/auditing/event-6408.md
+++ b/windows/security/threat-protection/auditing/event-6408.md
@@ -1,5 +1,5 @@
---
-title: 6408(-) Registered product %1 failed and Windows Firewall is now controlling the filtering for %2. (Windows 10)
+title: 6408(-) Registered product %1 failed and Windows Firewall is now controlling the filtering for %2.
description: Describes security event 6408(-) Registered product %1 failed and Windows Firewall is now controlling the filtering for %2.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-6409.md b/windows/security/threat-protection/auditing/event-6409.md
index 3f406625b5..4b002854ab 100644
--- a/windows/security/threat-protection/auditing/event-6409.md
+++ b/windows/security/threat-protection/auditing/event-6409.md
@@ -1,5 +1,5 @@
---
-title: 6409(-) BranchCache A service connection point object could not be parsed. (Windows 10)
+title: 6409(-) BranchCache A service connection point object could not be parsed.
description: Describes security event 6409(-) BranchCache A service connection point object could not be parsed.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-6410.md b/windows/security/threat-protection/auditing/event-6410.md
index 958db95565..26fa20d6b1 100644
--- a/windows/security/threat-protection/auditing/event-6410.md
+++ b/windows/security/threat-protection/auditing/event-6410.md
@@ -1,5 +1,5 @@
---
-title: 6410(F) Code integrity determined that a file doesn't meet the security requirements to load into a process. (Windows 10)
+title: 6410(F) Code integrity determined that a file doesn't meet the security requirements to load into a process.
description: Describes security event 6410(F) Code integrity determined that a file doesn't meet the security requirements to load into a process.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-6416.md b/windows/security/threat-protection/auditing/event-6416.md
index 64cdb17ee1..01223f3581 100644
--- a/windows/security/threat-protection/auditing/event-6416.md
+++ b/windows/security/threat-protection/auditing/event-6416.md
@@ -1,5 +1,5 @@
---
-title: 6416(S) A new external device was recognized by the System. (Windows 10)
+title: 6416(S) A new external device was recognized by the System.
description: Describes security event 6416(S) A new external device was recognized by the System.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-6419.md b/windows/security/threat-protection/auditing/event-6419.md
index 7368059899..447bcd58dc 100644
--- a/windows/security/threat-protection/auditing/event-6419.md
+++ b/windows/security/threat-protection/auditing/event-6419.md
@@ -1,5 +1,5 @@
---
-title: 6419(S) A request was made to disable a device. (Windows 10)
+title: 6419(S) A request was made to disable a device.
description: Describes security event 6419(S) A request was made to disable a device.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-6420.md b/windows/security/threat-protection/auditing/event-6420.md
index 2c7166a78d..80521a6822 100644
--- a/windows/security/threat-protection/auditing/event-6420.md
+++ b/windows/security/threat-protection/auditing/event-6420.md
@@ -1,5 +1,5 @@
---
-title: 6420(S) A device was disabled. (Windows 10)
+title: 6420(S) A device was disabled.
description: Describes security event 6420(S) A device was disabled. This event is generated when a specific device is disabled.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-6421.md b/windows/security/threat-protection/auditing/event-6421.md
index ae72b11254..aa1d7704f1 100644
--- a/windows/security/threat-protection/auditing/event-6421.md
+++ b/windows/security/threat-protection/auditing/event-6421.md
@@ -1,5 +1,5 @@
---
-title: 6421(S) A request was made to enable a device. (Windows 10)
+title: 6421(S) A request was made to enable a device.
description: Describes security event 6421(S) A request was made to enable a device.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-6422.md b/windows/security/threat-protection/auditing/event-6422.md
index bf594b6937..1a6e391654 100644
--- a/windows/security/threat-protection/auditing/event-6422.md
+++ b/windows/security/threat-protection/auditing/event-6422.md
@@ -1,5 +1,5 @@
---
-title: 6422(S) A device was enabled. (Windows 10)
+title: 6422(S) A device was enabled.
description: Describes security event 6422(S) A device was enabled. This event is generated when a specific device is enabled.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-6423.md b/windows/security/threat-protection/auditing/event-6423.md
index 4f7fcb614c..4b1f78c094 100644
--- a/windows/security/threat-protection/auditing/event-6423.md
+++ b/windows/security/threat-protection/auditing/event-6423.md
@@ -1,5 +1,5 @@
---
-title: 6423(S) The installation of this device is forbidden by system policy. (Windows 10)
+title: 6423(S) The installation of this device is forbidden by system policy.
description: Describes security event 6423(S) The installation of this device is forbidden by system policy.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/event-6424.md b/windows/security/threat-protection/auditing/event-6424.md
index 10d33c2820..81cd90103b 100644
--- a/windows/security/threat-protection/auditing/event-6424.md
+++ b/windows/security/threat-protection/auditing/event-6424.md
@@ -1,5 +1,5 @@
---
-title: 6424(S) The installation of this device was allowed, after having previously been forbidden by policy. (Windows 10)
+title: 6424(S) The installation of this device was allowed, after having previously been forbidden by policy.
description: Describes security event 6424(S) The installation of this device was allowed, after having previously been forbidden by policy.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/file-system-global-object-access-auditing.md b/windows/security/threat-protection/auditing/file-system-global-object-access-auditing.md
index 90b8df1a2d..a248fd4f79 100644
--- a/windows/security/threat-protection/auditing/file-system-global-object-access-auditing.md
+++ b/windows/security/threat-protection/auditing/file-system-global-object-access-auditing.md
@@ -1,5 +1,5 @@
---
-title: File System (Global Object Access Auditing) (Windows 10)
+title: File System (Global Object Access Auditing)
description: The policy setting, File System (Global Object Access Auditing), enables you to configure a global system access control list (SACL) for an entire computer.
ms.assetid: 4f215d61-0e23-46e4-9e58-08511105d25b
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/how-to-list-xml-elements-in-eventdata.md b/windows/security/threat-protection/auditing/how-to-list-xml-elements-in-eventdata.md
index d2af1d3d31..c9acfc2f7a 100644
--- a/windows/security/threat-protection/auditing/how-to-list-xml-elements-in-eventdata.md
+++ b/windows/security/threat-protection/auditing/how-to-list-xml-elements-in-eventdata.md
@@ -1,5 +1,5 @@
---
-title: How to get a list of XML data name elements in (Windows 10)
+title: How to get a list of XML data name elements in
description: This reference article for the IT professional explains how to use PowerShell to get a list of XML data name elements that can appear in .
ms.prod: windows-client
ms.mktglfcycl: deploy
diff --git a/windows/security/threat-protection/auditing/monitor-central-access-policy-and-rule-definitions.md b/windows/security/threat-protection/auditing/monitor-central-access-policy-and-rule-definitions.md
index 9b6b271da7..471ed8c690 100644
--- a/windows/security/threat-protection/auditing/monitor-central-access-policy-and-rule-definitions.md
+++ b/windows/security/threat-protection/auditing/monitor-central-access-policy-and-rule-definitions.md
@@ -1,5 +1,5 @@
---
-title: Monitor central access policy and rule definitions (Windows 10)
+title: Monitor central access policy and rule definitions
description: Learn how to use advanced security auditing options to monitor changes to central access policy and central access rule definitions.
ms.assetid: 553f98a6-7606-4518-a3c5-347a33105130
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/monitor-claim-types.md b/windows/security/threat-protection/auditing/monitor-claim-types.md
index a7c3aa44fe..541639f07d 100644
--- a/windows/security/threat-protection/auditing/monitor-claim-types.md
+++ b/windows/security/threat-protection/auditing/monitor-claim-types.md
@@ -1,5 +1,5 @@
---
-title: Monitor claim types (Windows 10)
+title: Monitor claim types
description: Learn how to monitor changes to claim types that are associated with dynamic access control when you're using advanced security auditing options.
ms.assetid: 426084da-4eef-44af-aeec-e7ab4d4e2439
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/monitor-resource-attribute-definitions.md b/windows/security/threat-protection/auditing/monitor-resource-attribute-definitions.md
index 91265a3f10..d9e2b2025d 100644
--- a/windows/security/threat-protection/auditing/monitor-resource-attribute-definitions.md
+++ b/windows/security/threat-protection/auditing/monitor-resource-attribute-definitions.md
@@ -1,5 +1,5 @@
---
-title: Monitor resource attribute definitions (Windows 10)
+title: Monitor resource attribute definitions
description: Learn how to monitor changes to resource attribute definitions when you're using advanced security auditing options to monitor dynamic access control objects.
ms.assetid: aace34b0-123a-4b83-9e09-f269220e79de
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/monitor-the-central-access-policies-associated-with-files-and-folders.md b/windows/security/threat-protection/auditing/monitor-the-central-access-policies-associated-with-files-and-folders.md
index 179df431d4..806cdbef89 100644
--- a/windows/security/threat-protection/auditing/monitor-the-central-access-policies-associated-with-files-and-folders.md
+++ b/windows/security/threat-protection/auditing/monitor-the-central-access-policies-associated-with-files-and-folders.md
@@ -1,5 +1,5 @@
---
-title: Monitor central access policies for files or folders (Windows 10)
+title: Monitor central access policies for files or folders
description: Monitor changes to central access policies associated with files and folders, when using advanced security auditing options for dynamic access control objects.
ms.assetid: 2ea8fc23-b3ac-432f-87b0-6a16506e8eed
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/monitor-the-central-access-policies-that-apply-on-a-file-server.md b/windows/security/threat-protection/auditing/monitor-the-central-access-policies-that-apply-on-a-file-server.md
index 1e95dc5887..c3c6bd7919 100644
--- a/windows/security/threat-protection/auditing/monitor-the-central-access-policies-that-apply-on-a-file-server.md
+++ b/windows/security/threat-protection/auditing/monitor-the-central-access-policies-that-apply-on-a-file-server.md
@@ -1,5 +1,5 @@
---
-title: Monitor central access policies on a file server (Windows 10)
+title: Monitor central access policies on a file server
description: Learn how to monitor changes to the central access policies that apply to a file server when using advanced security auditing options.
ms.assetid: 126b051e-c20d-41f1-b42f-6cff24dcf20c
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/monitor-the-resource-attributes-on-files-and-folders.md b/windows/security/threat-protection/auditing/monitor-the-resource-attributes-on-files-and-folders.md
index 5bbd6fa638..4008b0c158 100644
--- a/windows/security/threat-protection/auditing/monitor-the-resource-attributes-on-files-and-folders.md
+++ b/windows/security/threat-protection/auditing/monitor-the-resource-attributes-on-files-and-folders.md
@@ -1,5 +1,5 @@
---
-title: Monitor the resource attributes on files and folders (Windows 10)
+title: Monitor the resource attributes on files and folders
description: Learn how to use advanced security auditing options to monitor attempts to change settings on the resource attributes of files.
ms.assetid: 4944097b-320f-44c7-88ed-bf55946a358b
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/monitor-the-use-of-removable-storage-devices.md b/windows/security/threat-protection/auditing/monitor-the-use-of-removable-storage-devices.md
index 659d01dc6b..5142eff8ca 100644
--- a/windows/security/threat-protection/auditing/monitor-the-use-of-removable-storage-devices.md
+++ b/windows/security/threat-protection/auditing/monitor-the-use-of-removable-storage-devices.md
@@ -1,5 +1,5 @@
---
-title: Monitor the use of removable storage devices (Windows 10)
+title: Monitor the use of removable storage devices
description: Learn how advanced security auditing options can be used to monitor attempts to use removable storage devices to access network resources.
ms.assetid: b0a9e4a5-b7ff-41c6-96ff-0228d4ba5da8
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/monitor-user-and-device-claims-during-sign-in.md b/windows/security/threat-protection/auditing/monitor-user-and-device-claims-during-sign-in.md
index 70ff402a9c..d97b9e646f 100644
--- a/windows/security/threat-protection/auditing/monitor-user-and-device-claims-during-sign-in.md
+++ b/windows/security/threat-protection/auditing/monitor-user-and-device-claims-during-sign-in.md
@@ -1,5 +1,5 @@
---
-title: Monitor user and device claims during sign-in (Windows 10)
+title: Monitor user and device claims during sign-in
description: Learn how to monitor user and device claims that are associated with a user’s security token. This advice assumes you have deployed Dynamic Access Control.
ms.assetid: 71796ea9-5fe4-4183-8475-805c3c1f319f
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/other-events.md b/windows/security/threat-protection/auditing/other-events.md
index 800961629e..86ef4c8957 100644
--- a/windows/security/threat-protection/auditing/other-events.md
+++ b/windows/security/threat-protection/auditing/other-events.md
@@ -1,5 +1,5 @@
---
-title: Other Events (Windows 10)
+title: Other Events
description: Describes the Other Events auditing subcategory, which includes events that are generated automatically and enabled by default.
ms.pagetype: security
ms.prod: windows-client
diff --git a/windows/security/threat-protection/auditing/planning-and-deploying-advanced-security-audit-policies.md b/windows/security/threat-protection/auditing/planning-and-deploying-advanced-security-audit-policies.md
index ca4a732ae0..9c710c203e 100644
--- a/windows/security/threat-protection/auditing/planning-and-deploying-advanced-security-audit-policies.md
+++ b/windows/security/threat-protection/auditing/planning-and-deploying-advanced-security-audit-policies.md
@@ -1,5 +1,5 @@
---
-title: Plan and deploy advanced security audit policies (Windows 10)
+title: Plan and deploy advanced security audit policies
description: Learn to deploy an effective security audit policy in a network that includes advanced security audit policies.
ms.assetid: 7428e1db-aba8-407b-a39e-509671e5a442
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/registry-global-object-access-auditing.md b/windows/security/threat-protection/auditing/registry-global-object-access-auditing.md
index ddb00eb78b..ac19f5355d 100644
--- a/windows/security/threat-protection/auditing/registry-global-object-access-auditing.md
+++ b/windows/security/threat-protection/auditing/registry-global-object-access-auditing.md
@@ -1,5 +1,5 @@
---
-title: Registry (Global Object Access Auditing) (Windows 10)
+title: Registry (Global Object Access Auditing)
description: The Advanced Security Audit policy setting, Registry (Global Object Access Auditing), enables you to configure a global system access control list (SACL).
ms.assetid: 953bb1c1-3f76-43be-ba17-4aed2304f578
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/security-auditing-overview.md b/windows/security/threat-protection/auditing/security-auditing-overview.md
index 6b11aea8c2..90e0745872 100644
--- a/windows/security/threat-protection/auditing/security-auditing-overview.md
+++ b/windows/security/threat-protection/auditing/security-auditing-overview.md
@@ -1,5 +1,5 @@
---
-title: Security auditing (Windows 10)
+title: Security auditing
description: Learn about security auditing features in Windows, and how your organization can benefit from using them to make your network more secure and easily managed.
ms.assetid: 2d9b8142-49bd-4a33-b246-3f0c2a5f32d4
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/using-advanced-security-auditing-options-to-monitor-dynamic-access-control-objects.md b/windows/security/threat-protection/auditing/using-advanced-security-auditing-options-to-monitor-dynamic-access-control-objects.md
index 1b69753395..0d0c6e1fb7 100644
--- a/windows/security/threat-protection/auditing/using-advanced-security-auditing-options-to-monitor-dynamic-access-control-objects.md
+++ b/windows/security/threat-protection/auditing/using-advanced-security-auditing-options-to-monitor-dynamic-access-control-objects.md
@@ -1,5 +1,5 @@
---
-title: Using advanced security auditing options to monitor dynamic access control objects (Windows 10)
+title: Using advanced security auditing options to monitor dynamic access control objects
description: Domain admins can set up advanced security audit options in Windows 10 to target specific users, or monitor potentially significant activity on multiple devices
ms.assetid: 0d2c28ea-bdaf-47fd-bca2-a07dce5fed37
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/view-the-security-event-log.md b/windows/security/threat-protection/auditing/view-the-security-event-log.md
index 3985c12068..25265ee877 100644
--- a/windows/security/threat-protection/auditing/view-the-security-event-log.md
+++ b/windows/security/threat-protection/auditing/view-the-security-event-log.md
@@ -1,5 +1,5 @@
---
-title: View the security event log (Windows 10)
+title: View the security event log
description: The security log records each event as defined by the audit policies you set on each object.
ms.assetid: 20DD2ACD-241A-45C5-A92F-4BE0D9F198B9
ms.reviewer:
diff --git a/windows/security/threat-protection/auditing/which-editions-of-windows-support-advanced-audit-policy-configuration.md b/windows/security/threat-protection/auditing/which-editions-of-windows-support-advanced-audit-policy-configuration.md
index bb0933cca6..ef99d2c066 100644
--- a/windows/security/threat-protection/auditing/which-editions-of-windows-support-advanced-audit-policy-configuration.md
+++ b/windows/security/threat-protection/auditing/which-editions-of-windows-support-advanced-audit-policy-configuration.md
@@ -1,5 +1,5 @@
---
-title: Which editions of Windows support advanced audit policy configuration (Windows 10)
+title: Which editions of Windows support advanced audit policy configuration
description: This reference topic for the IT professional describes which versions of the Windows operating systems support advanced security auditing policies.
ms.assetid: 87c71cc5-522d-4771-ac78-34a2a0825f31
ms.reviewer:
diff --git a/windows/security/threat-protection/block-untrusted-fonts-in-enterprise.md b/windows/security/threat-protection/block-untrusted-fonts-in-enterprise.md
index ceffd83425..76f980c27e 100644
--- a/windows/security/threat-protection/block-untrusted-fonts-in-enterprise.md
+++ b/windows/security/threat-protection/block-untrusted-fonts-in-enterprise.md
@@ -1,5 +1,5 @@
---
-title: Block untrusted fonts in an enterprise (Windows 10)
+title: Block untrusted fonts in an enterprise
description: To help protect your company from attacks that may originate from untrusted or attacker controlled font files, we've created the Blocking Untrusted Fonts feature.
ms.reviewer:
ms.prod: windows-client
diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
index 5ab3f50909..8fbd730b70 100644
--- a/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
+++ b/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
@@ -1,5 +1,5 @@
---
-title: Configure the Group Policy settings for Microsoft Defender Application Guard (Windows)
+title: Configure the Group Policy settings for Microsoft Defender Application Guard
description: Learn about the available Group Policy settings for Microsoft Defender Application Guard.
ms.prod: windows-client
ms.mktglfcycl: manage
@@ -27,6 +27,10 @@ Microsoft Defender Application Guard (Application Guard) works with Group Policy
Application Guard uses both network isolation and application-specific settings.
+[!INCLUDE [microsoft-defender-application-guard-mdag-for-edge-enterprise-mode-and-enterprise-management](../../../../includes/licensing/microsoft-defender-application-guard-mdag-for-edge-enterprise-mode-and-enterprise-management.md)]
+
+For more information about Microsoft Defender Application Guard (MDAG) for Edge in stand-alone mode, see [Microsoft Defender Application Guard overview](/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview).
+
## Network isolation settings
These settings, located at `Computer Configuration\Administrative Templates\Network\Network Isolation`, help you define and manage your organization's network boundaries. Application Guard uses this information to automatically transfer any requests to access the non-corporate resources into the Application Guard container.
@@ -36,7 +40,7 @@ These settings, located at `Computer Configuration\Administrative Templates\Netw
> [!NOTE]
> You must configure either the Enterprise resource domains hosted in the cloud or Private network ranges for apps settings on your employee devices to successfully turn on Application Guard using enterprise mode. Proxy servers must be a neutral resource listed in the **Domains categorized as both work and personal** policy.
-
+
|Policy name|Supported versions|Description|
|-----------|------------------|-----------|
|Private network ranges for apps | At least Windows Server 2012, Windows 8, or Windows RT| A comma-separated list of IP address ranges that are in your corporate network. Included endpoints or endpoints that are included within a specified IP address range, are rendered using Microsoft Edge and won't be accessible from the Application Guard environment.|
@@ -62,13 +66,13 @@ These settings, located at `Computer Configuration\Administrative Templates\Wind
|Allow Persistence|Windows 10 Enterprise, 1709 or higherWindows 11 Enterprise|Determines whether data persists across different sessions in Microsoft Defender Application Guard.|**Enabled.** This is effective only in managed mode. Application Guard saves user-downloaded files and other items (such as, cookies, Favorites, and so on) for use in future Application Guard sessions.
**Disabled or not configured.** All user data within Application Guard is reset between sessions.
**NOTE**: If you later decide to stop supporting data persistence for your employees, you can use our Windows-provided utility to reset the container and to discard any personal data.
**To reset the container:**
1. Open a command-line program and navigate to `Windows/System32`.
2. Type `wdagtool.exe cleanup`. The container environment is reset, retaining only the employee-generated data.
3. Type `wdagtool.exe cleanup RESET_PERSISTENCE_LAYER`. The container environment is reset, including discarding all employee-generated data.|
|Turn on Microsoft Defender Application Guard in Managed Mode|Windows 10 Enterprise, 1809 or higher
Windows 11 Enterprise|Determines whether to turn on Application Guard for Microsoft Edge and Microsoft Office.|**Enabled.** Turns on Application Guard for Microsoft Edge and/or Microsoft Office, honoring the network isolation settings, rendering untrusted content in the Application Guard container. Application Guard won't actually be turned on unless the required prerequisites and network isolation settings are already set on the device. Available options:
- Enable Microsoft Defender Application Guard only for Microsoft Edge
- Enable Microsoft Defender Application Guard only for Microsoft Office
- Enable Microsoft Defender Application Guard for both Microsoft Edge and Microsoft Office
**Disabled.** Turns off Application Guard, allowing all apps to run in Microsoft Edge and Microsoft Office.
**Note:** For Windows 10, if you have KB5014666 installed, and for Windows 11, if you have KB5014668 installed, you are no longer required to configure network isolation policy to enable Application Guard for Edge.|
|Allow files to download to host operating system|Windows 10 Enterprise or Pro, 1803 or higher
Windows 11 Enterprise or Pro|Determines whether to save downloaded files to the host operating system from the Microsoft Defender Application Guard container.|**Enabled.** Allows users to save downloaded files from the Microsoft Defender Application Guard container to the host operating system. This action creates a share between the host and container that also allows for uploads from the host to the Application Guard container.
**Disabled or not configured.** Users aren't able to save downloaded files from Application Guard to the host operating system.|
-|Allow hardware-accelerated rendering for Microsoft Defender Application Guard|Windows 10 Enterprise, 1803 or higher
Windows 11 Enterprise|Determines whether Microsoft Defender Application Guard renders graphics using hardware or software acceleration.|**Enabled.** This is effective only in managed mode. Microsoft Defender Application Guard uses Hyper-V to access supported, high-security rendering graphics hardware (GPUs). These GPUs improve rendering performance and battery life while using Microsoft Defender Application Guard, particularly for video playback and other graphics-intensive use cases. If this setting is enabled without connecting any high-security rendering graphics hardware, Microsoft Defender Application Guard will automatically revert to software-based (CPU) rendering. **Important:** Enabling this setting with potentially compromised graphics devices or drivers might pose a risk to the host device.
**Disabled or not configured.** Microsoft Defender Application Guard uses software-based (CPU) rendering and won’t load any third-party graphics drivers or interact with any connected graphics hardware.|
+|Allow hardware-accelerated rendering for Microsoft Defender Application Guard|Windows 10 Enterprise, 1803 or higher
Windows 11 Enterprise|Determines whether Microsoft Defender Application Guard renders graphics using hardware or software acceleration.|**Enabled.** This is effective only in managed mode. Microsoft Defender Application Guard uses Hyper-V to access supported, high-security rendering graphics hardware (GPUs). These GPUs improve rendering performance and battery life while using Microsoft Defender Application Guard, particularly for video playback and other graphics-intensive use cases. If this setting is enabled without connecting any high-security rendering graphics hardware, Microsoft Defender Application Guard will automatically revert to software-based (CPU) rendering. **Important:** Enabling this setting with potentially compromised graphics devices or drivers might pose a risk to the host device.
**Disabled or not configured.** Microsoft Defender Application Guard uses software-based (CPU) rendering and won't load any third-party graphics drivers or interact with any connected graphics hardware.|
|Allow camera and microphone access in Microsoft Defender Application Guard|Windows 10 Enterprise, 1809 or higher
Windows 11 Enterprise|Determines whether to allow camera and microphone access inside Microsoft Defender Application Guard.|**Enabled.** This is effective only in managed mode. Applications inside Microsoft Defender Application Guard are able to access the camera and microphone on the user's device. **Important:** Enabling this policy with a potentially compromised container could bypass camera and microphone permissions and access the camera and microphone without the user's knowledge.
**Disabled or not configured.** Applications inside Microsoft Defender Application Guard are unable to access the camera and microphone on the user's device.|
|Allow Microsoft Defender Application Guard to use Root Certificate Authorities from a user's device|Windows 10 Enterprise or Pro, 1809 or higher
Windows 11 Enterprise or Pro|Determines whether Root Certificates are shared with Microsoft Defender Application Guard.|**Enabled.** Certificates matching the specified thumbprint are transferred into the container. Use a comma to separate multiple certificates.
**Disabled or not configured.** Certificates aren't shared with Microsoft Defender Application Guard.|
|Allow auditing events in Microsoft Defender Application Guard|Windows 10 Enterprise, 1809 or higher
Windows 11 Enterprise|This policy setting allows you to decide whether auditing events can be collected from Microsoft Defender Application Guard.|**Enabled.** This is effective only in managed mode. Application Guard inherits auditing policies from your device and logs system events from the Application Guard container to your host.
**Disabled or not configured.** Event logs aren't collected from your Application Guard container.|
-
## Application Guard support dialog settings
These settings are located at `Administrative Templates\Windows Components\Windows Security\Enterprise Customization`. If an error is encountered, you're presented with a dialog box. By default, this dialog box only contains the error information and a button for you to report it to Microsoft via the feedback hub. However, it's possible to provide additional information in the dialog box.
[Use Group Policy to enable and customize contact information](/windows/security/threat-protection/windows-defender-security-center/wdsc-customize-contact-information#use-group-policy-to-enable-and-customize-contact-information).
+
diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md b/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md
index f6a9150ebc..1f4264f709 100644
--- a/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md
+++ b/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md
@@ -1,5 +1,5 @@
---
-title: Microsoft Defender Application Guard (Windows 10 or Windows 11)
+title: Microsoft Defender Application Guard
description: Learn about Microsoft Defender Application Guard and how it helps combat malicious content and malware out on the Internet.
ms.prod: windows-client
ms.mktglfcycl: manage
@@ -26,7 +26,7 @@ ms.topic: conceptual
- Windows 10
- Windows 11
-Microsoft Defender Application Guard (Application Guard) is designed to help prevent old and newly emerging attacks to help keep employees productive. Using our unique hardware isolation approach, our goal is to destroy the playbook that attackers use by making current attack methods obsolete.
+Microsoft Defender Application Guard (MDAG) is designed to help prevent old and newly emerging attacks to help keep employees productive. Using our unique hardware isolation approach, our goal is to destroy the playbook that attackers use by making current attack methods obsolete.
## What is Application Guard and how does it work?
@@ -34,7 +34,6 @@ For Microsoft Edge, Application Guard helps to isolate enterprise-defined untrus
For Microsoft Office, Application Guard helps prevents untrusted Word, PowerPoint and Excel files from accessing trusted resources. Application Guard opens untrusted files in an isolated Hyper-V-enabled container. The isolated Hyper-V container is separate from the host operating system. This container isolation means that if the untrusted site or file turns out to be malicious, the host device is protected, and the attacker can't get to your enterprise data. For example, this approach makes the isolated container anonymous, so an attacker can't get to your employee's enterprise credentials.
-
### What types of devices should use Application Guard?
@@ -51,6 +50,8 @@ Application Guard has been created to target several types of devices:
[!INCLUDE [microsoft-defender-application-guard-mdag-for-edge-standalone-mode](../../../../includes/licensing/microsoft-defender-application-guard-mdag-for-edge-standalone-mode.md)]
+For more information about Microsoft Defender Application Guard (MDAG) for Edge enterprise mode, [Configure Microsoft Defender Application Guard policy settings.](/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard)
+
## Related articles
|Article |Description |
@@ -63,3 +64,4 @@ Application Guard has been created to target several types of devices:
| [Microsoft Defender Application Guard for Microsoft Office](/microsoft-365/security/office-365-security/install-app-guard) | Describes Application Guard for Microsoft Office, including minimum hardware requirements, configuration, and a troubleshooting guide |
|[Frequently asked questions - Microsoft Defender Application Guard](faq-md-app-guard.yml)|Provides answers to frequently asked questions about Application Guard features, integration with the Windows operating system, and general configuration.|
|[Use a network boundary to add trusted sites on Windows devices in Microsoft Intune](/mem/intune/configuration/network-boundary-windows)|Network boundary, a feature that helps you protect your environment from sites that aren't trusted by your organization.|
+
diff --git a/windows/security/threat-protection/microsoft-defender-smartscreen/phishing-protection-microsoft-defender-smartscreen.md b/windows/security/threat-protection/microsoft-defender-smartscreen/phishing-protection-microsoft-defender-smartscreen.md
index 7ca1ed702c..aebf090b15 100644
--- a/windows/security/threat-protection/microsoft-defender-smartscreen/phishing-protection-microsoft-defender-smartscreen.md
+++ b/windows/security/threat-protection/microsoft-defender-smartscreen/phishing-protection-microsoft-defender-smartscreen.md
@@ -19,12 +19,15 @@ ms.topic: conceptual
Starting in Windows 11, version 22H2, Enhanced Phishing Protection in Microsoft Defender SmartScreen helps protect Microsoft school or work passwords against phishing and unsafe usage on sites and apps.
-Enhanced Phishing Protection works alongside Windows security protections, and helps protect typed work or school passwords used to sign into Windows 11 in these ways:
+If a user signs into Windows using a password, Enhanced Phishing Protection works alongside Windows security protections, and helps protect typed work or school password used to sign into Windows 11 in these ways:
- If users type their work or school password on any Chromium browser, into a site deemed malicious by Microsoft Defender SmartScreen, Enhanced Phishing Protection alerts them. It also prompts them to change their password so attackers can't gain access to their account.
- Reusing work or school passwords makes it easy for attackers who compromise a user's password to gain access to their other accounts. Enhanced Phishing Protection can warn users if they reuse their work or school Microsoft account password on sites and apps and prompt them to change their password.
- Since it's unsafe to store plaintext passwords in text editors, Enhanced Phishing Protection can warn users if they store their work or school password in Notepad, Word, or any Microsoft 365 Office app, and recommends they delete their password from the file.
+> [!NOTE]
+> When a user signs-in to a device using a Windows Hello for Business PIN or biometric, Enhanced Phishing Protection does not alert the user or send events to Microsoft Defender for Endpoint.
+
## Benefits of Enhanced Phishing Protection in Microsoft Defender SmartScreen
Enhanced Phishing Protection provides robust phishing protections for work or school passwords that are used to sign into Windows 11. The benefits of Enhanced Phishing Protection are:
@@ -70,7 +73,7 @@ Enhanced Phishing Protection can be configured using the following Administrativ
#### [:::image type="icon" source="images/icons/windows-os.svg"::: **CSP**](#tab/csp)
Enhanced Phishing Protection can be configured using the [WebThreatDefense CSP][WIN-1].
-
+
| Setting | OMA-URI | Data type |
|-------------------------|---------------------------------------------------------------------------|-----------|
| **ServiceEnabled** | `./Device/Vendor/MSFT/Policy/Config/WebThreatDefense/ServiceEnabled` | Integer |
@@ -87,7 +90,7 @@ By default, Enhanced Phishing Protection is deployed in audit mode, preventing n
To better help you protect your organization, we recommend turning on and using these specific Microsoft Defender SmartScreen settings.
#### [:::image type="icon" source="images/icons/intune.svg"::: **Intune**](#tab/intune)
-
+
|Settings catalog element|Recommendation|
|---------|---------|
|Service Enabled|**Enable**: Turns on Enhanced Phishing Protection in audit mode, which captures work or school password entry events and sends diagnostic data but doesn't show any notifications to your users.|
@@ -118,11 +121,10 @@ To better help you protect your organization, we recommend turning on and using
## Related articles
- [SmartScreen Frequently Asked Questions](https://fb.smartscreen.microsoft.com/smartscreenfaq.aspx)
+- [WebThreatDefense CSP][WIN-1]
- [Threat protection](../index.md)
-- [Configuration service provider reference](/windows/client-management/mdm/configuration-service-provider-reference)
-------------
+
[WIN-1]: /windows/client-management/mdm/policy-csp-webthreatdefense
-
-[MEM-2]: /mem/intune/configuration/settings-catalog
\ No newline at end of file
+[MEM-2]: /mem/intune/configuration/settings-catalog
diff --git a/windows/security/threat-protection/override-mitigation-options-for-app-related-security-policies.md b/windows/security/threat-protection/override-mitigation-options-for-app-related-security-policies.md
index 08382b7bd7..9ce8d9bfcc 100644
--- a/windows/security/threat-protection/override-mitigation-options-for-app-related-security-policies.md
+++ b/windows/security/threat-protection/override-mitigation-options-for-app-related-security-policies.md
@@ -1,5 +1,5 @@
---
-title: Override Process Mitigation Options (Windows 10)
+title: Override Process Mitigation Options
description: How to use Group Policy to override individual Process Mitigation Options settings and to help enforce specific app-related security policies.
ms.prod: windows-client
author: aczechowski
diff --git a/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md b/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md
index 3532aaf393..c72345df1e 100644
--- a/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md
+++ b/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md
@@ -1,5 +1,5 @@
---
-title: Mitigate threats by using Windows 10 security features (Windows 10)
+title: Mitigate threats by using Windows 10 security features
description: An overview of software and firmware threats faced in the current security landscape, and the mitigations that Windows 10 offers in response to these threats.
ms.prod: windows-client
ms.localizationpriority: medium
diff --git a/windows/security/threat-protection/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md b/windows/security/threat-protection/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md
index a29c0cb634..dba7799e88 100644
--- a/windows/security/threat-protection/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md
+++ b/windows/security/threat-protection/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md
@@ -1,6 +1,6 @@
---
title: Control the health of Windows devices
-description: This article details an end-to-end solution that helps you protect high-value assets by enforcing, controlling, and reporting the health of Windows 10-based devices.
+description: This article details an end-to-end solution that helps you protect high-value assets by enforcing, controlling, and reporting the health of Windows devices.
ms.prod: windows-client
ms.date: 10/13/2017
ms.localizationpriority: medium
@@ -17,7 +17,7 @@ ms.topic: conceptual
- Windows 10
-This article details an end-to-end solution that helps you protect high-value assets by enforcing, controlling, and reporting the health of Windows 10-based devices.
+This article details an end-to-end solution that helps you protect high-value assets by enforcing, controlling, and reporting the health of Windows devices.
## Introduction
diff --git a/windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md b/windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md
index 5ac230e0ed..dc6bf37ae5 100644
--- a/windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md
+++ b/windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md
@@ -1,5 +1,5 @@
---
-title: Access Credential Manager as a trusted caller (Windows 10)
+title: Access Credential Manager as a trusted caller
description: Describes best practices, security considerations, and more for the security policy setting, Access Credential Manager as a trusted caller.
ms.assetid: a51820d2-ca5b-47dd-8e9b-d7008603db88
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/access-this-computer-from-the-network.md b/windows/security/threat-protection/security-policy-settings/access-this-computer-from-the-network.md
index 7f643514fc..b5ace4fc62 100644
--- a/windows/security/threat-protection/security-policy-settings/access-this-computer-from-the-network.md
+++ b/windows/security/threat-protection/security-policy-settings/access-this-computer-from-the-network.md
@@ -1,5 +1,5 @@
---
-title: Access this computer from the network - security policy setting (Windows 10)
+title: Access this computer from the network - security policy setting
description: Describes the best practices, location, values, policy management, and security considerations for the Access this computer from the network security policy setting.
ms.assetid: f6767bc2-83d1-45f1-847c-54f5362db022
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/account-lockout-duration.md b/windows/security/threat-protection/security-policy-settings/account-lockout-duration.md
index 713bd9297b..89634c3e27 100644
--- a/windows/security/threat-protection/security-policy-settings/account-lockout-duration.md
+++ b/windows/security/threat-protection/security-policy-settings/account-lockout-duration.md
@@ -1,5 +1,5 @@
---
-title: Account lockout duration (Windows 10)
+title: Account lockout duration
description: Describes the best practices, location, values, and security considerations for the Account lockout duration security policy setting.
ms.assetid: a4167bf4-27c3-4a9b-8ef0-04e3c6ec3aa4
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/account-lockout-policy.md b/windows/security/threat-protection/security-policy-settings/account-lockout-policy.md
index 301d74416d..fe39bbcede 100644
--- a/windows/security/threat-protection/security-policy-settings/account-lockout-policy.md
+++ b/windows/security/threat-protection/security-policy-settings/account-lockout-policy.md
@@ -1,5 +1,5 @@
---
-title: Account Lockout Policy (Windows 10)
+title: Account Lockout Policy
description: Describes the Account Lockout Policy settings and links to information about each policy setting.
ms.assetid: eb968c28-17c5-405f-b413-50728cb7b724
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/account-lockout-threshold.md b/windows/security/threat-protection/security-policy-settings/account-lockout-threshold.md
index 1aa90a6526..9681c928ff 100644
--- a/windows/security/threat-protection/security-policy-settings/account-lockout-threshold.md
+++ b/windows/security/threat-protection/security-policy-settings/account-lockout-threshold.md
@@ -1,5 +1,5 @@
---
-title: Account lockout threshold (Windows 10)
+title: Account lockout threshold
description: Describes the best practices, location, values, and security considerations for the Account lockout threshold security policy setting.
ms.assetid: 4904bb40-a2bd-4fef-a102-260ba8d74e30
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/account-policies.md b/windows/security/threat-protection/security-policy-settings/account-policies.md
index b3031beef7..a3fdbe5a3f 100644
--- a/windows/security/threat-protection/security-policy-settings/account-policies.md
+++ b/windows/security/threat-protection/security-policy-settings/account-policies.md
@@ -1,5 +1,5 @@
---
-title: Account Policies (Windows 10)
+title: Account Policies
description: An overview of account policies in Windows and provides links to policy descriptions.
ms.assetid: 711b3797-b87a-4cd9-a2e3-1f8ef18688fb
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/accounts-administrator-account-status.md b/windows/security/threat-protection/security-policy-settings/accounts-administrator-account-status.md
index e247a80951..23e43f6d45 100644
--- a/windows/security/threat-protection/security-policy-settings/accounts-administrator-account-status.md
+++ b/windows/security/threat-protection/security-policy-settings/accounts-administrator-account-status.md
@@ -1,5 +1,5 @@
---
-title: Accounts Administrator account status (Windows 10)
+title: Accounts Administrator account status
description: Describes the best practices, location, values, and security considerations for the Accounts Administrator account status security policy setting.
ms.assetid: 71a3bd48-1014-49e0-a936-bfe9433af23e
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/accounts-block-microsoft-accounts.md b/windows/security/threat-protection/security-policy-settings/accounts-block-microsoft-accounts.md
index 760392434f..b19acf6ade 100644
--- a/windows/security/threat-protection/security-policy-settings/accounts-block-microsoft-accounts.md
+++ b/windows/security/threat-protection/security-policy-settings/accounts-block-microsoft-accounts.md
@@ -1,5 +1,5 @@
---
-title: Accounts Block Microsoft accounts (Windows 10)
+title: Accounts Block Microsoft accounts
description: Describes the best practices, location, values, management, and security considerations for the Accounts Block Microsoft accounts security policy setting.
ms.assetid: 94c76f45-057c-4d80-8d01-033cf28ef2f7
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/accounts-guest-account-status.md b/windows/security/threat-protection/security-policy-settings/accounts-guest-account-status.md
index f23fc8dd7e..ca1a50819a 100644
--- a/windows/security/threat-protection/security-policy-settings/accounts-guest-account-status.md
+++ b/windows/security/threat-protection/security-policy-settings/accounts-guest-account-status.md
@@ -1,5 +1,5 @@
---
-title: Accounts Guest account status - security policy setting (Windows 10)
+title: Accounts Guest account status - security policy setting
description: Describes the best practices, location, values, and security considerations for the Accounts Guest account status security policy setting.
ms.assetid: 07e53fc5-b495-4d02-ab42-5b245d10d0ce
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only.md b/windows/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only.md
index 6b3f24d9e6..05b4e8f3ea 100644
--- a/windows/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only.md
+++ b/windows/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only.md
@@ -1,5 +1,5 @@
---
-title: Accounts Limit local account use of blank passwords (Windows 10)
+title: Accounts Limit local account use of blank passwords
description: Learn best practices, security considerations, and more for the policy setting, Accounts Limit local account use of blank passwords to console logon only.
ms.assetid: a1bfb58b-1ae8-4de9-832b-aa889a6e64bd
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/accounts-rename-administrator-account.md b/windows/security/threat-protection/security-policy-settings/accounts-rename-administrator-account.md
index bd8090dfe7..0e9b3c3257 100644
--- a/windows/security/threat-protection/security-policy-settings/accounts-rename-administrator-account.md
+++ b/windows/security/threat-protection/security-policy-settings/accounts-rename-administrator-account.md
@@ -1,5 +1,5 @@
---
-title: Accounts Rename administrator account (Windows 10)
+title: Accounts Rename administrator account
description: This security policy reference topic for the IT professional describes the best practices, location, values, and security considerations for this policy setting.
ms.assetid: d21308eb-7c60-4e48-8747-62b8109844f9
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/accounts-rename-guest-account.md b/windows/security/threat-protection/security-policy-settings/accounts-rename-guest-account.md
index 6bfcf412ae..da35071790 100644
--- a/windows/security/threat-protection/security-policy-settings/accounts-rename-guest-account.md
+++ b/windows/security/threat-protection/security-policy-settings/accounts-rename-guest-account.md
@@ -1,5 +1,5 @@
---
-title: Accounts Rename guest account - security policy setting (Windows 10)
+title: Accounts Rename guest account - security policy setting
description: Describes the best practices, location, values, and security considerations for the Accounts Rename guest account security policy setting.
ms.assetid: 9b8052b4-bbb9-4cc1-bfee-ce25390db707
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/act-as-part-of-the-operating-system.md b/windows/security/threat-protection/security-policy-settings/act-as-part-of-the-operating-system.md
index ed12776057..d8915c4e18 100644
--- a/windows/security/threat-protection/security-policy-settings/act-as-part-of-the-operating-system.md
+++ b/windows/security/threat-protection/security-policy-settings/act-as-part-of-the-operating-system.md
@@ -1,5 +1,5 @@
---
-title: Act as part of the operating system (Windows 10)
+title: Act as part of the operating system
description: Describes the best practices, location, values, policy management, and security considerations for the Act as part of the operating system security policy setting.
ms.assetid: c1b7e084-a9f7-4377-b678-07cc913c8b0c
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/adjust-memory-quotas-for-a-process.md b/windows/security/threat-protection/security-policy-settings/adjust-memory-quotas-for-a-process.md
index af89003808..5ec3171725 100644
--- a/windows/security/threat-protection/security-policy-settings/adjust-memory-quotas-for-a-process.md
+++ b/windows/security/threat-protection/security-policy-settings/adjust-memory-quotas-for-a-process.md
@@ -1,5 +1,5 @@
---
-title: Adjust memory quotas for a process (Windows 10)
+title: Adjust memory quotas for a process
description: Describes the best practices, location, values, policy management, and security considerations for the Adjust memory quotas for a process security policy setting.
ms.assetid: 6754a2c8-6d07-4567-9af3-335fd8dd7626
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/administer-security-policy-settings.md b/windows/security/threat-protection/security-policy-settings/administer-security-policy-settings.md
index 9994324c08..bca371957d 100644
--- a/windows/security/threat-protection/security-policy-settings/administer-security-policy-settings.md
+++ b/windows/security/threat-protection/security-policy-settings/administer-security-policy-settings.md
@@ -1,5 +1,5 @@
---
-title: Administer security policy settings (Windows 10)
+title: Administer security policy settings
description: This article discusses different methods to administer security policy settings on a local device or throughout a small- or medium-sized organization.
ms.assetid: 7617d885-9d28-437a-9371-171197407599
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/allow-log-on-locally.md b/windows/security/threat-protection/security-policy-settings/allow-log-on-locally.md
index 475bd01f46..fd5538b2a7 100644
--- a/windows/security/threat-protection/security-policy-settings/allow-log-on-locally.md
+++ b/windows/security/threat-protection/security-policy-settings/allow-log-on-locally.md
@@ -1,5 +1,5 @@
---
-title: Allow log on locally - security policy setting (Windows 10)
+title: Allow log on locally - security policy setting
description: Describes the best practices, location, values, policy management, and security considerations for the Allow log on locally security policy setting.
ms.assetid: d9e5e1f3-3bff-4da7-a9a2-4bb3e0c79055
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/allow-log-on-through-remote-desktop-services.md b/windows/security/threat-protection/security-policy-settings/allow-log-on-through-remote-desktop-services.md
index fd5a84fe03..aa212b8064 100644
--- a/windows/security/threat-protection/security-policy-settings/allow-log-on-through-remote-desktop-services.md
+++ b/windows/security/threat-protection/security-policy-settings/allow-log-on-through-remote-desktop-services.md
@@ -1,5 +1,5 @@
---
-title: Allow log on through Remote Desktop Services (Windows 10)
+title: Allow log on through Remote Desktop Services
description: Best practices, location, values, policy management, and security considerations for the security policy setting. Allow a sign-in through Remote Desktop Services.
ms.assetid: 6267c376-8199-4f2b-ae56-9c5424e76798
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/audit-audit-the-access-of-global-system-objects.md b/windows/security/threat-protection/security-policy-settings/audit-audit-the-access-of-global-system-objects.md
index d5f0c9641a..5957adf4ab 100644
--- a/windows/security/threat-protection/security-policy-settings/audit-audit-the-access-of-global-system-objects.md
+++ b/windows/security/threat-protection/security-policy-settings/audit-audit-the-access-of-global-system-objects.md
@@ -1,5 +1,5 @@
---
-title: Audit the access of global system objects (Windows 10)
+title: Audit the access of global system objects
description: Describes the best practices, location, values, and security considerations for the audit of the access to global system objects security policy setting.
ms.assetid: 20d40a79-ce89-45e6-9bb4-148f83958460
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/audit-force-audit-policy-subcategory-settings-to-override.md b/windows/security/threat-protection/security-policy-settings/audit-force-audit-policy-subcategory-settings-to-override.md
index 42e645eb95..5caf39e495 100644
--- a/windows/security/threat-protection/security-policy-settings/audit-force-audit-policy-subcategory-settings-to-override.md
+++ b/windows/security/threat-protection/security-policy-settings/audit-force-audit-policy-subcategory-settings-to-override.md
@@ -1,5 +1,5 @@
---
-title: Audit Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings (Windows 10)
+title: Audit Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings
description: Learn more about the security policy setting, Audit Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings.
ms.assetid: 8ddc06bc-b6d6-4bac-9051-e0d77035bd4e
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/audit-policy.md b/windows/security/threat-protection/security-policy-settings/audit-policy.md
index 5130a2112d..a542276f2e 100644
--- a/windows/security/threat-protection/security-policy-settings/audit-policy.md
+++ b/windows/security/threat-protection/security-policy-settings/audit-policy.md
@@ -1,5 +1,5 @@
---
-title: Audit Policy (Windows 10)
+title: Audit Policy
description: Provides information about basic audit policies that are available in Windows and links to information about each setting.
ms.assetid: 2e8ea400-e555-43e5-89d6-0898cb89da90
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/audit-shut-down-system-immediately-if-unable-to-log-security-audits.md b/windows/security/threat-protection/security-policy-settings/audit-shut-down-system-immediately-if-unable-to-log-security-audits.md
index 614fbe0d12..61bd4aecfc 100644
--- a/windows/security/threat-protection/security-policy-settings/audit-shut-down-system-immediately-if-unable-to-log-security-audits.md
+++ b/windows/security/threat-protection/security-policy-settings/audit-shut-down-system-immediately-if-unable-to-log-security-audits.md
@@ -1,5 +1,5 @@
---
-title: Audit Shut down system immediately if unable to log security audits (Windows 10)
+title: Audit Shut down system immediately if unable to log security audits
description: Best practices, security considerations, and more for the security policy setting, Audit Shut down system immediately if unable to log security audits.
ms.assetid: 2cd23cd9-0e44-4d0b-a1f1-39fc29303826
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/back-up-files-and-directories.md b/windows/security/threat-protection/security-policy-settings/back-up-files-and-directories.md
index 99590d638b..40d4bdfda2 100644
--- a/windows/security/threat-protection/security-policy-settings/back-up-files-and-directories.md
+++ b/windows/security/threat-protection/security-policy-settings/back-up-files-and-directories.md
@@ -1,5 +1,5 @@
---
-title: Back up files and directories - security policy setting (Windows 10)
+title: Back up files and directories - security policy setting
description: Describes the recommended practices, location, values, policy management, and security considerations for the Back up files and directories security policy setting.
ms.assetid: 1cd6bdd5-1501-41f4-98b9-acf29ac173ae
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/bypass-traverse-checking.md b/windows/security/threat-protection/security-policy-settings/bypass-traverse-checking.md
index f401dbbe3c..6f06c8e9a2 100644
--- a/windows/security/threat-protection/security-policy-settings/bypass-traverse-checking.md
+++ b/windows/security/threat-protection/security-policy-settings/bypass-traverse-checking.md
@@ -1,5 +1,5 @@
---
-title: Bypass traverse checking (Windows 10)
+title: Bypass traverse checking
description: Describes the best practices, location, values, policy management, and security considerations for the Bypass traverse checking security policy setting.
ms.assetid: 1c828655-68d3-4140-aa0f-caa903a7087e
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/change-the-system-time.md b/windows/security/threat-protection/security-policy-settings/change-the-system-time.md
index 02cbb94d06..e09a09a6bb 100644
--- a/windows/security/threat-protection/security-policy-settings/change-the-system-time.md
+++ b/windows/security/threat-protection/security-policy-settings/change-the-system-time.md
@@ -1,5 +1,5 @@
---
-title: Change the system time - security policy setting (Windows 10)
+title: Change the system time - security policy setting
description: Describes the best practices, location, values, policy management, and security considerations for the Change the system time security policy setting.
ms.assetid: f2f6637d-acbc-4352-8ca3-ec563f918e65
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/change-the-time-zone.md b/windows/security/threat-protection/security-policy-settings/change-the-time-zone.md
index d8dfd97662..dffd58d25b 100644
--- a/windows/security/threat-protection/security-policy-settings/change-the-time-zone.md
+++ b/windows/security/threat-protection/security-policy-settings/change-the-time-zone.md
@@ -1,5 +1,5 @@
---
-title: Change the time zone - security policy setting (Windows 10)
+title: Change the time zone - security policy setting
description: Describes the best practices, location, values, policy management, and security considerations for the Change the time zone security policy setting.
ms.assetid: 3b1afae4-68bb-472f-a43e-49e300d73e50
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/create-a-pagefile.md b/windows/security/threat-protection/security-policy-settings/create-a-pagefile.md
index a5438297fd..0a179de698 100644
--- a/windows/security/threat-protection/security-policy-settings/create-a-pagefile.md
+++ b/windows/security/threat-protection/security-policy-settings/create-a-pagefile.md
@@ -1,5 +1,5 @@
---
-title: Create a pagefile - security policy setting (Windows 10)
+title: Create a pagefile - security policy setting
description: Describes the best practices, location, values, policy management, and security considerations for the Create a pagefile security policy setting.
ms.assetid: dc087897-459d-414b-abe0-cd86c8dccdea
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/create-a-token-object.md b/windows/security/threat-protection/security-policy-settings/create-a-token-object.md
index 727912a7ca..90c8d547a4 100644
--- a/windows/security/threat-protection/security-policy-settings/create-a-token-object.md
+++ b/windows/security/threat-protection/security-policy-settings/create-a-token-object.md
@@ -1,5 +1,5 @@
---
-title: Create a token object (Windows 10)
+title: Create a token object
description: Describes the best practices, location, values, policy management, and security considerations for the Create a token object security policy setting.
ms.assetid: bfbf52fc-6ba4-442a-9df7-bd277e55729c
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/create-global-objects.md b/windows/security/threat-protection/security-policy-settings/create-global-objects.md
index f6be4d3ed7..748588c0e1 100644
--- a/windows/security/threat-protection/security-policy-settings/create-global-objects.md
+++ b/windows/security/threat-protection/security-policy-settings/create-global-objects.md
@@ -1,5 +1,5 @@
---
-title: Create global objects (Windows 10)
+title: Create global objects
description: Describes the best practices, location, values, policy management, and security considerations for the Create global objects security policy setting.
ms.assetid: 9cb6247b-44fc-4815-86f2-cb59b6f0221e
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/create-permanent-shared-objects.md b/windows/security/threat-protection/security-policy-settings/create-permanent-shared-objects.md
index 38fb6346f9..29994f1b96 100644
--- a/windows/security/threat-protection/security-policy-settings/create-permanent-shared-objects.md
+++ b/windows/security/threat-protection/security-policy-settings/create-permanent-shared-objects.md
@@ -1,5 +1,5 @@
---
-title: Create permanent shared objects (Windows 10)
+title: Create permanent shared objects
description: Describes the best practices, location, values, policy management, and security considerations for the Create permanent shared objects security policy setting.
ms.assetid: 6a58438d-65ca-4c4a-a584-450eed976649
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/create-symbolic-links.md b/windows/security/threat-protection/security-policy-settings/create-symbolic-links.md
index cc0957e9e8..e728e58567 100644
--- a/windows/security/threat-protection/security-policy-settings/create-symbolic-links.md
+++ b/windows/security/threat-protection/security-policy-settings/create-symbolic-links.md
@@ -1,5 +1,5 @@
---
-title: Create symbolic links (Windows 10)
+title: Create symbolic links
description: Describes the best practices, location, values, policy management, and security considerations for the Create symbolic links security policy setting.
ms.assetid: 882922b9-0ff8-4ee9-8afc-4475515ee3fd
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/dcom-machine-access-restrictions-in-security-descriptor-definition-language-sddl-syntax.md b/windows/security/threat-protection/security-policy-settings/dcom-machine-access-restrictions-in-security-descriptor-definition-language-sddl-syntax.md
index b2b90cdc1f..63272a0b01 100644
--- a/windows/security/threat-protection/security-policy-settings/dcom-machine-access-restrictions-in-security-descriptor-definition-language-sddl-syntax.md
+++ b/windows/security/threat-protection/security-policy-settings/dcom-machine-access-restrictions-in-security-descriptor-definition-language-sddl-syntax.md
@@ -1,5 +1,5 @@
---
-title: DCOM Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax (Windows 10)
+title: DCOM Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax
description: Learn about best practices and more for the syntax policy setting, DCOM Machine Access Restrictions in Security Descriptor Definition Language (SDDL).
ms.assetid: 0fe3521a-5252-44df-8a47-8d92cf936e7c
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/dcom-machine-launch-restrictions-in-security-descriptor-definition-language-sddl-syntax.md b/windows/security/threat-protection/security-policy-settings/dcom-machine-launch-restrictions-in-security-descriptor-definition-language-sddl-syntax.md
index e549425217..81cfb68761 100644
--- a/windows/security/threat-protection/security-policy-settings/dcom-machine-launch-restrictions-in-security-descriptor-definition-language-sddl-syntax.md
+++ b/windows/security/threat-protection/security-policy-settings/dcom-machine-launch-restrictions-in-security-descriptor-definition-language-sddl-syntax.md
@@ -1,5 +1,5 @@
---
-title: DCOM Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax (Windows 10)
+title: DCOM Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax
description: Best practices and more for the security policy setting, DCOM Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax.
ms.assetid: 4b95d45f-dd62-4c34-ba32-43954528dabe
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/debug-programs.md b/windows/security/threat-protection/security-policy-settings/debug-programs.md
index 7b72217ab7..d5058a6e3f 100644
--- a/windows/security/threat-protection/security-policy-settings/debug-programs.md
+++ b/windows/security/threat-protection/security-policy-settings/debug-programs.md
@@ -1,5 +1,5 @@
---
-title: Debug programs (Windows 10)
+title: Debug programs
description: Describes the best practices, location, values, policy management, and security considerations for the Debug programs security policy setting.
ms.assetid: 594d9f2c-8ffc-444b-9522-75615ec87786
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/deny-access-to-this-computer-from-the-network.md b/windows/security/threat-protection/security-policy-settings/deny-access-to-this-computer-from-the-network.md
index 9dc9bb9d38..b069fd1da1 100644
--- a/windows/security/threat-protection/security-policy-settings/deny-access-to-this-computer-from-the-network.md
+++ b/windows/security/threat-protection/security-policy-settings/deny-access-to-this-computer-from-the-network.md
@@ -1,5 +1,5 @@
---
-title: Deny access to this computer from the network (Windows 10)
+title: Deny access to this computer from the network
description: Best practices, location, values, policy management, and security considerations for the Deny access to this computer from the network security policy setting.
ms.assetid: 935e9f89-951b-4163-b186-fc325682bb0b
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-batch-job.md b/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-batch-job.md
index d832f6a8ba..42bdc8d2a2 100644
--- a/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-batch-job.md
+++ b/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-batch-job.md
@@ -1,5 +1,5 @@
---
-title: Deny log on as a batch job (Windows 10)
+title: Deny log on as a batch job
description: Describes the best practices, location, values, policy management, and security considerations for the Deny log on as a batch job security policy setting.
ms.assetid: 0ac36ebd-5e28-4b6a-9b4e-8924c6ecf44b
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-service.md b/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-service.md
index 22b448bed6..8e61df03d2 100644
--- a/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-service.md
+++ b/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-service.md
@@ -1,5 +1,5 @@
---
-title: Deny log on as a service (Windows 10)
+title: Deny log on as a service
description: Describes the best practices, location, values, policy management, and security considerations for the Deny log on as a service security policy setting.
ms.assetid: f1114964-df86-4278-9b11-e35c66949794
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/deny-log-on-locally.md b/windows/security/threat-protection/security-policy-settings/deny-log-on-locally.md
index 1ef7bc4a08..8cc1881127 100644
--- a/windows/security/threat-protection/security-policy-settings/deny-log-on-locally.md
+++ b/windows/security/threat-protection/security-policy-settings/deny-log-on-locally.md
@@ -1,5 +1,5 @@
---
-title: Deny log on locally (Windows 10)
+title: Deny log on locally
description: Describes the best practices, location, values, policy management, and security considerations for the Deny log on locally security policy setting.
ms.assetid: 00150e88-ec9c-43e1-a70d-33bfe10434db
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/deny-log-on-through-remote-desktop-services.md b/windows/security/threat-protection/security-policy-settings/deny-log-on-through-remote-desktop-services.md
index 2bc5898d13..6a3f748155 100644
--- a/windows/security/threat-protection/security-policy-settings/deny-log-on-through-remote-desktop-services.md
+++ b/windows/security/threat-protection/security-policy-settings/deny-log-on-through-remote-desktop-services.md
@@ -1,5 +1,5 @@
---
-title: Deny log on through Remote Desktop Services (Windows 10)
+title: Deny log on through Remote Desktop Services
description: Best practices, location, values, policy management, and security considerations for the security policy setting, Deny log on through Remote Desktop Services.
ms.assetid: 84bbb807-287c-4acc-a094-cf0ffdcbca67
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/devices-allow-undock-without-having-to-log-on.md b/windows/security/threat-protection/security-policy-settings/devices-allow-undock-without-having-to-log-on.md
index 42bcd1198e..c0ec06ad12 100644
--- a/windows/security/threat-protection/security-policy-settings/devices-allow-undock-without-having-to-log-on.md
+++ b/windows/security/threat-protection/security-policy-settings/devices-allow-undock-without-having-to-log-on.md
@@ -1,5 +1,5 @@
---
-title: Devices Allow undock without having to log on (Windows 10)
+title: Devices Allow undock without having to log on
description: Describes the best practices, location, values, and security considerations for the Devices Allow undock without having to sign in security policy setting.
ms.assetid: 1d403f5d-ad41-4bb4-9f4a-0779c1c14b8c
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/devices-allowed-to-format-and-eject-removable-media.md b/windows/security/threat-protection/security-policy-settings/devices-allowed-to-format-and-eject-removable-media.md
index f27b736149..c27928a04e 100644
--- a/windows/security/threat-protection/security-policy-settings/devices-allowed-to-format-and-eject-removable-media.md
+++ b/windows/security/threat-protection/security-policy-settings/devices-allowed-to-format-and-eject-removable-media.md
@@ -1,5 +1,5 @@
---
-title: Devices Allowed to format and eject removable media (Windows 10)
+title: Devices Allowed to format and eject removable media
description: Describes the best practices, location, values, and security considerations for the Devices Allowed to format and eject removable media security policy setting.
ms.assetid: d1b42425-7244-4ab1-9d46-d68de823459c
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/devices-prevent-users-from-installing-printer-drivers.md b/windows/security/threat-protection/security-policy-settings/devices-prevent-users-from-installing-printer-drivers.md
index 48ec7ee37d..40487ac65b 100644
--- a/windows/security/threat-protection/security-policy-settings/devices-prevent-users-from-installing-printer-drivers.md
+++ b/windows/security/threat-protection/security-policy-settings/devices-prevent-users-from-installing-printer-drivers.md
@@ -1,5 +1,5 @@
---
-title: Devices Prevent users from installing printer drivers (Windows 10)
+title: Devices Prevent users from installing printer drivers
description: Describes the best practices, location, values, and security considerations for the Devices Prevent users from installing printer drivers security policy setting.
ms.assetid: ab70a122-f7f9-47e0-ad8c-541f30a27ec3
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/devices-restrict-cd-rom-access-to-locally-logged-on-user-only.md b/windows/security/threat-protection/security-policy-settings/devices-restrict-cd-rom-access-to-locally-logged-on-user-only.md
index 606f90388d..2f3acd5122 100644
--- a/windows/security/threat-protection/security-policy-settings/devices-restrict-cd-rom-access-to-locally-logged-on-user-only.md
+++ b/windows/security/threat-protection/security-policy-settings/devices-restrict-cd-rom-access-to-locally-logged-on-user-only.md
@@ -1,5 +1,5 @@
---
-title: Restrict CD-ROM access to locally logged-on user (Windows 10)
+title: Restrict CD-ROM access to locally logged-on user
description: Describes the best practices, location, values, and security considerations for the Devices Restrict CD-ROM access to locally logged-on user only security policy setting.
ms.assetid: 8b8f44bb-84ce-4f18-af30-ab89910e234d
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/devices-restrict-floppy-access-to-locally-logged-on-user-only.md b/windows/security/threat-protection/security-policy-settings/devices-restrict-floppy-access-to-locally-logged-on-user-only.md
index f678d28b4a..511ccc907f 100644
--- a/windows/security/threat-protection/security-policy-settings/devices-restrict-floppy-access-to-locally-logged-on-user-only.md
+++ b/windows/security/threat-protection/security-policy-settings/devices-restrict-floppy-access-to-locally-logged-on-user-only.md
@@ -1,5 +1,5 @@
---
-title: Devices Restrict floppy access to locally logged-on user only (Windows 10)
+title: Devices Restrict floppy access to locally logged-on user only
description: Describes the best practices, location, values, and security considerations for the Devices Restrict floppy access to locally logged-on user only security policy setting.
ms.assetid: 92997910-da95-4c03-ae6f-832915423898
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-or-sign-secure-channel-data-always.md b/windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-or-sign-secure-channel-data-always.md
index 497ae0dcf3..d918369b03 100644
--- a/windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-or-sign-secure-channel-data-always.md
+++ b/windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-or-sign-secure-channel-data-always.md
@@ -1,5 +1,5 @@
---
-title: Domain member Digitally encrypt or sign secure channel data (always) (Windows 10)
+title: Domain member Digitally encrypt or sign secure channel data (always)
description: Best practices, location, values, and security considerations for the policy setting, Domain member Digitally encrypt or sign secure channel data (always).
ms.assetid: 4480c7cb-adca-4f29-b4b8-06eb68d272bf
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-secure-channel-data-when-possible.md b/windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-secure-channel-data-when-possible.md
index ee6200237d..c277be4b30 100644
--- a/windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-secure-channel-data-when-possible.md
+++ b/windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-secure-channel-data-when-possible.md
@@ -1,5 +1,5 @@
---
-title: Domain member Digitally encrypt secure channel data (when possible) (Windows 10)
+title: Domain member Digitally encrypt secure channel data (when possible)
description: Best practices, security considerations, and more for the security policy setting, Domain member Digitally encrypt secure channel data (when possible).
ms.assetid: 73e6023e-0af3-4531-8238-82f0f0e4965b
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/domain-member-digitally-sign-secure-channel-data-when-possible.md b/windows/security/threat-protection/security-policy-settings/domain-member-digitally-sign-secure-channel-data-when-possible.md
index fa4519f654..302edcac50 100644
--- a/windows/security/threat-protection/security-policy-settings/domain-member-digitally-sign-secure-channel-data-when-possible.md
+++ b/windows/security/threat-protection/security-policy-settings/domain-member-digitally-sign-secure-channel-data-when-possible.md
@@ -1,5 +1,5 @@
---
-title: Domain member Digitally sign secure channel data (when possible) (Windows 10)
+title: Domain member Digitally sign secure channel data (when possible)
description: Best practices, location, values, and security considerations for the security policy setting, Domain member Digitally sign secure channel data (when possible).
ms.assetid: a643e491-4f45-40ea-b12c-4dbe47e54f34
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/domain-member-disable-machine-account-password-changes.md b/windows/security/threat-protection/security-policy-settings/domain-member-disable-machine-account-password-changes.md
index 29cc577b0b..72e15d7783 100644
--- a/windows/security/threat-protection/security-policy-settings/domain-member-disable-machine-account-password-changes.md
+++ b/windows/security/threat-protection/security-policy-settings/domain-member-disable-machine-account-password-changes.md
@@ -1,5 +1,5 @@
---
-title: Domain member Disable machine account password changes (Windows 10)
+title: Domain member Disable machine account password changes
description: Describes the best practices, location, values, and security considerations for the Domain member Disable machine account password changes security policy setting.
ms.assetid: 1f660300-a07a-4243-a09f-140aa1ab8867
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/domain-member-maximum-machine-account-password-age.md b/windows/security/threat-protection/security-policy-settings/domain-member-maximum-machine-account-password-age.md
index ac46532629..aacfa76378 100644
--- a/windows/security/threat-protection/security-policy-settings/domain-member-maximum-machine-account-password-age.md
+++ b/windows/security/threat-protection/security-policy-settings/domain-member-maximum-machine-account-password-age.md
@@ -1,5 +1,5 @@
---
-title: Domain member Maximum machine account password age (Windows 10)
+title: Domain member Maximum machine account password age
description: Describes the best practices, location, values, and security considerations for the Domain member Maximum machine account password age security policy setting.
ms.assetid: 0ec6f7c1-4d82-4339-94c0-debb2d1ac109
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/domain-member-require-strong-windows-2000-or-later-session-key.md b/windows/security/threat-protection/security-policy-settings/domain-member-require-strong-windows-2000-or-later-session-key.md
index ba84a03cc1..d5c4b65fcc 100644
--- a/windows/security/threat-protection/security-policy-settings/domain-member-require-strong-windows-2000-or-later-session-key.md
+++ b/windows/security/threat-protection/security-policy-settings/domain-member-require-strong-windows-2000-or-later-session-key.md
@@ -1,5 +1,5 @@
---
-title: Domain member Require strong (Windows 2000 or later) session key (Windows 10)
+title: Domain member Require strong (Windows 2000 or later) session key
description: Best practices, location, values, and security considerations for the security policy setting, Domain member Require strong (Windows 2000 or later) session key.
ms.assetid: 5ab8993c-5086-4f09-bc88-1b27454526bd
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation.md b/windows/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation.md
index 6c8e9a5f36..ec6ef4ec58 100644
--- a/windows/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation.md
+++ b/windows/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation.md
@@ -1,5 +1,5 @@
---
-title: Trust computer and user accounts for delegation (Windows 10)
+title: Trust computer and user accounts for delegation
description: Learn about best practices, security considerations and more for the security policy setting, Enable computer and user accounts to be trusted for delegation.
ms.assetid: 524062d4-1595-41f3-8ce1-9c85fd21497b
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/enforce-password-history.md b/windows/security/threat-protection/security-policy-settings/enforce-password-history.md
index 5c1bb1ef3b..69915eba98 100644
--- a/windows/security/threat-protection/security-policy-settings/enforce-password-history.md
+++ b/windows/security/threat-protection/security-policy-settings/enforce-password-history.md
@@ -1,5 +1,5 @@
---
-title: Enforce password history (Windows 10)
+title: Enforce password history
description: Describes the best practices, location, values, policy management, and security considerations for the Enforce password history security policy setting.
ms.assetid: 8b2ab871-3e52-4dd1-9776-68bb1e935442
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/enforce-user-logon-restrictions.md b/windows/security/threat-protection/security-policy-settings/enforce-user-logon-restrictions.md
index 0b360cffa1..a119f6c131 100644
--- a/windows/security/threat-protection/security-policy-settings/enforce-user-logon-restrictions.md
+++ b/windows/security/threat-protection/security-policy-settings/enforce-user-logon-restrictions.md
@@ -1,5 +1,5 @@
---
-title: Enforce user logon restrictions (Windows 10)
+title: Enforce user logon restrictions
description: Describes the best practices, location, values, policy management, and security considerations for the Enforce user logon restrictions security policy setting.
ms.assetid: 5891cb73-f1ec-48b9-b703-39249e48a29f
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/force-shutdown-from-a-remote-system.md b/windows/security/threat-protection/security-policy-settings/force-shutdown-from-a-remote-system.md
index 8b13dfac68..bb10d2ce82 100644
--- a/windows/security/threat-protection/security-policy-settings/force-shutdown-from-a-remote-system.md
+++ b/windows/security/threat-protection/security-policy-settings/force-shutdown-from-a-remote-system.md
@@ -1,5 +1,5 @@
---
-title: Force shutdown from a remote system (Windows 10)
+title: Force shutdown from a remote system
description: Describes the best practices, location, values, policy management, and security considerations for the Force shutdown from a remote system security policy setting.
ms.assetid: 63129243-31ea-42a4-a598-c7064f48a3df
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/generate-security-audits.md b/windows/security/threat-protection/security-policy-settings/generate-security-audits.md
index ed57ea1a97..5b8810a11e 100644
--- a/windows/security/threat-protection/security-policy-settings/generate-security-audits.md
+++ b/windows/security/threat-protection/security-policy-settings/generate-security-audits.md
@@ -1,5 +1,5 @@
---
-title: Generate security audits (Windows 10)
+title: Generate security audits
description: Describes the best practices, location, values, policy management, and security considerations for the Generate security audits security policy setting.
ms.assetid: c0e1cd80-840e-4c74-917c-5c2349de885f
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/how-to-configure-security-policy-settings.md b/windows/security/threat-protection/security-policy-settings/how-to-configure-security-policy-settings.md
index f28c135001..8d0ace0072 100644
--- a/windows/security/threat-protection/security-policy-settings/how-to-configure-security-policy-settings.md
+++ b/windows/security/threat-protection/security-policy-settings/how-to-configure-security-policy-settings.md
@@ -1,5 +1,5 @@
---
-title: Configure security policy settings (Windows 10)
+title: Configure security policy settings
description: Describes steps to configure a security policy setting on the local device, on a domain-joined device, and on a domain controller.
ms.assetid: 63b0967b-a9fe-4d92-90af-67469ee20320
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/impersonate-a-client-after-authentication.md b/windows/security/threat-protection/security-policy-settings/impersonate-a-client-after-authentication.md
index e2a1861c80..698d38e82a 100644
--- a/windows/security/threat-protection/security-policy-settings/impersonate-a-client-after-authentication.md
+++ b/windows/security/threat-protection/security-policy-settings/impersonate-a-client-after-authentication.md
@@ -1,5 +1,5 @@
---
-title: Impersonate a client after authentication (Windows 10)
+title: Impersonate a client after authentication
description: Describes the best practices, location, values, policy management, and security considerations for the Impersonate a client after authentication security policy setting.
ms.assetid: 4cd241e2-c680-4b43-8ed0-3b391925cec5
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/increase-a-process-working-set.md b/windows/security/threat-protection/security-policy-settings/increase-a-process-working-set.md
index 0f79c38991..0d6a6d694f 100644
--- a/windows/security/threat-protection/security-policy-settings/increase-a-process-working-set.md
+++ b/windows/security/threat-protection/security-policy-settings/increase-a-process-working-set.md
@@ -1,5 +1,5 @@
---
-title: Increase a process working set (Windows 10)
+title: Increase a process working set
description: Describes the best practices, location, values, policy management, and security considerations for the Increase a process working set security policy setting.
ms.assetid: b742ad96-37f3-4686-b8f7-f2b48367105b
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/increase-scheduling-priority.md b/windows/security/threat-protection/security-policy-settings/increase-scheduling-priority.md
index 5446601279..1bcfcdb42e 100644
--- a/windows/security/threat-protection/security-policy-settings/increase-scheduling-priority.md
+++ b/windows/security/threat-protection/security-policy-settings/increase-scheduling-priority.md
@@ -1,5 +1,5 @@
---
-title: Increase scheduling priority (Windows 10)
+title: Increase scheduling priority
description: Describes the best practices, location, values, policy management, and security considerations for the Increase scheduling priority security policy setting.
ms.assetid: fbec5973-d35e-4797-9626-d0d56061527f
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-display-user-information-when-the-session-is-locked.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-display-user-information-when-the-session-is-locked.md
index d76c4110fc..a1ee602ed9 100644
--- a/windows/security/threat-protection/security-policy-settings/interactive-logon-display-user-information-when-the-session-is-locked.md
+++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-display-user-information-when-the-session-is-locked.md
@@ -1,5 +1,5 @@
---
-title: Interactive logon Display user information when the session is locked (Windows 10)
+title: Interactive logon Display user information when the session is locked
description: Best practices, security considerations, and more for the security policy setting, Interactive logon Display user information when the session is locked.
ms.assetid: 9146aa3d-9b2f-47ba-ac03-ff43efb10530
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-display-last-user-name.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-display-last-user-name.md
index 6cddf9952d..aba7cdc252 100644
--- a/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-display-last-user-name.md
+++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-display-last-user-name.md
@@ -1,5 +1,5 @@
---
-title: Interactive logon Don't display last signed-in (Windows 10)
+title: Interactive logon Don't display last signed-in
description: Describes the best practices, location, values, and security considerations for the Interactive logon Don't display last user name security policy setting.
ms.prod: windows-client
ms.mktglfcycl: deploy
diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-require-ctrl-alt-del.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-require-ctrl-alt-del.md
index f33b15222c..e4c4d49b0a 100644
--- a/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-require-ctrl-alt-del.md
+++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-require-ctrl-alt-del.md
@@ -1,5 +1,5 @@
---
-title: Interactive logon Do not require CTRL+ALT+DEL (Windows 10)
+title: Interactive logon Do not require CTRL+ALT+DEL
description: Describes the best practices, location, values, and security considerations for the Interactive logon Do not require CTRL+ALT+DEL security policy setting.
ms.assetid: 04e2c000-2eb2-4d4b-8179-1e2cb4793e18
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-dont-display-username-at-sign-in.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-dont-display-username-at-sign-in.md
index e283a1f14d..29c230e657 100644
--- a/windows/security/threat-protection/security-policy-settings/interactive-logon-dont-display-username-at-sign-in.md
+++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-dont-display-username-at-sign-in.md
@@ -1,5 +1,5 @@
---
-title: Interactive logon Don't display username at sign-in (Windows 10)
+title: Interactive logon Don't display username at sign-in
description: Describes the best practices, location, values, and security considerations for the Interactive logon Don't display username at sign-in security policy setting.
ms.assetid: 98b24b03-95fe-4edc-8e97-cbdaa8e314fd
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-account-lockout-threshold.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-account-lockout-threshold.md
index c08ad29828..bc3ee80c44 100644
--- a/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-account-lockout-threshold.md
+++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-account-lockout-threshold.md
@@ -1,5 +1,5 @@
---
-title: Interactive logon Machine account lockout threshold (Windows 10)
+title: Interactive logon Machine account lockout threshold
description: Best practices, location, values, management, and security considerations for the security policy setting, Interactive logon Machine account lockout threshold.
ms.assetid: ebbd8e22-2611-4ebe-9db9-d49344e631e4
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-inactivity-limit.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-inactivity-limit.md
index 41c09e6eb4..40c0bcb254 100644
--- a/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-inactivity-limit.md
+++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-inactivity-limit.md
@@ -1,5 +1,5 @@
---
-title: Interactive logon Machine inactivity limit (Windows 10)
+title: Interactive logon Machine inactivity limit
description: Describes the best practices, location, values, management, and security considerations for the Interactive logon Machine inactivity limit security policy setting.
ms.assetid: 7065b4a9-0d52-41d5-afc4-5aedfc4162b5
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-message-text-for-users-attempting-to-log-on.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-message-text-for-users-attempting-to-log-on.md
index 0b5af8fa19..7f6a3535a6 100644
--- a/windows/security/threat-protection/security-policy-settings/interactive-logon-message-text-for-users-attempting-to-log-on.md
+++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-message-text-for-users-attempting-to-log-on.md
@@ -1,5 +1,5 @@
---
-title: Interactive Logon Message text (Windows 10)
+title: Interactive Logon Message text
description: Learn about best practices, security considerations and more for the security policy setting, Interactive logon Message text for users attempting to log on.
ms.assetid: fcfe8a6d-ca65-4403-b9e6-2fa017a31c2e
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-message-title-for-users-attempting-to-log-on.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-message-title-for-users-attempting-to-log-on.md
index c20c76d1c8..fc861f5e80 100644
--- a/windows/security/threat-protection/security-policy-settings/interactive-logon-message-title-for-users-attempting-to-log-on.md
+++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-message-title-for-users-attempting-to-log-on.md
@@ -1,5 +1,5 @@
---
-title: Interactive logon Message title for users attempting to log on (Windows 10)
+title: Interactive logon Message title for users attempting to log on
description: Best practices, security considerations, and more for the security policy setting, Interactive logon Message title for users attempting to log on.
ms.assetid: f2596470-4cc0-4ef1-849c-bef9dc3533c6
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-number-of-previous-logons-to-cache-in-case-domain-controller-is-not-available.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-number-of-previous-logons-to-cache-in-case-domain-controller-is-not-available.md
index 92341b9213..4b962010b1 100644
--- a/windows/security/threat-protection/security-policy-settings/interactive-logon-number-of-previous-logons-to-cache-in-case-domain-controller-is-not-available.md
+++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-number-of-previous-logons-to-cache-in-case-domain-controller-is-not-available.md
@@ -1,5 +1,5 @@
---
-title: Interactive logon Number of previous logons to cache (in case domain controller is not available) (Windows 10)
+title: Interactive logon Number of previous logons to cache (in case domain controller is not available)
description: Best practices and more for the security policy setting, Interactive logon Number of previous logons to cache (in case domain controller is not available).
ms.assetid: 660e925e-cc3e-4098-a41e-eb8db8062d8d
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-prompt-user-to-change-password-before-expiration.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-prompt-user-to-change-password-before-expiration.md
index 5508696327..b63d35d0b2 100644
--- a/windows/security/threat-protection/security-policy-settings/interactive-logon-prompt-user-to-change-password-before-expiration.md
+++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-prompt-user-to-change-password-before-expiration.md
@@ -1,5 +1,5 @@
---
-title: Interactive log-on prompt user to change password before expiration (Windows 10)
+title: Interactive log-on prompt user to change password before expiration
description: Best practices and security considerations for an interactive log-on prompt for users to change passwords before expiration.
ms.assetid: 8fe94781-40f7-4fbe-8cfd-5e116e6833e9
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-require-domain-controller-authentication-to-unlock-workstation.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-require-domain-controller-authentication-to-unlock-workstation.md
index dea0b48963..c418e7adeb 100644
--- a/windows/security/threat-protection/security-policy-settings/interactive-logon-require-domain-controller-authentication-to-unlock-workstation.md
+++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-require-domain-controller-authentication-to-unlock-workstation.md
@@ -1,5 +1,5 @@
---
-title: Interactive logon Require Domain Controller authentication to unlock workstation (Windows 10)
+title: Interactive logon Require Domain Controller authentication to unlock workstation
description: Best practices security considerations, and more for the policy setting, Interactive logon Require Domain Controller authentication to unlock workstation.
ms.assetid: 97618ed3-e946-47db-a212-b5e7a4fc6ffc
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-smart-card-removal-behavior.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-smart-card-removal-behavior.md
index 804de2d6cb..55213f035f 100644
--- a/windows/security/threat-protection/security-policy-settings/interactive-logon-smart-card-removal-behavior.md
+++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-smart-card-removal-behavior.md
@@ -1,5 +1,5 @@
---
-title: Interactive logon Smart card removal behavior (Windows 10)
+title: Interactive logon Smart card removal behavior
description: Best practices, location, values, policy management, and security considerations for the security policy setting, Interactive logon Smart card removal behavior.
ms.assetid: 61487820-9d49-4979-b15d-c7e735999460
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/kerberos-policy.md b/windows/security/threat-protection/security-policy-settings/kerberos-policy.md
index c6fc22a8de..b63e17c8c2 100644
--- a/windows/security/threat-protection/security-policy-settings/kerberos-policy.md
+++ b/windows/security/threat-protection/security-policy-settings/kerberos-policy.md
@@ -1,5 +1,5 @@
---
-title: Kerberos Policy (Windows 10)
+title: Kerberos Policy
description: Describes the Kerberos Policy settings and provides links to policy setting descriptions.
ms.assetid: 94017dd9-b1a3-4624-af9f-b29161b4bf38
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/load-and-unload-device-drivers.md b/windows/security/threat-protection/security-policy-settings/load-and-unload-device-drivers.md
index f0f4e5f932..1e9c0d4b8b 100644
--- a/windows/security/threat-protection/security-policy-settings/load-and-unload-device-drivers.md
+++ b/windows/security/threat-protection/security-policy-settings/load-and-unload-device-drivers.md
@@ -1,5 +1,5 @@
---
-title: Load and unload device drivers (Windows 10)
+title: Load and unload device drivers
description: Describes the best practices, location, values, policy management, and security considerations for the Load and unload device drivers security policy setting.
ms.assetid: 66262532-c610-470c-9792-35ff4389430f
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/lock-pages-in-memory.md b/windows/security/threat-protection/security-policy-settings/lock-pages-in-memory.md
index 5f6ed628f4..c591706f9c 100644
--- a/windows/security/threat-protection/security-policy-settings/lock-pages-in-memory.md
+++ b/windows/security/threat-protection/security-policy-settings/lock-pages-in-memory.md
@@ -1,5 +1,5 @@
---
-title: Lock pages in memory (Windows 10)
+title: Lock pages in memory
description: Describes the best practices, location, values, policy management, and security considerations for the Lock pages in memory security policy setting.
ms.assetid: cc724979-aec0-496d-be4e-7009aef660a3
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/log-on-as-a-batch-job.md b/windows/security/threat-protection/security-policy-settings/log-on-as-a-batch-job.md
index 5eb5a6a0b4..cecd34e77c 100644
--- a/windows/security/threat-protection/security-policy-settings/log-on-as-a-batch-job.md
+++ b/windows/security/threat-protection/security-policy-settings/log-on-as-a-batch-job.md
@@ -1,5 +1,5 @@
---
-title: Log on as a batch job (Windows 10)
+title: Log on as a batch job
description: Describes the best practices, location, values, policy management, and security considerations for the Log on as a batch job security policy setting.
ms.assetid: 4eaddb51-0a18-470e-9d3d-5e7cd7970b41
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/log-on-as-a-service.md b/windows/security/threat-protection/security-policy-settings/log-on-as-a-service.md
index 667a0885f7..d1f486957c 100644
--- a/windows/security/threat-protection/security-policy-settings/log-on-as-a-service.md
+++ b/windows/security/threat-protection/security-policy-settings/log-on-as-a-service.md
@@ -1,5 +1,5 @@
---
-title: Log on as a service (Windows 10)
+title: Log on as a service
description: Describes the best practices, location, values, policy management, and security considerations for the Log on as a service security policy setting.
ms.assetid: acc9a9e0-fd88-4cda-ab54-503120ba1f42
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/manage-auditing-and-security-log.md b/windows/security/threat-protection/security-policy-settings/manage-auditing-and-security-log.md
index 0b62095cd7..a2be818c7d 100644
--- a/windows/security/threat-protection/security-policy-settings/manage-auditing-and-security-log.md
+++ b/windows/security/threat-protection/security-policy-settings/manage-auditing-and-security-log.md
@@ -1,5 +1,5 @@
---
-title: Manage auditing and security log (Windows 10)
+title: Manage auditing and security log
description: Describes the best practices, location, values, policy management, and security considerations for the Manage auditing and security log security policy setting.
ms.assetid: 4b946c0d-f904-43db-b2d5-7f0917575347
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-service-ticket.md b/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-service-ticket.md
index e60f5b8019..bdc180ccf0 100644
--- a/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-service-ticket.md
+++ b/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-service-ticket.md
@@ -1,5 +1,5 @@
---
-title: Maximum lifetime for service ticket (Windows 10)
+title: Maximum lifetime for service ticket
description: Describes the best practices, location, values, policy management, and security considerations for the Maximum lifetime for service ticket security policy setting.
ms.assetid: 484bf05a-3858-47fc-bc02-6599ca860247
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket-renewal.md b/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket-renewal.md
index d048ad2d5b..43935998f5 100644
--- a/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket-renewal.md
+++ b/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket-renewal.md
@@ -1,5 +1,5 @@
---
-title: Maximum lifetime for user ticket renewal (Windows 10)
+title: Maximum lifetime for user ticket renewal
description: Describes the best practices, location, values, policy management, and security considerations for the Maximum lifetime for user ticket renewal security policy setting.
ms.assetid: f88cd819-3dd1-4e38-b560-13fe6881b609
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket.md b/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket.md
index 7117941bbe..1d6f14a767 100644
--- a/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket.md
+++ b/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket.md
@@ -1,5 +1,5 @@
---
-title: Maximum lifetime for user ticket (Windows 10)
+title: Maximum lifetime for user ticket
description: Describes the best practices, location, values, policy management, and security considerations for the Maximum lifetime for user ticket policy setting.
ms.assetid: bcb4ff59-334d-4c2f-99af-eca2b64011dc
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/maximum-password-age.md b/windows/security/threat-protection/security-policy-settings/maximum-password-age.md
index 7c99d562b8..87337b86b8 100644
--- a/windows/security/threat-protection/security-policy-settings/maximum-password-age.md
+++ b/windows/security/threat-protection/security-policy-settings/maximum-password-age.md
@@ -1,5 +1,5 @@
---
-title: Maximum password age (Windows 10)
+title: Maximum password age
description: Describes the best practices, location, values, policy management, and security considerations for the Maximum password age security policy setting.
ms.assetid: 2d6e70e7-c8b0-44fb-8113-870c6120871d
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/maximum-tolerance-for-computer-clock-synchronization.md b/windows/security/threat-protection/security-policy-settings/maximum-tolerance-for-computer-clock-synchronization.md
index e6976b9407..5b2ae28406 100644
--- a/windows/security/threat-protection/security-policy-settings/maximum-tolerance-for-computer-clock-synchronization.md
+++ b/windows/security/threat-protection/security-policy-settings/maximum-tolerance-for-computer-clock-synchronization.md
@@ -1,5 +1,5 @@
---
-title: Maximum tolerance for computer clock synchronization (Windows 10)
+title: Maximum tolerance for computer clock synchronization
description: Best practices, location, values, policy management, and security considerations for the policy setting, Maximum tolerance for computer clock synchronization.
ms.assetid: ba2cf59e-d69d-469e-95e3-8e6a0ba643af
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers.md b/windows/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers.md
index 131ca7ef0e..343e8a2eb7 100644
--- a/windows/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers.md
+++ b/windows/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers.md
@@ -1,5 +1,5 @@
---
-title: Microsoft network client Send unencrypted password (Windows 10)
+title: Microsoft network client Send unencrypted password
description: Learn about best practices and more for the security policy setting, Microsoft network client Send unencrypted password to third-party SMB servers.
ms.assetid: 97a76b93-afa7-4dd9-bb52-7c9e289b6017
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-amount-of-idle-time-required-before-suspending-session.md b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-amount-of-idle-time-required-before-suspending-session.md
index 9b4f9c1021..72d11c51b4 100644
--- a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-amount-of-idle-time-required-before-suspending-session.md
+++ b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-amount-of-idle-time-required-before-suspending-session.md
@@ -1,5 +1,5 @@
---
-title: Microsoft network server Amount of idle time required before suspending session (Windows 10)
+title: Microsoft network server Amount of idle time required before suspending session
description: Best practices, security considerations, and more for the policy setting, Microsoft network server Amount of idle time required before suspending session.
ms.assetid: 8227842a-569d-480f-b43c-43450bbaa722
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-attempt-s4u2self-to-obtain-claim-information.md b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-attempt-s4u2self-to-obtain-claim-information.md
index 18eb849aa7..f8096dec04 100644
--- a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-attempt-s4u2self-to-obtain-claim-information.md
+++ b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-attempt-s4u2self-to-obtain-claim-information.md
@@ -1,5 +1,5 @@
---
-title: Microsoft network server Attempt S4U2Self (Windows 10)
+title: Microsoft network server Attempt S4U2Self
description: Learn about the security policy setting, Microsoft network server Attempt S4U2Self to obtain claim information.
ms.assetid: e4508387-35ed-4a3f-a47c-27f8396adbba
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-disconnect-clients-when-logon-hours-expire.md b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-disconnect-clients-when-logon-hours-expire.md
index 02f163e1c5..c560912610 100644
--- a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-disconnect-clients-when-logon-hours-expire.md
+++ b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-disconnect-clients-when-logon-hours-expire.md
@@ -1,5 +1,5 @@
---
-title: Microsoft network server Disconnect clients when sign-in hours expire (Windows 10)
+title: Microsoft network server Disconnect clients when sign-in hours expire
description: Best practices, location, values, and security considerations for the policy setting, Microsoft network server Disconnect clients when sign-in hours expire.
ms.assetid: 48b5c424-9ba8-416d-be7d-ccaabb3f49af
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-server-spn-target-name-validation-level.md b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-server-spn-target-name-validation-level.md
index 21c41369f9..b0119771b5 100644
--- a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-server-spn-target-name-validation-level.md
+++ b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-server-spn-target-name-validation-level.md
@@ -1,5 +1,5 @@
---
-title: Microsoft network server Server SPN target name validation level (Windows 10)
+title: Microsoft network server Server SPN target name validation level
description: Best practices, security considerations, and more for the security policy setting, Microsoft network server Server SPN target name validation level.
ms.assetid: 18337f78-eb45-42fd-bdbd-f8cd02c3e154
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/minimum-password-age.md b/windows/security/threat-protection/security-policy-settings/minimum-password-age.md
index f9b90574fd..c193b4ef7d 100644
--- a/windows/security/threat-protection/security-policy-settings/minimum-password-age.md
+++ b/windows/security/threat-protection/security-policy-settings/minimum-password-age.md
@@ -1,5 +1,5 @@
---
-title: Minimum password age (Windows 10)
+title: Minimum password age
description: Describes the best practices, location, values, policy management, and security considerations for the Minimum password age security policy setting.
ms.assetid: 91915cb2-1b3f-4fb7-afa0-d03df95e8161
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/minimum-password-length.md b/windows/security/threat-protection/security-policy-settings/minimum-password-length.md
index b74a12c22c..4ef50144bc 100644
--- a/windows/security/threat-protection/security-policy-settings/minimum-password-length.md
+++ b/windows/security/threat-protection/security-policy-settings/minimum-password-length.md
@@ -1,5 +1,5 @@
---
-title: Minimum password length (Windows 10)
+title: Minimum password length
description: Describes the best practices, location, values, policy management, and security considerations for the Minimum password length security policy setting.
ms.assetid: 3d22eb9a-859a-4b6f-82f5-c270c427e17e
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/modify-an-object-label.md b/windows/security/threat-protection/security-policy-settings/modify-an-object-label.md
index f3d460e68c..0fe460d50d 100644
--- a/windows/security/threat-protection/security-policy-settings/modify-an-object-label.md
+++ b/windows/security/threat-protection/security-policy-settings/modify-an-object-label.md
@@ -1,5 +1,5 @@
---
-title: Modify an object label (Windows 10)
+title: Modify an object label
description: Describes the best practices, location, values, policy management, and security considerations for the Modify an object label security policy setting.
ms.assetid: 3e5a97dd-d363-43a8-ae80-452e866ebfd5
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/modify-firmware-environment-values.md b/windows/security/threat-protection/security-policy-settings/modify-firmware-environment-values.md
index ae4fa3457e..faff714347 100644
--- a/windows/security/threat-protection/security-policy-settings/modify-firmware-environment-values.md
+++ b/windows/security/threat-protection/security-policy-settings/modify-firmware-environment-values.md
@@ -1,5 +1,5 @@
---
-title: Modify firmware environment values (Windows 10)
+title: Modify firmware environment values
description: Describes the best practices, location, values, policy management, and security considerations for the Modify firmware environment values security policy setting.
ms.assetid: 80bad5c4-d9eb-4e3a-a5dc-dcb742b83fca
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/network-access-allow-anonymous-sidname-translation.md b/windows/security/threat-protection/security-policy-settings/network-access-allow-anonymous-sidname-translation.md
index af493fdd5f..164da34ecf 100644
--- a/windows/security/threat-protection/security-policy-settings/network-access-allow-anonymous-sidname-translation.md
+++ b/windows/security/threat-protection/security-policy-settings/network-access-allow-anonymous-sidname-translation.md
@@ -1,5 +1,5 @@
---
-title: Network access Allow anonymous SID/Name translation (Windows 10)
+title: Network access Allow anonymous SID/Name translation
description: Best practices, location, values, policy management and security considerations for the policy setting, Network access Allow anonymous SID/Name translation.
ms.assetid: 0144477f-22a6-4d06-b70a-9c9c2196e99e
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares.md b/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares.md
index 547733a694..caccbb931a 100644
--- a/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares.md
+++ b/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares.md
@@ -1,5 +1,5 @@
---
-title: Network access Do not allow anonymous enumeration (Windows 10)
+title: Network access Do not allow anonymous enumeration
description: Learn about best practices and more for the security policy setting, Network access Do not allow anonymous enumeration of SAM accounts and shares.
ms.assetid: 3686788d-4cc7-4222-9163-cbc7c3362d73
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts.md b/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts.md
index 5b7e0c66e6..83888d29df 100644
--- a/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts.md
+++ b/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts.md
@@ -1,5 +1,5 @@
---
-title: Network access Do not allow anonymous enumeration of SAM accounts (Windows 10)
+title: Network access Do not allow anonymous enumeration of SAM accounts
description: Describes the best practices, location, values, and security considerations for the Network access Do not allow anonymous enumeration of SAM accounts security policy setting.
ms.assetid: 6ee25b33-ad43-4097-b031-7be680f64c7c
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-storage-of-passwords-and-credentials-for-network-authentication.md b/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-storage-of-passwords-and-credentials-for-network-authentication.md
index a8ded6ea27..a9b7f2583f 100644
--- a/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-storage-of-passwords-and-credentials-for-network-authentication.md
+++ b/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-storage-of-passwords-and-credentials-for-network-authentication.md
@@ -1,5 +1,5 @@
---
-title: Network access Do not allow storage of passwords and credentials for network authentication (Windows 10)
+title: Network access Do not allow storage of passwords and credentials for network authentication
description: Learn about best practices and more for the security policy setting, Network access Do not allow storage of passwords and credentials for network authentication
ms.assetid: b9b64360-36ea-40fa-b795-2d6558c46563
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/network-access-let-everyone-permissions-apply-to-anonymous-users.md b/windows/security/threat-protection/security-policy-settings/network-access-let-everyone-permissions-apply-to-anonymous-users.md
index 3ae0bff29a..618f7ffbc0 100644
--- a/windows/security/threat-protection/security-policy-settings/network-access-let-everyone-permissions-apply-to-anonymous-users.md
+++ b/windows/security/threat-protection/security-policy-settings/network-access-let-everyone-permissions-apply-to-anonymous-users.md
@@ -1,5 +1,5 @@
---
-title: Let Everyone permissions apply to anonymous users (Windows 10)
+title: Let Everyone permissions apply to anonymous users
description: Learn about best practices, security considerations and more for the security policy setting, Network access Let Everyone permissions apply to anonymous users.
ms.assetid: cdbc5159-9173-497e-b46b-7325f4256353
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/network-access-named-pipes-that-can-be-accessed-anonymously.md b/windows/security/threat-protection/security-policy-settings/network-access-named-pipes-that-can-be-accessed-anonymously.md
index e570e96543..7a1acb165d 100644
--- a/windows/security/threat-protection/security-policy-settings/network-access-named-pipes-that-can-be-accessed-anonymously.md
+++ b/windows/security/threat-protection/security-policy-settings/network-access-named-pipes-that-can-be-accessed-anonymously.md
@@ -1,5 +1,5 @@
---
-title: Network access Named Pipes that can be accessed anonymously (Windows 10)
+title: Network access Named Pipes that can be accessed anonymously
description: Describes best practices, security considerations and more for the security policy setting, Network access Named Pipes that can be accessed anonymously.
ms.assetid: 8897d2a4-813e-4d2b-8518-fcee71e1cf2c
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths-and-subpaths.md b/windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths-and-subpaths.md
index 6bebdb7c99..9c968a3f5c 100644
--- a/windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths-and-subpaths.md
+++ b/windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths-and-subpaths.md
@@ -1,5 +1,5 @@
---
-title: Network access Remotely accessible registry paths and subpaths (Windows 10)
+title: Network access Remotely accessible registry paths and subpaths
description: Describes best practices, location, values, and security considerations for the policy setting, Network access Remotely accessible registry paths and subpaths.
ms.assetid: 3fcbbf70-a002-4f85-8e86-8dabad21928e
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths.md b/windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths.md
index 1ca60361c7..dd86f8a026 100644
--- a/windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths.md
+++ b/windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths.md
@@ -1,5 +1,5 @@
---
-title: Network access Remotely accessible registry paths (Windows 10)
+title: Network access Remotely accessible registry paths
description: Best practices, location, values, policy management and security considerations for the policy setting, Network access Remotely accessible registry paths.
ms.assetid: 977f86ea-864f-4f1b-9756-22220efce0bd
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares.md b/windows/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares.md
index 92f62c7e6b..30cbc5b78f 100644
--- a/windows/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares.md
+++ b/windows/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares.md
@@ -1,5 +1,5 @@
---
-title: Network access Restrict anonymous access to Named Pipes and Shares (Windows 10)
+title: Network access Restrict anonymous access to Named Pipes and Shares
description: Best practices, security considerations, and more for the security policy setting, Network access Restrict anonymous access to Named Pipes and Shares.
ms.assetid: e66cd708-7322-4d49-9b57-1bf8ec7a4c10
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/network-access-shares-that-can-be-accessed-anonymously.md b/windows/security/threat-protection/security-policy-settings/network-access-shares-that-can-be-accessed-anonymously.md
index b9d02af2c4..dc0a2dda77 100644
--- a/windows/security/threat-protection/security-policy-settings/network-access-shares-that-can-be-accessed-anonymously.md
+++ b/windows/security/threat-protection/security-policy-settings/network-access-shares-that-can-be-accessed-anonymously.md
@@ -1,5 +1,5 @@
---
-title: Network access Shares that can be accessed anonymously (Windows 10)
+title: Network access Shares that can be accessed anonymously
description: Learn about best practices, security considerations, and more for the security policy setting, Network access Shares that can be accessed anonymously.
ms.assetid: f3e4b919-8279-4972-b415-5f815e2f0a1a
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/network-access-sharing-and-security-model-for-local-accounts.md b/windows/security/threat-protection/security-policy-settings/network-access-sharing-and-security-model-for-local-accounts.md
index 01d1e937b2..c11be07eab 100644
--- a/windows/security/threat-protection/security-policy-settings/network-access-sharing-and-security-model-for-local-accounts.md
+++ b/windows/security/threat-protection/security-policy-settings/network-access-sharing-and-security-model-for-local-accounts.md
@@ -1,5 +1,5 @@
---
-title: Network access Sharing and security model for local accounts (Windows 10)
+title: Network access Sharing and security model for local accounts
description: Best practices, security considerations, and more for the security policy setting, Network access Sharing and security model for local accounts.
ms.assetid: 0b3d703c-ea27-488f-8f59-b345af75b994
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/network-list-manager-policies.md b/windows/security/threat-protection/security-policy-settings/network-list-manager-policies.md
index 6b67b4947f..a946a20ae9 100644
--- a/windows/security/threat-protection/security-policy-settings/network-list-manager-policies.md
+++ b/windows/security/threat-protection/security-policy-settings/network-list-manager-policies.md
@@ -1,5 +1,5 @@
---
-title: Network List Manager policies (Windows 10)
+title: Network List Manager policies
description: Network List Manager policies are security settings that configure different aspects of how networks are listed and displayed on one device or on many devices.
ms.assetid: bd8109d4-b07c-4beb-a9a6-affae2ba2fda
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-allow-localsystem-null-session-fallback.md b/windows/security/threat-protection/security-policy-settings/network-security-allow-localsystem-null-session-fallback.md
index 2bd7b413bb..fd87daba06 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-allow-localsystem-null-session-fallback.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-allow-localsystem-null-session-fallback.md
@@ -1,5 +1,5 @@
---
-title: Network security Allow LocalSystem NULL session fallback (Windows 10)
+title: Network security Allow LocalSystem NULL session fallback
description: Describes the best practices, location, values, and security considerations for the Network security Allow LocalSystem NULL session fallback security policy setting.
ms.assetid: 5b72edaa-bec7-4572-b6f0-648fc38f5395
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-allow-pku2u-authentication-requests-to-this-computer-to-use-online-identities.md b/windows/security/threat-protection/security-policy-settings/network-security-allow-pku2u-authentication-requests-to-this-computer-to-use-online-identities.md
index c317d27ae4..ce5adb5c59 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-allow-pku2u-authentication-requests-to-this-computer-to-use-online-identities.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-allow-pku2u-authentication-requests-to-this-computer-to-use-online-identities.md
@@ -1,5 +1,5 @@
---
-title: Network security Allow PKU2U authentication requests to this computer to use online identities (Windows 10)
+title: Network security Allow PKU2U authentication requests to this computer to use online identities
description: Best practices for the Network Security Allow PKU2U authentication requests to this computer to use online identities security setting.
ms.assetid: e04a854e-d94d-4306-9fb3-56e9bd7bb926
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-do-not-store-lan-manager-hash-value-on-next-password-change.md b/windows/security/threat-protection/security-policy-settings/network-security-do-not-store-lan-manager-hash-value-on-next-password-change.md
index 2f5d913958..7402fd0df1 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-do-not-store-lan-manager-hash-value-on-next-password-change.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-do-not-store-lan-manager-hash-value-on-next-password-change.md
@@ -1,5 +1,5 @@
---
-title: Network security Do not store LAN Manager hash value on next password change (Windows 10)
+title: Network security Do not store LAN Manager hash value on next password change
description: Best practices, security considerations, and more for the security policy setting, Network security Do not store LAN Manager hash value on next password change.
ms.assetid: 6452b268-e5ba-4889-9d38-db28f919af51
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-force-logoff-when-logon-hours-expire.md b/windows/security/threat-protection/security-policy-settings/network-security-force-logoff-when-logon-hours-expire.md
index 1999afcfbb..99826613ed 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-force-logoff-when-logon-hours-expire.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-force-logoff-when-logon-hours-expire.md
@@ -1,5 +1,5 @@
---
-title: Network security Force logoff when logon hours expire (Windows 10)
+title: Network security Force logoff when logon hours expire
description: Best practices, location, values, policy management, and security considerations for the policy setting, Network security Force logoff when logon hours expire.
ms.assetid: 64d5dde4-58e4-4217-b2c4-73bd554ec926
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level.md b/windows/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level.md
index 23edb11516..c6847770d4 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level.md
@@ -1,5 +1,5 @@
---
-title: Network security LAN Manager authentication level (Windows 10)
+title: Network security LAN Manager authentication level
description: Best practices, location, values, policy management and security considerations for the policy setting, Network security LAN Manager authentication level.
ms.assetid: bbe1a98c-420a-41e7-9d3c-3a2fe0f1843e
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-ldap-client-signing-requirements.md b/windows/security/threat-protection/security-policy-settings/network-security-ldap-client-signing-requirements.md
index 3fb085d04d..3232a699e0 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-ldap-client-signing-requirements.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-ldap-client-signing-requirements.md
@@ -1,5 +1,5 @@
---
-title: Network security LDAP client signing requirements (Windows 10)
+title: Network security LDAP client signing requirements
description: Best practices, location, values, policy management and security considerations for the policy setting, Network security LDAP client signing requirements.
ms.assetid: 38b35489-eb5b-4035-bc87-df63de50509c
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-clients.md b/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-clients.md
index aa708a1c42..cd6838a4f8 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-clients.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-clients.md
@@ -1,5 +1,5 @@
---
-title: Network security Minimum session security for NTLM SSP based (including secure RPC) clients (Windows 10)
+title: Network security Minimum session security for NTLM SSP based (including secure RPC) clients
description: Best practices and more for the security policy setting, Network security Minimum session security for NTLM SSP based (including secure RPC) clients.
ms.assetid: 89903de8-23d0-4e0f-9bef-c00cb7aebf00
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-servers.md b/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-servers.md
index c53712c5e9..701259d037 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-servers.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-servers.md
@@ -1,5 +1,5 @@
---
-title: Network security Minimum session security for NTLM SSP based (including secure RPC) servers (Windows 10)
+title: Network security Minimum session security for NTLM SSP based (including secure RPC) servers
description: Best practices and security considerations for the policy setting, Network security Minimum session security for NTLM SSP based (including secure RPC) servers.
ms.assetid: c6a60c1b-bc8d-4d02-9481-f847a411b4fc
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-remote-server-exceptions-for-ntlm-authentication.md b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-remote-server-exceptions-for-ntlm-authentication.md
index c42e1f65c5..754a7cbc0e 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-remote-server-exceptions-for-ntlm-authentication.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-remote-server-exceptions-for-ntlm-authentication.md
@@ -1,5 +1,5 @@
---
-title: Network security Restrict NTLM Add remote server exceptions for NTLM authentication (Windows 10)
+title: Network security Restrict NTLM Add remote server exceptions for NTLM authentication
description: Best practices, security considerations, and more for the policy setting, Network security Restrict NTLM Add remote server exceptions for NTLM authentication.
ms.assetid: 9b017399-0a54-4580-bfae-614c2beda3a1
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-server-exceptions-in-this-domain.md b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-server-exceptions-in-this-domain.md
index 86b0883198..c0ebdc1ba5 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-server-exceptions-in-this-domain.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-server-exceptions-in-this-domain.md
@@ -1,5 +1,5 @@
---
-title: Network security Restrict NTLM Add server exceptions in this domain (Windows 10)
+title: Network security Restrict NTLM Add server exceptions in this domain
description: Best practices, security considerations, and more for the security policy setting, Network security Restrict NTLM Add server exceptions in this domain.
ms.assetid: 2f981b68-6aa7-4dd9-b53d-d88551277cc0
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-incoming-ntlm-traffic.md b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-incoming-ntlm-traffic.md
index 8d99ff27a8..d5104ea5b7 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-incoming-ntlm-traffic.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-incoming-ntlm-traffic.md
@@ -1,5 +1,5 @@
---
-title: Network security Restrict NTLM Audit incoming NTLM traffic (Windows 10)
+title: Network security Restrict NTLM Audit incoming NTLM traffic
description: Best practices, security considerations and more for the security policy setting, Network Security Restrict NTLM Audit incoming NTLM traffic.
ms.assetid: 37e380c2-22e1-44cd-9993-e12815b845cf
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-incoming-ntlm-traffic.md b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-incoming-ntlm-traffic.md
index 968acbe1da..3a547350da 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-incoming-ntlm-traffic.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-incoming-ntlm-traffic.md
@@ -1,5 +1,5 @@
---
-title: Network security Restrict NTLM Incoming NTLM traffic (Windows 10)
+title: Network security Restrict NTLM Incoming NTLM traffic
description: Best practices, security considerations, and more for the security policy setting, Network Security Restrict NTLM Incoming NTLM traffic.
ms.assetid: c0eff7d3-ed59-4004-908a-2205295fefb8
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers.md b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers.md
index 375f27c55c..5aedc2eb5b 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers.md
@@ -1,5 +1,5 @@
---
-title: Network security Restrict NTLM Outgoing traffic (Windows 10)
+title: Network security Restrict NTLM Outgoing traffic
description: Learn about best practices, security considerations and more for the policy setting, Network Security Restrict NTLM Outgoing NTLM traffic to remote servers.
ms.assetid: 63437a90-764b-4f06-aed8-a4a26cf81bd1
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md b/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md
index b84eb1eaf9..a8b2882f5b 100644
--- a/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md
+++ b/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md
@@ -1,5 +1,5 @@
---
-title: Password must meet complexity requirements (Windows 10)
+title: Password must meet complexity requirements
description: Describes the best practices, location, values, and security considerations for the Password must meet complexity requirements security policy setting.
ms.assetid: 94482ae3-9dda-42df-9782-2f66196e6afe
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/password-policy.md b/windows/security/threat-protection/security-policy-settings/password-policy.md
index e28f4796b7..70396092e7 100644
--- a/windows/security/threat-protection/security-policy-settings/password-policy.md
+++ b/windows/security/threat-protection/security-policy-settings/password-policy.md
@@ -1,5 +1,5 @@
---
-title: Password Policy (Windows 10)
+title: Password Policy
description: An overview of password policies for Windows and links to information for each policy setting.
ms.assetid: aec1220d-a875-4575-9050-f02f9c54a3b6
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/perform-volume-maintenance-tasks.md b/windows/security/threat-protection/security-policy-settings/perform-volume-maintenance-tasks.md
index 60aa01ecc1..e74ff5c974 100644
--- a/windows/security/threat-protection/security-policy-settings/perform-volume-maintenance-tasks.md
+++ b/windows/security/threat-protection/security-policy-settings/perform-volume-maintenance-tasks.md
@@ -1,5 +1,5 @@
---
-title: Perform volume maintenance tasks (Windows 10)
+title: Perform volume maintenance tasks
description: Describes the best practices, location, values, policy management, and security considerations for the Perform volume maintenance tasks security policy setting.
ms.assetid: b6990813-3898-43e2-8221-c9c06d893244
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/profile-single-process.md b/windows/security/threat-protection/security-policy-settings/profile-single-process.md
index d0654f81aa..f77e48438c 100644
--- a/windows/security/threat-protection/security-policy-settings/profile-single-process.md
+++ b/windows/security/threat-protection/security-policy-settings/profile-single-process.md
@@ -1,5 +1,5 @@
---
-title: Profile single process (Windows 10)
+title: Profile single process
description: Describes the best practices, location, values, policy management, and security considerations for the Profile single process security policy setting.
ms.assetid: c0963de4-4f5e-430e-bfcd-dfd68e66a075
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/profile-system-performance.md b/windows/security/threat-protection/security-policy-settings/profile-system-performance.md
index 53ea9e3b07..9c7b9de8c4 100644
--- a/windows/security/threat-protection/security-policy-settings/profile-system-performance.md
+++ b/windows/security/threat-protection/security-policy-settings/profile-system-performance.md
@@ -1,5 +1,5 @@
---
-title: Profile system performance (Windows 10)
+title: Profile system performance
description: Best practices, location, values, policy management, and security considerations for the security policy setting, Profile system performance.
ms.assetid: ffabc3c5-9206-4105-94ea-84f597a54b2e
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/recovery-console-allow-automatic-administrative-logon.md b/windows/security/threat-protection/security-policy-settings/recovery-console-allow-automatic-administrative-logon.md
index c6dba7f1f4..34e5e2b851 100644
--- a/windows/security/threat-protection/security-policy-settings/recovery-console-allow-automatic-administrative-logon.md
+++ b/windows/security/threat-protection/security-policy-settings/recovery-console-allow-automatic-administrative-logon.md
@@ -1,5 +1,5 @@
---
-title: Recovery console Allow automatic administrative logon (Windows 10)
+title: Recovery console Allow automatic administrative logon
description: Best practices, location, values, policy management, and security considerations for the policy setting, Recovery console Allow automatic administrative logon.
ms.assetid: be2498fc-48f4-43f3-ad09-74664e45e596
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/recovery-console-allow-floppy-copy-and-access-to-all-drives-and-folders.md b/windows/security/threat-protection/security-policy-settings/recovery-console-allow-floppy-copy-and-access-to-all-drives-and-folders.md
index e530ce19b8..fdb56ca78e 100644
--- a/windows/security/threat-protection/security-policy-settings/recovery-console-allow-floppy-copy-and-access-to-all-drives-and-folders.md
+++ b/windows/security/threat-protection/security-policy-settings/recovery-console-allow-floppy-copy-and-access-to-all-drives-and-folders.md
@@ -1,5 +1,5 @@
---
-title: Recovery console Allow floppy copy and access to all drives and folders (Windows 10)
+title: Recovery console Allow floppy copy and access to all drives and folders
description: Best practices, security considerations, and more for the policy setting, Recovery console Allow floppy copy and access to all drives and folders.
ms.assetid: a5b4ac0c-f33d-42b5-a866-72afa7cbd0bd
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/remove-computer-from-docking-station.md b/windows/security/threat-protection/security-policy-settings/remove-computer-from-docking-station.md
index 0f15781757..c0f395231c 100644
--- a/windows/security/threat-protection/security-policy-settings/remove-computer-from-docking-station.md
+++ b/windows/security/threat-protection/security-policy-settings/remove-computer-from-docking-station.md
@@ -1,5 +1,5 @@
---
-title: Remove computer from docking station - security policy setting (Windows 10)
+title: Remove computer from docking station - security policy setting
description: Describes the best practices, location, values, policy management, and security considerations for the Remove computer from docking station security policy setting.
ms.assetid: 229a385a-a862-4973-899a-413b1b5b6c30
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/replace-a-process-level-token.md b/windows/security/threat-protection/security-policy-settings/replace-a-process-level-token.md
index af5c5cc7df..5079dab92d 100644
--- a/windows/security/threat-protection/security-policy-settings/replace-a-process-level-token.md
+++ b/windows/security/threat-protection/security-policy-settings/replace-a-process-level-token.md
@@ -1,5 +1,5 @@
---
-title: Replace a process level token (Windows 10)
+title: Replace a process level token
description: Describes the best practices, location, values, policy management, and security considerations for the Replace a process level token security policy setting.
ms.assetid: 5add02db-6339-489e-ba21-ccc3ccbe8745
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/reset-account-lockout-counter-after.md b/windows/security/threat-protection/security-policy-settings/reset-account-lockout-counter-after.md
index 275d4a0bd8..d4cd3aca74 100644
--- a/windows/security/threat-protection/security-policy-settings/reset-account-lockout-counter-after.md
+++ b/windows/security/threat-protection/security-policy-settings/reset-account-lockout-counter-after.md
@@ -1,5 +1,5 @@
---
-title: Reset account lockout counter after (Windows 10)
+title: Reset account lockout counter after
description: Describes the best practices, location, values, and security considerations for the Reset account lockout counter after security policy setting.
ms.assetid: d5ccf6dd-5ba7-44a9-8e0b-c478d8b1442c
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/restore-files-and-directories.md b/windows/security/threat-protection/security-policy-settings/restore-files-and-directories.md
index a80d0249a1..ca2b72c717 100644
--- a/windows/security/threat-protection/security-policy-settings/restore-files-and-directories.md
+++ b/windows/security/threat-protection/security-policy-settings/restore-files-and-directories.md
@@ -1,5 +1,5 @@
---
-title: Restore files and directories - security policy setting (Windows 10)
+title: Restore files and directories - security policy setting
description: Describes the best practices, location, values, policy management, and security considerations for the Restore files and directories security policy setting.
ms.assetid: c673c0fa-6f49-4edd-8c1f-c5e8513f701d
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/secpol-advanced-security-audit-policy-settings.md b/windows/security/threat-protection/security-policy-settings/secpol-advanced-security-audit-policy-settings.md
index 15e8e865fb..7efca79530 100644
--- a/windows/security/threat-protection/security-policy-settings/secpol-advanced-security-audit-policy-settings.md
+++ b/windows/security/threat-protection/security-policy-settings/secpol-advanced-security-audit-policy-settings.md
@@ -1,5 +1,5 @@
---
-title: Advanced security audit policy settings in brief (Windows 10)
+title: Advanced security audit policy settings in brief
description: Provides information about the advanced security audit policy settings that are available in Windows and the audit events that they generate.
ms.assetid: 6BF9A642-DBC3-4101-94A3-B2316C553CE3
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/security-policy-settings-reference.md b/windows/security/threat-protection/security-policy-settings/security-policy-settings-reference.md
index 5aecd1228b..259ebfec01 100644
--- a/windows/security/threat-protection/security-policy-settings/security-policy-settings-reference.md
+++ b/windows/security/threat-protection/security-policy-settings/security-policy-settings-reference.md
@@ -1,5 +1,5 @@
---
-title: Security policy settings reference (Windows 10)
+title: Security policy settings reference
description: This reference of security settings provides information about how to implement and manage security policies, including setting options and security considerations.
ms.assetid: ef5a4579-15a8-4507-9a43-b7ccddcb0ed1
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/security-policy-settings.md b/windows/security/threat-protection/security-policy-settings/security-policy-settings.md
index 5cac6b5f49..397c3a1138 100644
--- a/windows/security/threat-protection/security-policy-settings/security-policy-settings.md
+++ b/windows/security/threat-protection/security-policy-settings/security-policy-settings.md
@@ -1,5 +1,5 @@
---
-title: Security policy settings (Windows 10)
+title: Security policy settings
description: This reference topic describes the common scenarios, architecture, and processes for security settings.
ms.assetid: e7ac5204-7f6c-4708-a9f6-6af712ca43b9
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/shut-down-the-system.md b/windows/security/threat-protection/security-policy-settings/shut-down-the-system.md
index e238e91c99..f6a3fe8228 100644
--- a/windows/security/threat-protection/security-policy-settings/shut-down-the-system.md
+++ b/windows/security/threat-protection/security-policy-settings/shut-down-the-system.md
@@ -1,5 +1,5 @@
---
-title: Shut down the system - security policy setting (Windows 10)
+title: Shut down the system - security policy setting
description: Describes the best practices, location, values, policy management, and security considerations for the Shut down the system security policy setting.
ms.assetid: c8e8f890-153a-401e-a957-ba6a130304bf
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/shutdown-allow-system-to-be-shut-down-without-having-to-log-on.md b/windows/security/threat-protection/security-policy-settings/shutdown-allow-system-to-be-shut-down-without-having-to-log-on.md
index e0fa746d50..a21dde7fda 100644
--- a/windows/security/threat-protection/security-policy-settings/shutdown-allow-system-to-be-shut-down-without-having-to-log-on.md
+++ b/windows/security/threat-protection/security-policy-settings/shutdown-allow-system-to-be-shut-down-without-having-to-log-on.md
@@ -1,5 +1,5 @@
---
-title: Shutdown Allow system to be shut down without having to log on (Windows 10)
+title: Shutdown Allow system to be shut down without having to log on
description: Best practices, security considerations, and more for the security policy setting Shutdown Allow system to be shut down without having to log on.
ms.assetid: f3964767-5377-4416-8eb3-e14d553a7315
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/shutdown-clear-virtual-memory-pagefile.md b/windows/security/threat-protection/security-policy-settings/shutdown-clear-virtual-memory-pagefile.md
index 24a66f59c2..7c6df9fb82 100644
--- a/windows/security/threat-protection/security-policy-settings/shutdown-clear-virtual-memory-pagefile.md
+++ b/windows/security/threat-protection/security-policy-settings/shutdown-clear-virtual-memory-pagefile.md
@@ -1,5 +1,5 @@
---
-title: Shutdown Clear virtual memory pagefile (Windows 10)
+title: Shutdown Clear virtual memory pagefile
description: Describes the best practices, location, values, policy management and security considerations for the Shutdown Clear virtual memory pagefile security policy setting.
ms.assetid: 31400078-6c56-4891-a6df-6dfb403c4bc9
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/store-passwords-using-reversible-encryption.md b/windows/security/threat-protection/security-policy-settings/store-passwords-using-reversible-encryption.md
index 93c6889650..adb43f0fea 100644
--- a/windows/security/threat-protection/security-policy-settings/store-passwords-using-reversible-encryption.md
+++ b/windows/security/threat-protection/security-policy-settings/store-passwords-using-reversible-encryption.md
@@ -1,5 +1,5 @@
---
-title: Store passwords using reversible encryption (Windows 10)
+title: Store passwords using reversible encryption
description: Describes the best practices, location, values, and security considerations for the Store passwords using reversible encryption security policy setting.
ms.assetid: 57f958c2-f1e9-48bf-871b-0a9b3299e238
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/synchronize-directory-service-data.md b/windows/security/threat-protection/security-policy-settings/synchronize-directory-service-data.md
index bfd1681088..3949729b08 100644
--- a/windows/security/threat-protection/security-policy-settings/synchronize-directory-service-data.md
+++ b/windows/security/threat-protection/security-policy-settings/synchronize-directory-service-data.md
@@ -1,5 +1,5 @@
---
-title: Synchronize directory service data (Windows 10)
+title: Synchronize directory service data
description: Describes the best practices, location, values, policy management, and security considerations for the Synchronize directory service data security policy setting.
ms.assetid: 97b0aaa4-674f-40f4-8974-b4bfb12c232c
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/system-cryptography-force-strong-key-protection-for-user-keys-stored-on-the-computer.md b/windows/security/threat-protection/security-policy-settings/system-cryptography-force-strong-key-protection-for-user-keys-stored-on-the-computer.md
index 8c12b88790..ce8f451033 100644
--- a/windows/security/threat-protection/security-policy-settings/system-cryptography-force-strong-key-protection-for-user-keys-stored-on-the-computer.md
+++ b/windows/security/threat-protection/security-policy-settings/system-cryptography-force-strong-key-protection-for-user-keys-stored-on-the-computer.md
@@ -1,5 +1,5 @@
---
-title: System cryptography Force strong key protection for user keys stored on the computer (Windows 10)
+title: System cryptography Force strong key protection for user keys stored on the computer
description: Best practices, security considerations, and more for the policy setting, System cryptography Force strong key protection for user keys stored on the computer.
ms.assetid: 8cbff267-881e-4bf6-920d-b583a5ff7de0
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing.md b/windows/security/threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing.md
index 205e5f9c9a..69fa47377e 100644
--- a/windows/security/threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing.md
+++ b/windows/security/threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing.md
@@ -1,5 +1,5 @@
---
-title: System cryptography Use FIPS compliant algorithms for encryption, hashing, and signing (Windows 10)
+title: System cryptography Use FIPS compliant algorithms for encryption, hashing, and signing
description: Best practices, security considerations, and more for the policy setting System cryptography Use FIPS compliant algorithms for encryption, hashing, and signing
ms.assetid: 83988865-dc0f-45eb-90d1-ee33495eb045
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/system-objects-require-case-insensitivity-for-non-windows-subsystems.md b/windows/security/threat-protection/security-policy-settings/system-objects-require-case-insensitivity-for-non-windows-subsystems.md
index e40e3772a0..ae93fe4482 100644
--- a/windows/security/threat-protection/security-policy-settings/system-objects-require-case-insensitivity-for-non-windows-subsystems.md
+++ b/windows/security/threat-protection/security-policy-settings/system-objects-require-case-insensitivity-for-non-windows-subsystems.md
@@ -1,5 +1,5 @@
---
-title: System objects Require case insensitivity for non-Windows subsystems (Windows 10)
+title: System objects Require case insensitivity for non-Windows subsystems
description: Best practices, security considerations and more for the security policy setting, System objects Require case insensitivity for non-Windows subsystems.
ms.assetid: 340d6769-8f33-4067-8470-1458978d1522
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/system-objects-strengthen-default-permissions-of-internal-system-objects.md b/windows/security/threat-protection/security-policy-settings/system-objects-strengthen-default-permissions-of-internal-system-objects.md
index 3f5107710b..74bf9dee10 100644
--- a/windows/security/threat-protection/security-policy-settings/system-objects-strengthen-default-permissions-of-internal-system-objects.md
+++ b/windows/security/threat-protection/security-policy-settings/system-objects-strengthen-default-permissions-of-internal-system-objects.md
@@ -1,5 +1,5 @@
---
-title: System objects Strengthen default permissions of internal system objects (for example, Symbolic Links) (Windows 10)
+title: System objects Strengthen default permissions of internal system objects (for example, Symbolic Links)
description: Best practices and more for the security policy setting, System objects Strengthen default permissions of internal system objects (for example, Symbolic Links).
ms.assetid: 3a592097-9cf5-4fd0-a504-7cbfab050bb6
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/system-settings-optional-subsystems.md b/windows/security/threat-protection/security-policy-settings/system-settings-optional-subsystems.md
index 1634b509b2..af54bf48ab 100644
--- a/windows/security/threat-protection/security-policy-settings/system-settings-optional-subsystems.md
+++ b/windows/security/threat-protection/security-policy-settings/system-settings-optional-subsystems.md
@@ -1,5 +1,5 @@
---
-title: System settings Optional subsystems (Windows 10)
+title: System settings Optional subsystems
description: Describes the best practices, location, values, policy management, and security considerations for the System settings Optional subsystems security policy setting.
ms.assetid: 5cb6519a-4f84-4b45-8072-e2aa8a72fb78
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/system-settings-use-certificate-rules-on-windows-executables-for-software-restriction-policies.md b/windows/security/threat-protection/security-policy-settings/system-settings-use-certificate-rules-on-windows-executables-for-software-restriction-policies.md
index cce46ae1bc..81fce5ee99 100644
--- a/windows/security/threat-protection/security-policy-settings/system-settings-use-certificate-rules-on-windows-executables-for-software-restriction-policies.md
+++ b/windows/security/threat-protection/security-policy-settings/system-settings-use-certificate-rules-on-windows-executables-for-software-restriction-policies.md
@@ -1,5 +1,5 @@
---
-title: System settings Use certificate rules on Windows executables for Software Restriction Policies (Windows 10)
+title: System settings Use certificate rules on Windows executables for Software Restriction Policies
description: Best practices and more for the security policy setting, System settings Use certificate rules on Windows executables for Software Restriction Policies.
ms.assetid: 2380d93b-b553-4e56-a0c0-d1ef740d089c
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/take-ownership-of-files-or-other-objects.md b/windows/security/threat-protection/security-policy-settings/take-ownership-of-files-or-other-objects.md
index 4010dae1ca..179d04747b 100644
--- a/windows/security/threat-protection/security-policy-settings/take-ownership-of-files-or-other-objects.md
+++ b/windows/security/threat-protection/security-policy-settings/take-ownership-of-files-or-other-objects.md
@@ -1,5 +1,5 @@
---
-title: Take ownership of files or other objects (Windows 10)
+title: Take ownership of files or other objects
description: Describes the best practices, location, values, policy management, and security considerations for the Take ownership of files or other objects security policy setting.
ms.assetid: cb8595d1-74cc-4176-bb15-d97663eebb2d
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-admin-approval-mode-for-the-built-in-administrator-account.md b/windows/security/threat-protection/security-policy-settings/user-account-control-admin-approval-mode-for-the-built-in-administrator-account.md
index 21d8236c79..d4b0a95f6a 100644
--- a/windows/security/threat-protection/security-policy-settings/user-account-control-admin-approval-mode-for-the-built-in-administrator-account.md
+++ b/windows/security/threat-protection/security-policy-settings/user-account-control-admin-approval-mode-for-the-built-in-administrator-account.md
@@ -1,5 +1,5 @@
---
-title: User Account Control Admin Approval Mode for the Built-in Administrator account (Windows 10)
+title: User Account Control Admin Approval Mode for the Built-in Administrator account
description: Best practices, security considerations, and more for the policy setting, User Account Control Admin Approval Mode for the Built-in Administrator account.
ms.assetid: d465fc27-1cd2-498b-9cf6-7ad2276e5998
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-allow-uiaccess-applications-to-prompt-for-elevation-without-using-the-secure-desktop.md b/windows/security/threat-protection/security-policy-settings/user-account-control-allow-uiaccess-applications-to-prompt-for-elevation-without-using-the-secure-desktop.md
index f5fc92749b..4d0f0eac5b 100644
--- a/windows/security/threat-protection/security-policy-settings/user-account-control-allow-uiaccess-applications-to-prompt-for-elevation-without-using-the-secure-desktop.md
+++ b/windows/security/threat-protection/security-policy-settings/user-account-control-allow-uiaccess-applications-to-prompt-for-elevation-without-using-the-secure-desktop.md
@@ -1,5 +1,5 @@
---
-title: User Account Control Allow UIAccess applications to prompt for elevation without using the secure desktop (Windows 10)
+title: User Account Control Allow UIAccess applications to prompt for elevation without using the secure desktop
description: Best practices and more for the policy setting, User Account Control Allow UIAccess applications to prompt for elevation without using the secure desktop.
ms.assetid: fce20472-3c93-449d-b520-13c4c74a9892
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-administrators-in-admin-approval-mode.md b/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-administrators-in-admin-approval-mode.md
index ce19aa2735..b5175062ac 100644
--- a/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-administrators-in-admin-approval-mode.md
+++ b/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-administrators-in-admin-approval-mode.md
@@ -1,5 +1,5 @@
---
-title: User Account Control Behavior of the elevation prompt for administrators in Admin Approval Mode (Windows 10)
+title: User Account Control Behavior of the elevation prompt for administrators in Admin Approval Mode
description: Best practices and more for the security policy setting, User Account Control Behavior of the elevation prompt for administrators in Admin Approval Mode.
ms.assetid: 46a3c3a2-1d2e-4a6f-b5e6-29f9592f535d
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-detect-application-installations-and-prompt-for-elevation.md b/windows/security/threat-protection/security-policy-settings/user-account-control-detect-application-installations-and-prompt-for-elevation.md
index 57b797bc2c..b18e302adf 100644
--- a/windows/security/threat-protection/security-policy-settings/user-account-control-detect-application-installations-and-prompt-for-elevation.md
+++ b/windows/security/threat-protection/security-policy-settings/user-account-control-detect-application-installations-and-prompt-for-elevation.md
@@ -1,5 +1,5 @@
---
-title: User Account Control Detect application installations and prompt for elevation (Windows 10)
+title: User Account Control Detect application installations and prompt for elevation
description: Learn about best practices and more for the security policy setting, User Account Control Detect application installations and prompt for elevation.
ms.assetid: 3f8cb170-ba77-4c9f-abb3-c3ed1ef264fc
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-executables-that-are-signed-and-validated.md b/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-executables-that-are-signed-and-validated.md
index 674025df05..e7e8643f8e 100644
--- a/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-executables-that-are-signed-and-validated.md
+++ b/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-executables-that-are-signed-and-validated.md
@@ -1,5 +1,5 @@
---
-title: User Account Control Only elevate executables that are signed and validated (Windows 10)
+title: User Account Control Only elevate executables that are signed and validated
description: Best practices, security considerations, and more for the security policy setting, User Account Control Only elevate executables that are signed and validated.
ms.assetid: 64950a95-6985-4db6-9905-1db18557352d
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations.md b/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations.md
index 8814018506..564d86f514 100644
--- a/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations.md
+++ b/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations.md
@@ -1,5 +1,5 @@
---
-title: Only elevate UIAccess app installed in secure location (Windows 10)
+title: Only elevate UIAccess app installed in secure location
description: Learn about best practices and more for the policy setting, User Account Control Only elevate UIAccess applications that are installed in secure locations.
ms.assetid: 4333409e-a5be-4f2f-8808-618f53abd22c
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-run-all-administrators-in-admin-approval-mode.md b/windows/security/threat-protection/security-policy-settings/user-account-control-run-all-administrators-in-admin-approval-mode.md
index a206b627a3..d79b6fa29c 100644
--- a/windows/security/threat-protection/security-policy-settings/user-account-control-run-all-administrators-in-admin-approval-mode.md
+++ b/windows/security/threat-protection/security-policy-settings/user-account-control-run-all-administrators-in-admin-approval-mode.md
@@ -1,5 +1,5 @@
---
-title: UAC Run all administrators in Admin Approval Mode (Windows 10)
+title: UAC Run all administrators in Admin Approval Mode
description: Learn about best practices, security considerations and more for the security policy setting, User Account Control Run all administrators in Admin Approval Mode.
ms.assetid: b838c561-7bfc-41ef-a7a5-55857259c7bf
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-switch-to-the-secure-desktop-when-prompting-for-elevation.md b/windows/security/threat-protection/security-policy-settings/user-account-control-switch-to-the-secure-desktop-when-prompting-for-elevation.md
index c0fb6ba1cc..90d853997d 100644
--- a/windows/security/threat-protection/security-policy-settings/user-account-control-switch-to-the-secure-desktop-when-prompting-for-elevation.md
+++ b/windows/security/threat-protection/security-policy-settings/user-account-control-switch-to-the-secure-desktop-when-prompting-for-elevation.md
@@ -1,5 +1,5 @@
---
-title: User Account Control Switch to the secure desktop when prompting for elevation (Windows 10)
+title: User Account Control Switch to the secure desktop when prompting for elevation
description: Best practices, security considerations, and more for the policy setting, User Account Control Switch to the secure desktop when prompting for elevation.
ms.assetid: 77a067db-c70d-4b02-9861-027503311b8b
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-virtualize-file-and-registry-write-failures-to-per-user-locations.md b/windows/security/threat-protection/security-policy-settings/user-account-control-virtualize-file-and-registry-write-failures-to-per-user-locations.md
index 678f1180d6..e7bf8758a8 100644
--- a/windows/security/threat-protection/security-policy-settings/user-account-control-virtualize-file-and-registry-write-failures-to-per-user-locations.md
+++ b/windows/security/threat-protection/security-policy-settings/user-account-control-virtualize-file-and-registry-write-failures-to-per-user-locations.md
@@ -1,5 +1,5 @@
---
-title: User Account Control Virtualize file and registry write failures to per-user locations (Windows 10)
+title: User Account Control Virtualize file and registry write failures to per-user locations
description: Best practices, security considerations and more for the policy setting, User Account Control Virtualize file and registry write failures to per-user locations.
ms.assetid: a7b47420-cc41-4b1c-b03e-f67a05221261
ms.reviewer:
diff --git a/windows/security/threat-protection/security-policy-settings/user-rights-assignment.md b/windows/security/threat-protection/security-policy-settings/user-rights-assignment.md
index 7e7e14c8c0..17f39e5b1f 100644
--- a/windows/security/threat-protection/security-policy-settings/user-rights-assignment.md
+++ b/windows/security/threat-protection/security-policy-settings/user-rights-assignment.md
@@ -1,5 +1,5 @@
---
-title: User Rights Assignment (Windows 10)
+title: User Rights Assignment
description: Provides an overview and links to information about the User Rights Assignment security policy settings user rights that are available in Windows.
ms.assetid: 99340252-60be-4c79-b0a5-56fbe1a9b0c5
ms.reviewer:
diff --git a/windows/security/threat-protection/use-windows-event-forwarding-to-assist-in-intrusion-detection.md b/windows/security/threat-protection/use-windows-event-forwarding-to-assist-in-intrusion-detection.md
index 1675344520..d6fe96c0ba 100644
--- a/windows/security/threat-protection/use-windows-event-forwarding-to-assist-in-intrusion-detection.md
+++ b/windows/security/threat-protection/use-windows-event-forwarding-to-assist-in-intrusion-detection.md
@@ -1,5 +1,5 @@
---
-title: Use Windows Event Forwarding to help with intrusion detection (Windows 10)
+title: Use Windows Event Forwarding to help with intrusion detection
description: Learn about an approach to collect events from devices in your organization. This article talks about events in both normal operations and when an intrusion is suspected.
ms.prod: windows-client
author: aczechowski
diff --git a/windows/security/threat-protection/windows-defender-application-control/AppIdTagging/windows-defender-application-control-appid-tagging-guide.md b/windows/security/threat-protection/windows-defender-application-control/AppIdTagging/windows-defender-application-control-appid-tagging-guide.md
index ffde0b7c8e..a509bcee48 100644
--- a/windows/security/threat-protection/windows-defender-application-control/AppIdTagging/windows-defender-application-control-appid-tagging-guide.md
+++ b/windows/security/threat-protection/windows-defender-application-control/AppIdTagging/windows-defender-application-control-appid-tagging-guide.md
@@ -1,5 +1,5 @@
---
-title: Designing, creating, managing and troubleshooting Windows Defender Application Control AppId Tagging policies (Windows)
+title: Designing, creating, managing and troubleshooting Windows Defender Application Control AppId Tagging policies
description: How to design, create, manage and troubleshoot your WDAC AppId Tagging policies
keywords: security, malware, firewall
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
diff --git a/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md b/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md
index 02d40db723..abfdd65aed 100644
--- a/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md
+++ b/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md
@@ -1,5 +1,5 @@
---
-title: Allow COM object registration in a WDAC policy (Windows)
+title: Allow COM object registration in a WDAC policy
description: You can allow COM object registration in a Windows Defender Application Control policy.
keywords: security, malware
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md b/windows/security/threat-protection/windows-defender-application-control/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md
index c41d4b9e24..0400b53abf 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md
@@ -1,5 +1,5 @@
---
-title: Add rules for packaged apps to existing AppLocker rule-set (Windows)
+title: Add rules for packaged apps to existing AppLocker rule-set
description: This topic for IT professionals describes how to update your existing AppLocker policies for packaged apps using the Remote Server Administration Toolkit (RSAT).
ms.assetid: 758c2a9f-c2a3-418c-83bc-fd335a94097f
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/administer-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/administer-applocker.md
index 0b93872957..3746acc1c8 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/administer-applocker.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/administer-applocker.md
@@ -1,5 +1,5 @@
---
-title: Administer AppLocker (Windows)
+title: Administer AppLocker
description: This topic for IT professionals provides links to specific procedures to use when administering AppLocker policies.
ms.assetid: 511a3b6a-175f-4d6d-a6e0-c1780c02e818
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-architecture-and-components.md b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-architecture-and-components.md
index 4ffbf7a507..fee5823096 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-architecture-and-components.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-architecture-and-components.md
@@ -1,5 +1,5 @@
---
-title: AppLocker architecture and components (Windows)
+title: AppLocker architecture and components
description: This topic for IT professional describes AppLocker’s basic architecture and its major components.
ms.assetid: efdd8494-553c-443f-bd5f-c8976535135a
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-functions.md b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-functions.md
index ab19a6f3c0..dccdeafe16 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-functions.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-functions.md
@@ -1,5 +1,5 @@
---
-title: AppLocker functions (Windows)
+title: AppLocker functions
description: This article for the IT professional lists the functions and security levels for the Software Restriction Policies (SRP) and AppLocker features.
ms.assetid: bf704198-9e74-4731-8c5a-ee0512df34d2
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-overview.md b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-overview.md
index bf315dd58b..238a5d1884 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-overview.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-overview.md
@@ -1,5 +1,5 @@
---
-title: AppLocker (Windows)
+title: AppLocker
description: This topic provides a description of AppLocker and can help you decide if your organization can benefit from deploying AppLocker application control policies.
ms.assetid: 94b57864-2112-43b6-96fb-2863c985dc9a
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-deployment-guide.md b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-deployment-guide.md
index ff9dab0871..a651d67814 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-deployment-guide.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-deployment-guide.md
@@ -1,5 +1,5 @@
---
-title: AppLocker deployment guide (Windows)
+title: AppLocker deployment guide
description: This topic for IT professionals introduces the concepts and describes the steps required to deploy AppLocker policies.
ms.assetid: 38632795-be13-46b0-a7af-487a4340bea1
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-design-guide.md b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-design-guide.md
index ae89b01ff7..6aff5add05 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-design-guide.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-design-guide.md
@@ -1,5 +1,5 @@
---
-title: AppLocker design guide (Windows)
+title: AppLocker design guide
description: This topic for the IT professional introduces the design and planning steps required to deploy application control policies by using AppLocker.
ms.assetid: 1c8e4a7b-3164-4eb4-9277-11b1d5a09c7b
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policy-use-scenarios.md b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policy-use-scenarios.md
index bd9c843bda..46d2994927 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policy-use-scenarios.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policy-use-scenarios.md
@@ -1,5 +1,5 @@
---
-title: AppLocker policy use scenarios (Windows)
+title: AppLocker policy use scenarios
description: This topic for the IT professional lists the various application control scenarios in which AppLocker policies can be effectively implemented.
ms.assetid: 33f71578-89f0-4063-ac04-cf4f4ca5c31f
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-processes-and-interactions.md b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-processes-and-interactions.md
index 354f073ff9..82be229c35 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-processes-and-interactions.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-processes-and-interactions.md
@@ -1,5 +1,5 @@
---
-title: AppLocker processes and interactions (Windows)
+title: AppLocker processes and interactions
description: This topic for the IT professional describes the process dependencies and interactions when AppLocker evaluates and enforces rules.
ms.assetid: 0beec616-6040-4be7-8703-b6c919755d8e
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-settings.md b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-settings.md
index 43fe8a1ef2..4d62e1248b 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-settings.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-settings.md
@@ -1,5 +1,5 @@
---
-title: AppLocker settings (Windows)
+title: AppLocker settings
description: This topic for the IT professional lists the settings used by AppLocker.
ms.assetid: 9cb4aa19-77c0-4415-9968-bd07dab86839
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-technical-reference.md b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-technical-reference.md
index f9b9a77466..24739dbfcd 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-technical-reference.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-technical-reference.md
@@ -1,5 +1,5 @@
---
-title: AppLocker technical reference (Windows)
+title: AppLocker technical reference
description: This overview topic for IT professionals provides links to the topics in the technical reference.
ms.assetid: 2b2678f8-c46b-4e1d-b8c5-037c0be255ab
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md
index ba4c5228a2..db47a41ae0 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md
@@ -1,5 +1,5 @@
---
-title: Configure an AppLocker policy for audit only (Windows)
+title: Configure an AppLocker policy for audit only
description: This topic for IT professionals describes how to set AppLocker policies to Audit only within your IT environment by using AppLocker.
ms.assetid: 10bc87d5-cc7f-4500-b7b3-9006e50afa50
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-enforce-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-enforce-rules.md
index 32d94d0af1..0eaf785afa 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-enforce-rules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-enforce-rules.md
@@ -1,5 +1,5 @@
---
-title: Configure an AppLocker policy for enforce rules (Windows)
+title: Configure an AppLocker policy for enforce rules
description: This topic for IT professionals describes the steps to enable the AppLocker policy enforcement setting.
ms.assetid: 5dbbb290-a5ae-4f88-82b3-21e95972e66c
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-exceptions-for-an-applocker-rule.md b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-exceptions-for-an-applocker-rule.md
index 66826b4b00..2f81ecf9ea 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-exceptions-for-an-applocker-rule.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-exceptions-for-an-applocker-rule.md
@@ -1,5 +1,5 @@
---
-title: Add exceptions for an AppLocker rule (Windows)
+title: Add exceptions for an AppLocker rule
description: This topic for IT professionals describes the steps to specify which apps can or cannot run as exceptions to an AppLocker rule.
ms.assetid: d15c9d84-c14b-488d-9f48-bf31ff7ff0c5
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-appLocker-reference-device.md b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-appLocker-reference-device.md
index f2263ece50..a9229d7b60 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-appLocker-reference-device.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-appLocker-reference-device.md
@@ -1,5 +1,5 @@
---
-title: Configure the AppLocker reference device (Windows)
+title: Configure the AppLocker reference device
description: This topic for the IT professional describes the steps to create an AppLocker policy platform structure on a reference computer.
ms.assetid: 034bd367-146d-4956-873c-e1e09e6fefee
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-application-identity-service.md b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-application-identity-service.md
index 5f081ad311..7b55776a9f 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-application-identity-service.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-application-identity-service.md
@@ -1,5 +1,5 @@
---
-title: Configure the Application Identity service (Windows)
+title: Configure the Application Identity service
description: This topic for IT professionals shows how to configure the Application Identity service to start automatically or manually.
ms.assetid: dc469599-37fd-448b-b23e-5b8e4f17e561
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps.md b/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps.md
index ff60b9add8..bda3579c22 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps.md
@@ -1,5 +1,5 @@
---
-title: Create a rule for packaged apps (Windows)
+title: Create a rule for packaged apps
description: This article for IT professionals shows how to create an AppLocker rule for packaged apps with a publisher condition.
ms.assetid: e4ffd400-7860-47b3-9118-0e6853c3dfa0
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-file-hash-condition.md b/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-file-hash-condition.md
index 894151f16f..f03d446082 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-file-hash-condition.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-file-hash-condition.md
@@ -1,5 +1,5 @@
---
-title: Create a rule that uses a file hash condition (Windows)
+title: Create a rule that uses a file hash condition
description: This topic for IT professionals shows how to create an AppLocker rule with a file hash condition.
ms.assetid: eb3b3524-1b3b-4979-ba5a-0a0b1280c5c7
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-path-condition.md b/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-path-condition.md
index 6399a404d9..c79af9cb24 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-path-condition.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-path-condition.md
@@ -1,5 +1,5 @@
---
-title: Create a rule that uses a path condition (Windows)
+title: Create a rule that uses a path condition
description: This topic for IT professionals shows how to create an AppLocker rule with a path condition.
ms.assetid: 9b2093f5-5976-45fa-90c3-da1e0e845d95
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-publisher-condition.md b/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-publisher-condition.md
index 89b0d672cf..66440056c3 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-publisher-condition.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-publisher-condition.md
@@ -1,5 +1,5 @@
---
-title: Create a rule that uses a publisher condition (Windows)
+title: Create a rule that uses a publisher condition
description: This topic for IT professionals shows how to create an AppLocker rule with a publisher condition.
ms.assetid: 345ad45f-2bc1-4c4c-946f-17804e29f55b
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/create-applocker-default-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/create-applocker-default-rules.md
index 33534d6a32..d9ad04fc74 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/create-applocker-default-rules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/create-applocker-default-rules.md
@@ -1,5 +1,5 @@
---
-title: Create AppLocker default rules (Windows)
+title: Create AppLocker default rules
description: This topic for IT professionals describes the steps to create a standard set of AppLocker rules that will allow Windows system files to run.
ms.assetid: 21e9dc68-a6f4-4ebe-ac28-4c66a7ab6e18
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/create-list-of-applications-deployed-to-each-business-group.md b/windows/security/threat-protection/windows-defender-application-control/applocker/create-list-of-applications-deployed-to-each-business-group.md
index 6c8c9389cb..014f1edcd3 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/create-list-of-applications-deployed-to-each-business-group.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/create-list-of-applications-deployed-to-each-business-group.md
@@ -1,5 +1,5 @@
---
-title: Create a list of apps deployed to each business group (Windows)
+title: Create a list of apps deployed to each business group
description: This topic describes the process of gathering app usage requirements from each business group to implement application control policies by using AppLocker.
ms.assetid: d713aa07-d732-4bdc-8656-ba616d779321
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-policies.md b/windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-policies.md
index 68d616c899..d632badeea 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-policies.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-policies.md
@@ -1,5 +1,5 @@
---
-title: Create Your AppLocker policies (Windows)
+title: Create Your AppLocker policies
description: This overview topic for the IT professional describes the steps to create an AppLocker policy and prepare it for deployment.
ms.assetid: d339dee2-4da2-4d4a-b46e-f1dfb7cb4bf0
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-rules.md
index 56981ee10e..7f416d3255 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-rules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-rules.md
@@ -1,5 +1,5 @@
---
-title: Create Your AppLocker rules (Windows)
+title: Create Your AppLocker rules
description: This topic for the IT professional describes what you need to know about AppLocker rules and the methods that you can to create rules.
ms.assetid: b684a3a5-929c-4f70-8742-04088022f232
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/delete-an-applocker-rule.md b/windows/security/threat-protection/windows-defender-application-control/applocker/delete-an-applocker-rule.md
index 3d51267223..88f67e4728 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/delete-an-applocker-rule.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/delete-an-applocker-rule.md
@@ -1,5 +1,5 @@
---
-title: Delete an AppLocker rule (Windows)
+title: Delete an AppLocker rule
description: This article for IT professionals describes the steps to delete an AppLocker rule.
ms.assetid: 382b4be3-0df9-4308-89b2-dcf9df351eb5
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md b/windows/security/threat-protection/windows-defender-application-control/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md
index 3e30ca5a13..21b28d7b69 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md
@@ -1,5 +1,5 @@
---
-title: Deploy AppLocker policies by using the enforce rules setting (Windows)
+title: Deploy AppLocker policies by using the enforce rules setting
description: This topic for IT professionals describes the steps to deploy AppLocker policies by using the enforcement setting method.
ms.assetid: fd3a3d25-ff3b-4060-8390-6262a90749ba
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/deploy-the-applocker-policy-into-production.md b/windows/security/threat-protection/windows-defender-application-control/applocker/deploy-the-applocker-policy-into-production.md
index 40c44e6764..ae2ca63f83 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/deploy-the-applocker-policy-into-production.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/deploy-the-applocker-policy-into-production.md
@@ -1,5 +1,5 @@
---
-title: Deploy the AppLocker policy into production (Windows)
+title: Deploy the AppLocker policy into production
description: This topic for the IT professional describes the tasks that should be completed before you deploy AppLocker application control settings.
ms.assetid: ebbb1907-92dc-499e-8cee-8e637483c9ae
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/determine-group-policy-structure-and-rule-enforcement.md b/windows/security/threat-protection/windows-defender-application-control/applocker/determine-group-policy-structure-and-rule-enforcement.md
index ccc988d5ff..21bcfc2b31 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/determine-group-policy-structure-and-rule-enforcement.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/determine-group-policy-structure-and-rule-enforcement.md
@@ -1,5 +1,5 @@
---
-title: Determine the Group Policy structure and rule enforcement (Windows)
+title: Determine the Group Policy structure and rule enforcement
description: This overview topic describes the process to follow when you're planning to deploy AppLocker rules.
ms.assetid: f435fcbe-c7ac-4ef0-9702-729aab64163f
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md b/windows/security/threat-protection/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md
index 975a812d0d..8308562822 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md
@@ -1,5 +1,5 @@
---
-title: Find digitally signed apps on a reference device (Windows)
+title: Find digitally signed apps on a reference device
description: This topic for the IT professional describes how to use AppLocker logs and tools to determine which applications are digitally signed.
ms.assetid: 24609a6b-fdcb-4083-b234-73e23ff8bcb8
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/determine-your-application-control-objectives.md b/windows/security/threat-protection/windows-defender-application-control/applocker/determine-your-application-control-objectives.md
index ed337dd53d..84e059c69f 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/determine-your-application-control-objectives.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/determine-your-application-control-objectives.md
@@ -1,5 +1,5 @@
---
-title: Determine your application control objectives (Windows)
+title: Determine your application control objectives
description: Determine which applications to control and how to control them by comparing Software Restriction Policies (SRP) and AppLocker.
ms.assetid: 0e84003e-6095-46fb-8c4e-2065869bb53b
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md b/windows/security/threat-protection/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md
index 8b93a5a341..a06323374d 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md
@@ -1,5 +1,5 @@
---
-title: Display a custom URL message when users try to run a blocked app (Windows)
+title: Display a custom URL message when users try to run a blocked app
description: This topic for IT professionals describes the steps for displaying a customized message to users when an AppLocker policy denies access to an app.
ms.assetid: 9a2534a5-d1fa-48a9-93c6-989d4857cf85
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/dll-rules-in-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/dll-rules-in-applocker.md
index 4ef55c919d..46473d9aea 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/dll-rules-in-applocker.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/dll-rules-in-applocker.md
@@ -1,5 +1,5 @@
---
-title: DLL rules in AppLocker (Windows)
+title: DLL rules in AppLocker
description: This topic describes the file formats and available default rules for the DLL rule collection.
ms.assetid: a083fd08-c07e-4534-b0e7-1e15d932ce8f
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md b/windows/security/threat-protection/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md
index 2ef4d45309..23268ed540 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md
@@ -1,5 +1,5 @@
---
-title: Document Group Policy structure & AppLocker rule enforcement (Windows)
+title: Document Group Policy structure & AppLocker rule enforcement
description: This planning topic describes what you need to investigate, determine, and record in your application control policies plan when you use AppLocker.
ms.assetid: 389ffa8e-11fc-49ff-b0b1-89553e6fb6e5
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-application-list.md b/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-application-list.md
index 46c2d4bd75..9748146d20 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-application-list.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-application-list.md
@@ -1,5 +1,5 @@
---
-title: Document your app list (Windows)
+title: Document your app list
description: This planning topic describes the app information that you should document when you create a list of apps for AppLocker policies.
ms.assetid: b155284b-f75d-4405-aecf-b74221622dc0
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-applocker-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-applocker-rules.md
index 51b3644c43..e5f75fa28f 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-applocker-rules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-applocker-rules.md
@@ -1,5 +1,5 @@
---
-title: Document your AppLocker rules (Windows)
+title: Document your AppLocker rules
description: Learn how to document your AppLocker rules and associate rule conditions with files, permissions, rule source, and implementation.
ms.assetid: 91a198ce-104a-45ff-b49b-487fb40cd2dd
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/edit-an-applocker-policy.md b/windows/security/threat-protection/windows-defender-application-control/applocker/edit-an-applocker-policy.md
index 3486c2c96a..b336d09cf5 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/edit-an-applocker-policy.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/edit-an-applocker-policy.md
@@ -1,5 +1,5 @@
---
-title: Edit an AppLocker policy (Windows)
+title: Edit an AppLocker policy
description: This topic for IT professionals describes the steps required to modify an AppLocker policy.
ms.assetid: dbc72d1f-3fe0-46c2-aeeb-96621fce7637
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/edit-applocker-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/edit-applocker-rules.md
index d73311a429..46acb129b9 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/edit-applocker-rules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/edit-applocker-rules.md
@@ -1,5 +1,5 @@
---
-title: Edit AppLocker rules (Windows)
+title: Edit AppLocker rules
description: This topic for IT professionals describes the steps to edit a publisher rule, path rule, and file hash rule in AppLocker.
ms.assetid: 80016cda-b915-46a0-83c6-5e6b0b958e32
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/enable-the-dll-rule-collection.md b/windows/security/threat-protection/windows-defender-application-control/applocker/enable-the-dll-rule-collection.md
index 53383e51c3..e38beaacec 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/enable-the-dll-rule-collection.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/enable-the-dll-rule-collection.md
@@ -1,5 +1,5 @@
---
-title: Enable the DLL rule collection (Windows)
+title: Enable the DLL rule collection
description: This topic for IT professionals describes the steps to enable the DLL rule collection feature for AppLocker.
ms.assetid: 88ef9561-6eb2-491a-803a-b8cdbfebae27
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/enforce-applocker-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/enforce-applocker-rules.md
index 269b7e0c0a..70a2dfe070 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/enforce-applocker-rules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/enforce-applocker-rules.md
@@ -1,5 +1,5 @@
---
-title: Enforce AppLocker rules (Windows)
+title: Enforce AppLocker rules
description: This topic for IT professionals describes how to enforce application control rules by using AppLocker.
ms.assetid: e1528b7b-77f2-4419-8e27-c9cc3721d96d
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/executable-rules-in-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/executable-rules-in-applocker.md
index 1be63d7bd3..1d3fbf552a 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/executable-rules-in-applocker.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/executable-rules-in-applocker.md
@@ -1,5 +1,5 @@
---
-title: Executable rules in AppLocker (Windows)
+title: Executable rules in AppLocker
description: This topic describes the file formats and available default rules for the executable rule collection.
ms.assetid: 65e62f90-6caa-48f8-836a-91f8ac9018ee
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-from-a-gpo.md b/windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-from-a-gpo.md
index 103730016d..7b838b91ae 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-from-a-gpo.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-from-a-gpo.md
@@ -1,5 +1,5 @@
---
-title: Export an AppLocker policy from a GPO (Windows)
+title: Export an AppLocker policy from a GPO
description: This topic for IT professionals describes the steps to export an AppLocker policy from a Group Policy Object (GPO) so that it can be modified.
ms.assetid: 7db59719-a8be-418b-bbfd-22cf2176c9c0
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-to-an-xml-file.md b/windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-to-an-xml-file.md
index 136220fec8..2dc105b517 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-to-an-xml-file.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-to-an-xml-file.md
@@ -1,5 +1,5 @@
---
-title: Export an AppLocker policy to an XML file (Windows)
+title: Export an AppLocker policy to an XML file
description: This topic for IT professionals describes the steps to export an AppLocker policy to an XML file for review or testing.
ms.assetid: 979bd23f-6815-478b-a6a4-a25239cb1080
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/how-applocker-works-techref.md b/windows/security/threat-protection/windows-defender-application-control/applocker/how-applocker-works-techref.md
index a684de3cd7..40f88e9b91 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/how-applocker-works-techref.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/how-applocker-works-techref.md
@@ -1,5 +1,5 @@
---
-title: How AppLocker works (Windows)
+title: How AppLocker works
description: This topic for the IT professional provides links to topics about AppLocker architecture and components, processes and interactions, rules and policies.
ms.assetid: 24bb1d73-0ff5-4af7-8b8a-2fa44d4ddbcd
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-from-another-computer.md b/windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-from-another-computer.md
index c25ac7d908..4ce5fe6eb6 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-from-another-computer.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-from-another-computer.md
@@ -1,5 +1,5 @@
---
-title: Import an AppLocker policy from another computer (Windows)
+title: Import an AppLocker policy from another computer
description: This topic for IT professionals describes how to import an AppLocker policy.
ms.assetid: b48cb2b2-8ef8-4cc0-89bd-309d0b1832f6
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-into-a-gpo.md b/windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-into-a-gpo.md
index 9683aef8f7..71fb649374 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-into-a-gpo.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-into-a-gpo.md
@@ -1,5 +1,5 @@
---
-title: Import an AppLocker policy into a GPO (Windows)
+title: Import an AppLocker policy into a GPO
description: This topic for IT professionals describes the steps to import an AppLocker policy into a Group Policy Object (GPO).
ms.assetid: 0629ce44-f5e2-48a8-ba47-06544c73261f
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/maintain-applocker-policies.md b/windows/security/threat-protection/windows-defender-application-control/applocker/maintain-applocker-policies.md
index 41c1a9a0e4..551719338a 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/maintain-applocker-policies.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/maintain-applocker-policies.md
@@ -1,5 +1,5 @@
---
-title: Maintain AppLocker policies (Windows)
+title: Maintain AppLocker policies
description: Learn how to maintain rules within AppLocker policies. View common AppLocker maintenance scenarios and see the methods to use to maintain AppLocker policies.
ms.assetid: b4fbfdfe-ef3d-49e0-a390-f2dfe74602bc
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker.md
index 814136c5f1..1f192ee5b6 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker.md
@@ -1,5 +1,5 @@
---
-title: Manage packaged apps with AppLocker (Windows)
+title: Manage packaged apps with AppLocker
description: Learn concepts and lists procedures to help you manage packaged apps with AppLocker as part of your overall application control strategy.
ms.assetid: 6d0c99e7-0284-4547-a30a-0685a9916650
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md b/windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md
index 63bcac7d18..f800cda2fe 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md
@@ -1,5 +1,5 @@
---
-title: Merge AppLocker policies by using Set-ApplockerPolicy (Windows)
+title: Merge AppLocker policies by using Set-ApplockerPolicy
description: This topic for IT professionals describes the steps to merge AppLocker policies by using Windows PowerShell.
ms.assetid: f1c7d5c0-463e-4fe2-a410-844a404f18d0
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-manually.md b/windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-manually.md
index 4b8c2836f8..07851d0989 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-manually.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-manually.md
@@ -1,5 +1,5 @@
---
-title: Merge AppLocker policies manually (Windows)
+title: Merge AppLocker policies manually
description: This topic for IT professionals describes the steps to manually merge AppLocker policies to update the Group Policy Object (GPO).
ms.assetid: 3605f293-e5f2-481d-8efd-775f9f23c30f
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/monitor-application-usage-with-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/monitor-application-usage-with-applocker.md
index 9df3828e59..c0e644de33 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/monitor-application-usage-with-applocker.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/monitor-application-usage-with-applocker.md
@@ -1,5 +1,5 @@
---
-title: Monitor app usage with AppLocker (Windows)
+title: Monitor app usage with AppLocker
description: This topic for IT professionals describes how to monitor app usage when AppLocker policies are applied.
ms.assetid: 0516da6e-ebe4-45b4-a97b-31daba96d1cf
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/optimize-applocker-performance.md b/windows/security/threat-protection/windows-defender-application-control/applocker/optimize-applocker-performance.md
index b588a17ed6..cca5552fbb 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/optimize-applocker-performance.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/optimize-applocker-performance.md
@@ -1,5 +1,5 @@
---
-title: Optimize AppLocker performance (Windows)
+title: Optimize AppLocker performance
description: This topic for IT professionals describes how to optimize AppLocker policy enforcement.
ms.assetid: a20efa20-bc98-40fe-bd81-28ec4905e0f6
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md
index 74a9350ddd..3c367e9dad 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md
@@ -1,5 +1,5 @@
---
-title: Packaged apps and packaged app installer rules in AppLocker (Windows)
+title: Packaged apps and packaged app installer rules in AppLocker
description: This topic explains the AppLocker rule collection for packaged app installers and packaged apps.
ms.assetid: 8fd44d08-a0c2-4c5b-a91f-5cb9989f971d
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/plan-for-applocker-policy-management.md b/windows/security/threat-protection/windows-defender-application-control/applocker/plan-for-applocker-policy-management.md
index b45b475826..8384c7debf 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/plan-for-applocker-policy-management.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/plan-for-applocker-policy-management.md
@@ -1,5 +1,5 @@
---
-title: Plan for AppLocker policy management (Windows)
+title: Plan for AppLocker policy management
description: This topic describes the decisions you need to make to establish the processes for managing and maintaining AppLocker policies.
ms.assetid: dccc196f-6ae0-4ae4-853a-a3312b18751b
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/refresh-an-applocker-policy.md b/windows/security/threat-protection/windows-defender-application-control/applocker/refresh-an-applocker-policy.md
index 5deca1e65f..5aa365b37a 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/refresh-an-applocker-policy.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/refresh-an-applocker-policy.md
@@ -1,5 +1,5 @@
---
-title: Refresh an AppLocker policy (Windows)
+title: Refresh an AppLocker policy
description: This topic for IT professionals describes the steps to force an update for an AppLocker policy.
ms.assetid: 3f24fcbc-3926-46b9-a1a2-dd036edab8a9
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies.md b/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies.md
index 3b4cf38cad..5df2060dbd 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies.md
@@ -1,5 +1,5 @@
---
-title: Requirements for deploying AppLocker policies (Windows)
+title: Requirements for deploying AppLocker policies
description: This deployment topic for the IT professional lists the requirements that you need to consider before you deploy AppLocker policies.
ms.assetid: 3e55bda2-3cd7-42c7-bad3-c7dfbe193d48
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-to-use-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-to-use-applocker.md
index 56ce82d42e..23c6363413 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-to-use-applocker.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-to-use-applocker.md
@@ -1,5 +1,5 @@
---
-title: Requirements to use AppLocker (Windows)
+title: Requirements to use AppLocker
description: This topic for the IT professional lists software requirements to use AppLocker on the supported Windows operating systems.
ms.assetid: dc380535-071e-4794-8f9d-e5d1858156f0
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/run-the-automatically-generate-rules-wizard.md b/windows/security/threat-protection/windows-defender-application-control/applocker/run-the-automatically-generate-rules-wizard.md
index 150729a9d8..f02e55d1b8 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/run-the-automatically-generate-rules-wizard.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/run-the-automatically-generate-rules-wizard.md
@@ -1,5 +1,5 @@
---
-title: Run the Automatically Generate Rules wizard (Windows)
+title: Run the Automatically Generate Rules wizard
description: This topic for IT professionals describes steps to run the wizard to create AppLocker rules on a reference device.
ms.assetid: 8cad1e14-d5b2-437c-8f88-70cffd7b3d8e
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/script-rules-in-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/script-rules-in-applocker.md
index baee48ce11..77e77e2f49 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/script-rules-in-applocker.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/script-rules-in-applocker.md
@@ -1,5 +1,5 @@
---
-title: Script rules in AppLocker (Windows)
+title: Script rules in AppLocker
description: This article describes the file formats and available default rules for the script rule collection.
ms.assetid: fee24ca4-935a-4c5e-8a92-8cf1d134d35f
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/security-considerations-for-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/security-considerations-for-applocker.md
index ac8ec9e988..ddcf98dc38 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/security-considerations-for-applocker.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/security-considerations-for-applocker.md
@@ -1,5 +1,5 @@
---
-title: Security considerations for AppLocker (Windows)
+title: Security considerations for AppLocker
description: This topic for the IT professional describes the security considerations you need to address when implementing AppLocker.
ms.assetid: 354a5abb-7b31-4bea-a442-aa9666117625
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/select-types-of-rules-to-create.md b/windows/security/threat-protection/windows-defender-application-control/applocker/select-types-of-rules-to-create.md
index 2e5f803568..43ddf77312 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/select-types-of-rules-to-create.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/select-types-of-rules-to-create.md
@@ -1,5 +1,5 @@
---
-title: Select the types of rules to create (Windows)
+title: Select the types of rules to create
description: This topic lists resources you can use when selecting your application control policy rules by using AppLocker.
ms.assetid: 14751169-0ed1-47cc-822c-8c01a7477784
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md b/windows/security/threat-protection/windows-defender-application-control/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md
index 7fb6397c08..44df75bc53 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md
@@ -1,5 +1,5 @@
---
-title: Test an AppLocker policy by using Test-AppLockerPolicy (Windows)
+title: Test an AppLocker policy by using Test-AppLockerPolicy
description: This topic for IT professionals describes the steps to test an AppLocker policy prior to importing it into a Group Policy Object (GPO) or another computer.
ms.assetid: 048bfa38-6825-4a9a-ab20-776cf79f402a
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/test-and-update-an-applocker-policy.md b/windows/security/threat-protection/windows-defender-application-control/applocker/test-and-update-an-applocker-policy.md
index bbb9138590..9a6dd54ca3 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/test-and-update-an-applocker-policy.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/test-and-update-an-applocker-policy.md
@@ -1,5 +1,5 @@
---
-title: Test and update an AppLocker policy (Windows)
+title: Test and update an AppLocker policy
description: This topic discusses the steps required to test an AppLocker policy prior to deployment.
ms.assetid: 7d53cbef-078c-4d20-8b00-e821e33b6ea1
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/tools-to-use-with-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/tools-to-use-with-applocker.md
index 2d9b935f73..9ce6b9e70c 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/tools-to-use-with-applocker.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/tools-to-use-with-applocker.md
@@ -1,5 +1,5 @@
---
-title: Tools to use with AppLocker (Windows)
+title: Tools to use with AppLocker
description: This topic for the IT professional describes the tools available to create and administer AppLocker policies.
ms.assetid: db2b7cb3-7643-4be5-84eb-46ba551e1ad1
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-enforcement-settings.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-enforcement-settings.md
index 47499212fa..9b4ba84412 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-enforcement-settings.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-enforcement-settings.md
@@ -1,5 +1,5 @@
---
-title: Understand AppLocker enforcement settings (Windows)
+title: Understand AppLocker enforcement settings
description: This topic describes the AppLocker enforcement settings for rule collections.
ms.assetid: 48773007-a343-40bf-8961-b3ff0a450d7e
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions.md
index f7ca9620ab..7fb08dd316 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions.md
@@ -1,5 +1,5 @@
---
-title: Understand AppLocker policy design decisions (Windows)
+title: Understand AppLocker policy design decisions
description: Review some common considerations while you're planning to use AppLocker to deploy application control policies within a Windows environment.
ms.assetid: 3475def8-949a-4b51-b480-dc88b5c1e6e6
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md
index d763f4b0e4..e0f5c0575d 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md
@@ -1,5 +1,5 @@
---
-title: Understand AppLocker rules and enforcement setting inheritance in Group Policy (Windows)
+title: Understand AppLocker rules and enforcement setting inheritance in Group Policy
description: This topic for the IT professional describes how application control policies configured in AppLocker are applied through Group Policy.
ms.assetid: c1c5a3d3-540a-4698-83b5-0dab5d27d871
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understand-the-applocker-policy-deployment-process.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understand-the-applocker-policy-deployment-process.md
index d151bd9066..82fc009a1b 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/understand-the-applocker-policy-deployment-process.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understand-the-applocker-policy-deployment-process.md
@@ -1,5 +1,5 @@
---
-title: Understand the AppLocker policy deployment process (Windows)
+title: Understand the AppLocker policy deployment process
description: This planning and deployment topic for the IT professional describes the process for using AppLocker when deploying application control policies.
ms.assetid: 4cfd95c1-fbd3-41fa-8efc-d23c1ea6fb16
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md
index d400c84233..1e8aee1c7e 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md
@@ -1,5 +1,5 @@
---
-title: Understanding AppLocker allow and deny actions on rules (Windows)
+title: Understanding AppLocker allow and deny actions on rules
description: This topic explains the differences between allow and deny actions on AppLocker rules.
ms.assetid: ea0370fa-2086-46b5-a0a4-4a7ead8cbed9
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-default-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-default-rules.md
index b788a6f151..d15cdff954 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-default-rules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-default-rules.md
@@ -1,5 +1,5 @@
---
-title: Understanding AppLocker default rules (Windows)
+title: Understanding AppLocker default rules
description: This topic for IT professional describes the set of rules that can be used to ensure that required Windows system files are allowed to run when the policy is applied.
ms.assetid: bdb03d71-05b7-41fb-96e3-a289ce1866e1
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-behavior.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-behavior.md
index 2d992cfb44..a54b284804 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-behavior.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-behavior.md
@@ -1,5 +1,5 @@
---
-title: Understanding AppLocker rule behavior (Windows)
+title: Understanding AppLocker rule behavior
description: This topic describes how AppLocker rules are enforced by using the allow and deny options in AppLocker.
ms.assetid: 3e2738a3-8041-4095-8a84-45c1894c97d0
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-collections.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-collections.md
index 19e74d5246..94c277a12b 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-collections.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-collections.md
@@ -1,5 +1,5 @@
---
-title: Understanding AppLocker rule collections (Windows)
+title: Understanding AppLocker rule collections
description: This topic explains the five different types of AppLocker rules used to enforce AppLocker policies.
ms.assetid: 03c05466-4fb3-4880-8d3c-0f6f59fc5579
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-condition-types.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-condition-types.md
index 06884a0057..7bdf8b04f3 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-condition-types.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-condition-types.md
@@ -1,5 +1,5 @@
---
-title: Understanding AppLocker rule condition types (Windows)
+title: Understanding AppLocker rule condition types
description: This topic for the IT professional describes the three types of AppLocker rule conditions.
ms.assetid: c21af67f-60a1-4f7d-952c-a6f769c74729
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-exceptions.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-exceptions.md
index 2696d75f86..4ac6b603d7 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-exceptions.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-exceptions.md
@@ -1,5 +1,5 @@
---
-title: Understanding AppLocker rule exceptions (Windows)
+title: Understanding AppLocker rule exceptions
description: This topic describes the result of applying AppLocker rule exceptions to rule collections.
ms.assetid: e6bb349f-ee60-4c8d-91cd-6442f2d0eb9c
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-file-hash-rule-condition-in-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-file-hash-rule-condition-in-applocker.md
index a89e0a624e..0582d50ebd 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-file-hash-rule-condition-in-applocker.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-file-hash-rule-condition-in-applocker.md
@@ -1,5 +1,5 @@
---
-title: Understanding the file hash rule condition in AppLocker (Windows)
+title: Understanding the file hash rule condition in AppLocker
description: This topic explains the AppLocker file hash rule condition, the advantages and disadvantages, and how it's applied.
ms.assetid: 4c6d9af4-2b1a-40f4-8758-1a6f9f147756
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-path-rule-condition-in-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-path-rule-condition-in-applocker.md
index 7dbac718ff..2e970ac2c4 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-path-rule-condition-in-applocker.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-path-rule-condition-in-applocker.md
@@ -1,5 +1,5 @@
---
-title: Understanding the path rule condition in AppLocker (Windows)
+title: Understanding the path rule condition in AppLocker
description: This topic explains the AppLocker path rule condition, the advantages and disadvantages, and how it's applied.
ms.assetid: 3fa54ded-4466-4f72-bea4-2612031cad43
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-publisher-rule-condition-in-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-publisher-rule-condition-in-applocker.md
index 351eeb599a..76fed21426 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-publisher-rule-condition-in-applocker.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-publisher-rule-condition-in-applocker.md
@@ -1,5 +1,5 @@
---
-title: Understanding the publisher rule condition in AppLocker (Windows)
+title: Understanding the publisher rule condition in AppLocker
description: This topic explains the AppLocker publisher rule condition, what controls are available, and how it's applied.
ms.assetid: df61ed8f-a97e-4644-9d0a-2169f18c1c4f
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md b/windows/security/threat-protection/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md
index 2a927654c2..e63ab0e64b 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md
@@ -1,5 +1,5 @@
---
-title: Use a reference device to create and maintain AppLocker policies (Windows)
+title: Use a reference device to create and maintain AppLocker policies
description: This topic for the IT professional describes the steps to create and maintain AppLocker policies by using a reference computer.
ms.assetid: 10c3597f-f44c-4c8e-8fe5-105d4ac016a6
ms.author: vinpa
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain.md b/windows/security/threat-protection/windows-defender-application-control/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain.md
index e78953a494..1cfb01105a 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain.md
@@ -1,5 +1,5 @@
---
-title: Use AppLocker and Software Restriction Policies in the same domain (Windows)
+title: Use AppLocker and Software Restriction Policies in the same domain
description: This article for IT professionals describes concepts and procedures to help you manage your application control strategy using Software Restriction Policies and AppLocker.
ms.assetid: 2b7e0cec-df62-49d6-a2b7-6b8e30180943
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets.md b/windows/security/threat-protection/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets.md
index e73b867fa3..6c0c369c78 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets.md
@@ -1,5 +1,5 @@
---
-title: Use the AppLocker Windows PowerShell cmdlets (Windows)
+title: Use the AppLocker Windows PowerShell cmdlets
description: This topic for IT professionals describes how each AppLocker Windows PowerShell cmdlet can help you administer your AppLocker application control policies.
ms.assetid: 374e029c-5c0a-44ab-a57a-2a9dd17dc57d
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md
index 00a6cb48d3..c7de76bb21 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md
@@ -1,5 +1,5 @@
---
-title: Using Event Viewer with AppLocker (Windows)
+title: Using Event Viewer with AppLocker
description: This article lists AppLocker events and describes how to use Event Viewer with AppLocker.
ms.assetid: 109abb10-78b1-4c29-a576-e5a17dfeb916
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/using-software-restriction-policies-and-applocker-policies.md b/windows/security/threat-protection/windows-defender-application-control/applocker/using-software-restriction-policies-and-applocker-policies.md
index 0ec75fc106..b7aec02c5b 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/using-software-restriction-policies-and-applocker-policies.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/using-software-restriction-policies-and-applocker-policies.md
@@ -1,5 +1,5 @@
---
-title: Use Software Restriction Policies and AppLocker policies (Windows)
+title: Use Software Restriction Policies and AppLocker policies
description: This topic for the IT professional describes how to use Software Restriction Policies (SRP) and AppLocker policies in the same Windows deployment.
ms.assetid: c3366be7-e632-4add-bd10-9df088f74c6d
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/what-is-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/what-is-applocker.md
index 3f53833251..3a6fb08e52 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/what-is-applocker.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/what-is-applocker.md
@@ -1,5 +1,5 @@
---
-title: What Is AppLocker (Windows)
+title: What Is AppLocker
description: This topic for the IT professional describes what AppLocker is and how its features differ from Software Restriction Policies.
ms.assetid: 44a8a2bb-0f83-4f95-828e-1f364fb65869
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/windows-installer-rules-in-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/windows-installer-rules-in-applocker.md
index 252b66b015..43981062e8 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/windows-installer-rules-in-applocker.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/windows-installer-rules-in-applocker.md
@@ -1,5 +1,5 @@
---
-title: Windows Installer rules in AppLocker (Windows)
+title: Windows Installer rules in AppLocker
description: This topic describes the file formats and available default rules for the Windows Installer rule collection.
ms.assetid: 3fecde5b-88b3-4040-81fa-a2d36d052ec9
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-policies.md b/windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-policies.md
index 85bfc0c2f0..ca6e21acbd 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-policies.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-policies.md
@@ -1,5 +1,5 @@
---
-title: Working with AppLocker policies (Windows)
+title: Working with AppLocker policies
description: This topic for IT professionals provides links to procedural topics about creating, maintaining, and testing AppLocker policies.
ms.assetid: 7062d2e0-9cbb-4cb8-aa8c-b24945c3771d
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-rules.md
index e746c84f0f..2cec2568d1 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-rules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-rules.md
@@ -1,5 +1,5 @@
---
-title: Working with AppLocker rules (Windows)
+title: Working with AppLocker rules
description: This topic for IT professionals describes AppLocker rule types and how to work with them for your application control policies.
ms.assetid: 3966b35b-f2da-4371-8b5f-aec031db6bc9
ms.reviewer:
diff --git a/windows/security/threat-protection/windows-defender-application-control/audit-windows-defender-application-control-policies.md b/windows/security/threat-protection/windows-defender-application-control/audit-windows-defender-application-control-policies.md
index ca6fa6c251..356adb95d7 100644
--- a/windows/security/threat-protection/windows-defender-application-control/audit-windows-defender-application-control-policies.md
+++ b/windows/security/threat-protection/windows-defender-application-control/audit-windows-defender-application-control-policies.md
@@ -1,5 +1,5 @@
---
-title: Use audit events to create WDAC policy rules (Windows)
+title: Use audit events to create WDAC policy rules
description: Audits allow admins to discover apps, binaries, and scripts that should be added to the WDAC policy.
keywords: security, malware
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
diff --git a/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md b/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md
index 2b03d8a6f4..9c86b54151 100644
--- a/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md
+++ b/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md
@@ -1,5 +1,5 @@
---
-title: Allow apps deployed with a WDAC managed installer (Windows)
+title: Allow apps deployed with a WDAC managed installer
description: Explains how to configure a custom Managed Installer.
keywords: security, malware
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
diff --git a/windows/security/threat-protection/windows-defender-application-control/configure-wdac-managed-installer.md b/windows/security/threat-protection/windows-defender-application-control/configure-wdac-managed-installer.md
index d1947bc8fe..6be18a4bd1 100644
--- a/windows/security/threat-protection/windows-defender-application-control/configure-wdac-managed-installer.md
+++ b/windows/security/threat-protection/windows-defender-application-control/configure-wdac-managed-installer.md
@@ -1,5 +1,5 @@
---
-title: Managed installer and ISG technical reference and troubleshooting guide (Windows)
+title: Managed installer and ISG technical reference and troubleshooting guide
description: Explains how to configure a custom Manged Installer.
keywords: security, malware
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
diff --git a/windows/security/threat-protection/windows-defender-application-control/create-code-signing-cert-for-windows-defender-application-control.md b/windows/security/threat-protection/windows-defender-application-control/create-code-signing-cert-for-windows-defender-application-control.md
index 982c07dd6a..8050e17b08 100644
--- a/windows/security/threat-protection/windows-defender-application-control/create-code-signing-cert-for-windows-defender-application-control.md
+++ b/windows/security/threat-protection/windows-defender-application-control/create-code-signing-cert-for-windows-defender-application-control.md
@@ -1,5 +1,5 @@
---
-title: Create a code signing cert for Windows Defender Application Control (Windows)
+title: Create a code signing cert for Windows Defender Application Control
description: Learn how to set up a publicly issued code signing certificate, so you can sign catalog files or WDAC policies internally.
keywords: security, malware
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
diff --git a/windows/security/threat-protection/windows-defender-application-control/create-initial-default-policy.md b/windows/security/threat-protection/windows-defender-application-control/create-initial-default-policy.md
index 453207654b..7a10547365 100644
--- a/windows/security/threat-protection/windows-defender-application-control/create-initial-default-policy.md
+++ b/windows/security/threat-protection/windows-defender-application-control/create-initial-default-policy.md
@@ -1,5 +1,5 @@
---
-title: Create a WDAC policy using a reference computer (Windows)
+title: Create a WDAC policy using a reference computer
description: To create a Windows Defender Application Control (WDAC) policy that allows all code installed on a reference computer within your organization, follow this guide.
keywords: security, malware
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
diff --git a/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-fully-managed-devices.md b/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-fully-managed-devices.md
index a100094dc2..d19e40f9be 100644
--- a/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-fully-managed-devices.md
+++ b/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-fully-managed-devices.md
@@ -1,5 +1,5 @@
---
-title: Create a WDAC policy for fully managed devices (Windows)
+title: Create a WDAC policy for fully managed devices
description: Windows Defender Application Control restricts which applications users are allowed to run and the code that runs in system core.
keywords: security, malware
ms.topic: conceptual
diff --git a/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-lightly-managed-devices.md b/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-lightly-managed-devices.md
index aa3f0aa5f6..af912de157 100644
--- a/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-lightly-managed-devices.md
+++ b/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-lightly-managed-devices.md
@@ -1,5 +1,5 @@
---
-title: Create a WDAC policy for lightly managed devices (Windows)
+title: Create a WDAC policy for lightly managed devices
description: Windows Defender Application Control restricts which applications users are allowed to run and the code that runs in the system core.
keywords: security, malware
ms.topic: conceptual
diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md b/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md
index 36a2141386..63c927ae1a 100644
--- a/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md
+++ b/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md
@@ -1,5 +1,5 @@
---
-title: Use multiple Windows Defender Application Control Policies (Windows)
+title: Use multiple Windows Defender Application Control Policies
description: Windows Defender Application Control supports multiple code integrity policies for one device.
keywords: security, malware
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
diff --git a/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-wdac-policies-with-script.md b/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-wdac-policies-with-script.md
index 75b9c25b5d..cd5c8ce323 100644
--- a/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-wdac-policies-with-script.md
+++ b/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-wdac-policies-with-script.md
@@ -1,5 +1,5 @@
---
-title: Deploy Windows Defender Application Control (WDAC) policies using script (Windows)
+title: Deploy Windows Defender Application Control (WDAC) policies using script
description: Use scripts to deploy Windows Defender Application Control (WDAC) policies. Learn how with this step-by-step guide.
keywords: security, malware
ms.prod: windows-client
diff --git a/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-windows-defender-application-control-policies-using-group-policy.md b/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-windows-defender-application-control-policies-using-group-policy.md
index 6562b00f12..5c703094c7 100644
--- a/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-windows-defender-application-control-policies-using-group-policy.md
+++ b/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-windows-defender-application-control-policies-using-group-policy.md
@@ -1,5 +1,5 @@
---
-title: Deploy WDAC policies via Group Policy (Windows)
+title: Deploy WDAC policies via Group Policy
description: Windows Defender Application Control (WDAC) policies can easily be deployed and managed with Group Policy. Learn how by following this step-by-step guide.
keywords: security, malware
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
diff --git a/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-windows-defender-application-control-policies-using-intune.md b/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-windows-defender-application-control-policies-using-intune.md
index 804ef93a26..83e3847164 100644
--- a/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-windows-defender-application-control-policies-using-intune.md
+++ b/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-windows-defender-application-control-policies-using-intune.md
@@ -1,5 +1,5 @@
---
-title: Deploy WDAC policies using Mobile Device Management (MDM) (Windows)
+title: Deploy WDAC policies using Mobile Device Management (MDM)
description: You can use an MDM like Microsoft Intune to configure Windows Defender Application Control (WDAC). Learn how with this step-by-step guide.
ms.prod: windows-client
ms.technology: itpro-security
diff --git a/windows/security/threat-protection/windows-defender-application-control/design/script-enforcement.md b/windows/security/threat-protection/windows-defender-application-control/design/script-enforcement.md
index 1ddb9f84ba..5975fa917b 100644
--- a/windows/security/threat-protection/windows-defender-application-control/design/script-enforcement.md
+++ b/windows/security/threat-protection/windows-defender-application-control/design/script-enforcement.md
@@ -9,7 +9,7 @@ ms.reviewer: jogeurte
ms.author: jogeurte
ms.manager: jsuther
manager: aaroncz
-ms.date: 04/05/2023
+ms.date: 05/26/2023
ms.technology: itpro-security
ms.topic: article
ms.localizationpriority: medium
@@ -27,7 +27,7 @@ ms.localizationpriority: medium
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
> [!IMPORTANT]
-> Option **11 Disabled:Script Enforcement** is not supported on **Windows Server 2016** and should not be used on that platform. Doing so may result in unexpected script enforcement behaviors.
+> Option **11 Disabled:Script Enforcement** is not supported on **Windows Server 2016** or on **Windows 10 1607 LTSB** and should not be used on those platforms. Doing so will result in unexpected script enforcement behaviors.
## Script enforcement overview
diff --git a/windows/security/threat-protection/windows-defender-application-control/disable-windows-defender-application-control-policies.md b/windows/security/threat-protection/windows-defender-application-control/disable-windows-defender-application-control-policies.md
index abd3fc56ae..be973cf600 100644
--- a/windows/security/threat-protection/windows-defender-application-control/disable-windows-defender-application-control-policies.md
+++ b/windows/security/threat-protection/windows-defender-application-control/disable-windows-defender-application-control-policies.md
@@ -1,5 +1,5 @@
---
-title: Remove Windows Defender Application Control policies (Windows)
+title: Remove Windows Defender Application Control policies
description: Learn how to disable both signed and unsigned Windows Defender Application Control policies, within Windows and within the BIOS.
keywords: security, malware
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
diff --git a/windows/security/threat-protection/windows-defender-application-control/enforce-windows-defender-application-control-policies.md b/windows/security/threat-protection/windows-defender-application-control/enforce-windows-defender-application-control-policies.md
index 0bf9b9d1f5..082b0a5d27 100644
--- a/windows/security/threat-protection/windows-defender-application-control/enforce-windows-defender-application-control-policies.md
+++ b/windows/security/threat-protection/windows-defender-application-control/enforce-windows-defender-application-control-policies.md
@@ -1,5 +1,5 @@
---
-title: Enforce Windows Defender Application Control (WDAC) policies (Windows)
+title: Enforce Windows Defender Application Control (WDAC) policies
description: Learn how to switch a WDAC policy from audit to enforced mode.
keywords: security, malware
ms.prod: windows-client
diff --git a/windows/security/threat-protection/windows-defender-application-control/event-tag-explanations.md b/windows/security/threat-protection/windows-defender-application-control/event-tag-explanations.md
index cc7b86329f..b48aea608c 100644
--- a/windows/security/threat-protection/windows-defender-application-control/event-tag-explanations.md
+++ b/windows/security/threat-protection/windows-defender-application-control/event-tag-explanations.md
@@ -1,5 +1,5 @@
---
-title: Understanding Application Control event tags (Windows)
+title: Understanding Application Control event tags
description: Learn what different Windows Defender Application Control event tags signify.
keywords: security, malware
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
diff --git a/windows/security/threat-protection/windows-defender-application-control/feature-availability.md b/windows/security/threat-protection/windows-defender-application-control/feature-availability.md
index 53ab972b90..6a4d3454bd 100644
--- a/windows/security/threat-protection/windows-defender-application-control/feature-availability.md
+++ b/windows/security/threat-protection/windows-defender-application-control/feature-availability.md
@@ -8,7 +8,7 @@ author: jgeurten
ms.reviewer: aaroncz
ms.author: jogeurte
manager: aaroncz
-ms.date: 11/02/2022
+ms.date: 05/26/2023
ms.custom: asr
ms.topic: overview
---
@@ -31,6 +31,7 @@ ms.topic: overview
| Management solutions |
- [Intune](./deployment/deploy-windows-defender-application-control-policies-using-intune.md)
- [Microsoft Configuration Manager](/configmgr/protect/deploy-use/use-device-guard-with-configuration-manager) (limited built-in policies or custom policy deployment via software distribution)
- [Group policy](./deployment/deploy-windows-defender-application-control-policies-using-group-policy.md)
- [Script](/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-wdac-policies-with-script)
| - [Intune](/windows/client-management/mdm/applocker-csp) (custom policy deployment via OMA-URI only)
- Configuration Manager (custom policy deployment via software distribution only)
- [Group Policy](./applocker/determine-group-policy-structure-and-rule-enforcement.md)
- PowerShell
|
| Per-User and Per-User group rules | Not available (policies are device-wide). | Available on Windows 8+. |
| Kernel mode policies | Available on Windows 10, Windows 11, and Windows Server 2016 or later. | Not available. |
+| [Rule option 11 - Disabled:Script Enforcement](/windows/security/threat-protection/windows-defender-application-control/design/script-enforcement) | Available on all versions of Windows 10 except 1607 LTSB, Windows 11, and Windows Server 2019 and above. **Disabled:Script Enforcement** is not supported on **Windows Server 2016** or on **Windows 10 1607 LTSB** and should not be used on those platforms. Doing so will result in unexpected script enforcement behaviors. | MSI and Script rule collection is separately configurable. |
| [Per-app rules](/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules) | Available on Windows 10, Windows 11, and Windows Server 2019 or later. | Not available. |
| [Managed Installer (MI)](/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer) | Available on Windows 10, Windows 11, and Windows Server 2019 or later. | Not available. |
| [Reputation-Based intelligence](/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph) | Available on Windows 10, Windows 11, and Windows Server 2019 or later. | Not available. |
diff --git a/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md b/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md
index 47ef560b03..aa63cd5b61 100644
--- a/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md
+++ b/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md
@@ -1,5 +1,5 @@
---
-title: Manage packaged apps with WDAC (Windows)
+title: Manage packaged apps with WDAC
description: Packaged apps, also known as Universal Windows apps, allow you to control the entire app by using a single Windows Defender Application Control (WDAC) rule.
keywords: security, malware
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
diff --git a/windows/security/threat-protection/windows-defender-application-control/merge-windows-defender-application-control-policies.md b/windows/security/threat-protection/windows-defender-application-control/merge-windows-defender-application-control-policies.md
index 80865556cc..53b1e0a448 100644
--- a/windows/security/threat-protection/windows-defender-application-control/merge-windows-defender-application-control-policies.md
+++ b/windows/security/threat-protection/windows-defender-application-control/merge-windows-defender-application-control-policies.md
@@ -1,5 +1,5 @@
---
-title: Merge Windows Defender Application Control policies (WDAC) (Windows)
+title: Merge Windows Defender Application Control policies (WDAC)
description: Learn how to merge WDAC policies as part of your policy lifecycle management.
keywords: security, malware
ms.prod: windows-client
diff --git a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
index a03dd12363..cae9d23e45 100644
--- a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
@@ -1,5 +1,5 @@
---
-title: Microsoft recommended driver block rules (Windows)
+title: Microsoft recommended driver block rules
description: View a list of recommended block rules to block vulnerable third-party drivers discovered by Microsoft and the security research community.
keywords: security, malware, kernel mode, driver
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
@@ -100,7 +100,7 @@ To check that the policy was successfully applied on your computer:
```xml
- 10.0.25310.0
+ 10.0.25860.0
{2E07F7E4-194C-4D20-B7C9-6F44A6C5A234}
@@ -583,6 +583,14 @@ To check that the policy was successfully applied on your computer:
+
+
+
+
+
+
+
+
@@ -828,14 +836,6 @@ To check that the policy was successfully applied on your computer:
-
-
-
-
-
-
-
-
@@ -1009,6 +1009,10 @@ To check that the policy was successfully applied on your computer:
+
+
+
+
@@ -1041,6 +1045,10 @@ To check that the policy was successfully applied on your computer:
+
+
+
+
@@ -1055,6 +1063,8 @@ To check that the policy was successfully applied on your computer:
+
+
@@ -1068,6 +1078,7 @@ To check that the policy was successfully applied on your computer:
+
@@ -1118,6 +1129,7 @@ To check that the policy was successfully applied on your computer:
+
@@ -1126,6 +1138,8 @@ To check that the policy was successfully applied on your computer:
+
+
@@ -1160,6 +1174,10 @@ To check that the policy was successfully applied on your computer:
+
+
+
+
@@ -1301,6 +1319,7 @@ To check that the policy was successfully applied on your computer:
+
@@ -1610,8 +1629,8 @@ To check that the policy was successfully applied on your computer:
-
+
@@ -1816,7 +1835,7 @@ To check that the policy was successfully applied on your computer:
-
+
@@ -1840,13 +1859,13 @@ To check that the policy was successfully applied on your computer:
+
-
@@ -1884,6 +1903,7 @@ To check that the policy was successfully applied on your computer:
+
@@ -1898,7 +1918,7 @@ To check that the policy was successfully applied on your computer:
-
+
@@ -2407,6 +2427,14 @@ To check that the policy was successfully applied on your computer:
+
+
+
+
+
+
+
+
@@ -2898,7 +2926,7 @@ To check that the policy was successfully applied on your computer:
- 10.0.25310.0
+ 10.0.25860.0
diff --git a/windows/security/threat-protection/windows-defender-application-control/plan-windows-defender-application-control-management.md b/windows/security/threat-protection/windows-defender-application-control/plan-windows-defender-application-control-management.md
index 3650147424..ae484f697c 100644
--- a/windows/security/threat-protection/windows-defender-application-control/plan-windows-defender-application-control-management.md
+++ b/windows/security/threat-protection/windows-defender-application-control/plan-windows-defender-application-control-management.md
@@ -1,5 +1,5 @@
---
-title: Plan for WDAC policy management (Windows)
+title: Plan for WDAC policy management
description: Learn about the decisions you need to make to establish the processes for managing and maintaining Windows Defender Application Control policies.
keywords: security, malware
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
diff --git a/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting.md b/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting.md
index edebf6678f..22112f4c42 100644
--- a/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting.md
+++ b/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting.md
@@ -1,5 +1,5 @@
---
-title: Query Application Control events with Advanced Hunting (Windows)
+title: Query Application Control events with Advanced Hunting
description: Learn how to query Windows Defender Application Control events across your entire organization by using Advanced Hunting.
keywords: security, malware
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
diff --git a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
index ac8c1073a4..3630632cf7 100644
--- a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
+++ b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
@@ -1,5 +1,5 @@
---
-title: Understand Windows Defender Application Control (WDAC) policy rules and file rules (Windows)
+title: Understand Windows Defender Application Control (WDAC) policy rules and file rules
description: Learn how WDAC policy rules and file rules can control your Windows 10 and Windows 11 computers.
keywords: security, malware
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
@@ -13,7 +13,7 @@ author: jgeurten
ms.reviewer: jsuther1974
ms.author: vinpa
manager: aaroncz
-ms.date: 05/09/2023
+ms.date: 05/26/2023
ms.technology: itpro-security
ms.topic: article
---
@@ -55,7 +55,7 @@ You can set several rule options within a WDAC policy. Table 1 describes each ru
| **8 Required:EV Signers** | This option isn't currently supported. | No |
| **9 Enabled:Advanced Boot Options Menu** | The F8 preboot menu is disabled by default for all WDAC policies. Setting this rule option allows the F8 menu to appear to physically present users. | No |
| **10 Enabled:Boot Audit on Failure** | Used when the WDAC policy is in enforcement mode. When a boot-critical driver fails during startup, the WDAC policy is placed in audit mode so that Windows loads. Administrators can validate the reason for the failure in the CodeIntegrity event log. | No |
-| **11 Disabled:Script Enforcement** | This option disables script enforcement options, covering PowerShell, Windows Based Script Host (wscript.exe), Windows Console Based Script Host (cscript.exe), HTA files run in Microsoft HTML Application Host (mshta.exe), and MSXML. For more information on script enforcement, see [Script enforcement with WDAC](/windows/security/threat-protection/windows-defender-application-control/design/script-enforcement).
NOTE: This option isn't supported on Windows Server 2016 and shouldn't be used on that operating system. | No |
+| **11 Disabled:Script Enforcement** | This option disables script enforcement options, covering PowerShell, Windows Based Script Host (wscript.exe), Windows Console Based Script Host (cscript.exe), HTA files run in Microsoft HTML Application Host (mshta.exe), and MSXML. For more information on script enforcement, see [Script enforcement with WDAC](/windows/security/threat-protection/windows-defender-application-control/design/script-enforcement).
NOTE: This option isn't supported on Windows Server 2016 or Windows 10 1607 LTSB and shouldn't be used on those operating systems. | No |
| **12 Required:Enforce Store Applications** | If this rule option is enabled, WDAC policies also apply to Universal Windows applications. | No |
| **13 Enabled:Managed Installer** | Use this option to automatically allow applications installed by a managed installer. For more information, see [Authorize apps deployed with a WDAC managed installer](configure-authorized-apps-deployed-with-a-managed-installer.md) | Yes |
| **14 Enabled:Intelligent Security Graph Authorization** | Use this option to automatically allow applications with "known good" reputation as defined by Microsoft's Intelligent Security Graph (ISG). | Yes |
diff --git a/windows/security/threat-protection/windows-defender-application-control/types-of-devices.md b/windows/security/threat-protection/windows-defender-application-control/types-of-devices.md
index 7dd82c84a1..4d96a0ba7f 100644
--- a/windows/security/threat-protection/windows-defender-application-control/types-of-devices.md
+++ b/windows/security/threat-protection/windows-defender-application-control/types-of-devices.md
@@ -1,5 +1,5 @@
---
-title: Policy creation for common WDAC usage scenarios (Windows)
+title: Policy creation for common WDAC usage scenarios
description: Develop a plan for deploying Windows Defender Application Control (WDAC) in your organization based on these common scenarios.
keywords: security, malware
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
diff --git a/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md b/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md
index 0e68f7beb2..a32f372530 100644
--- a/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md
+++ b/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md
@@ -1,5 +1,5 @@
---
-title: Understand Windows Defender Application Control policy design decisions (Windows)
+title: Understand Windows Defender Application Control policy design decisions
description: Understand Windows Defender Application Control policy design decisions.
keywords: security, malware
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
diff --git a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md
index 3d284b33dd..041c912aaf 100644
--- a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md
@@ -1,5 +1,5 @@
---
-title: Use a Windows Defender Application Control policy to control specific plug-ins, add-ins, and modules (Windows)
+title: Use a Windows Defender Application Control policy to control specific plug-ins, add-ins, and modules
description: WDAC policies can be used not only to control applications, but also to control whether specific plug-ins, add-ins, and modules can run from specific apps.
keywords: security, malware
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
diff --git a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-dynamic-code-security.md b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-dynamic-code-security.md
index d00682891d..c00f4edca6 100644
--- a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-dynamic-code-security.md
+++ b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-dynamic-code-security.md
@@ -1,5 +1,5 @@
---
-title: Windows Defender Application Control and .NET (Windows)
+title: Windows Defender Application Control and .NET
description: Understand how WDAC and .NET work together and use Dynamic Code Security to verify code loaded by .NET at runtime.
keywords: security, malware
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
diff --git a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md
index 8f03c660cd..6fbf9468f0 100644
--- a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md
+++ b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md
@@ -1,5 +1,5 @@
---
-title: Authorize reputable apps with the Intelligent Security Graph (ISG) (Windows)
+title: Authorize reputable apps with the Intelligent Security Graph (ISG)
description: Automatically authorize applications that Microsoft’s ISG recognizes as having known good reputation.
keywords: security, malware
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
diff --git a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-design-guide.md b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-design-guide.md
index 4b3cdb445f..11fc572242 100644
--- a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-design-guide.md
+++ b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-design-guide.md
@@ -1,5 +1,5 @@
---
-title: Windows Defender Application Control design guide (Windows)
+title: Windows Defender Application Control design guide
description: Microsoft Windows Defender Application Control allows organizations to control what apps and drivers will run on their managed Windows devices.
keywords: security, malware
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
diff --git a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-operational-guide.md b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-operational-guide.md
index 5697c8f256..6acc9a240c 100644
--- a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-operational-guide.md
+++ b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-operational-guide.md
@@ -1,5 +1,5 @@
---
-title: Managing and troubleshooting Windows Defender Application Control policies (Windows)
+title: Managing and troubleshooting Windows Defender Application Control policies
description: Gather information about how your deployed Windows Defender Application Control policies are behaving.
keywords: security, malware
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
diff --git a/windows/security/threat-protection/windows-defender-system-guard/system-guard-secure-launch-and-smm-protection.md b/windows/security/threat-protection/windows-defender-system-guard/system-guard-secure-launch-and-smm-protection.md
index 6c14ed44e0..2db72ad602 100644
--- a/windows/security/threat-protection/windows-defender-system-guard/system-guard-secure-launch-and-smm-protection.md
+++ b/windows/security/threat-protection/windows-defender-system-guard/system-guard-secure-launch-and-smm-protection.md
@@ -1,5 +1,5 @@
---
-title: System Guard Secure Launch and SMM protection (Windows 10)
+title: System Guard Secure Launch and SMM protection
description: Explains how to configure System Guard Secure Launch and System Management Mode (SMM protection) to improve the startup security of Windows 10 devices.
search.appverid: met150
ms.prod: windows-client
diff --git a/windows/security/threat-protection/windows-firewall/TOC.yml b/windows/security/threat-protection/windows-firewall/TOC.yml
deleted file mode 100644
index ca84e461a5..0000000000
--- a/windows/security/threat-protection/windows-firewall/TOC.yml
+++ /dev/null
@@ -1,254 +0,0 @@
-- name: Windows Firewall with Advanced Security
- href: windows-firewall-with-advanced-security.md
- items:
- - name: Plan deployment
- items:
- - name: Design guide
- href: windows-firewall-with-advanced-security-design-guide.md
- - name: Design process
- href: understanding-the-windows-firewall-with-advanced-security-design-process.md
- - name: Implementation goals
- items:
- - name: Identify implementation goals
- href: identifying-your-windows-firewall-with-advanced-security-deployment-goals.md
- - name: Protect devices from unwanted network traffic
- href: protect-devices-from-unwanted-network-traffic.md
- - name: Restrict access to only trusted devices
- href: restrict-access-to-only-trusted-devices.md
- - name: Require encryption
- href: require-encryption-when-accessing-sensitive-network-resources.md
- - name: Restrict access
- href: restrict-access-to-only-specified-users-or-devices.md
- - name: Implementation designs
- items:
- - name: Mapping goals to a design
- href: mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design.md
- - name: Basic firewall design
- href: basic-firewall-policy-design.md
- items:
- - name: Basic firewall design example
- href: firewall-policy-design-example.md
- - name: Domain isolation design
- href: domain-isolation-policy-design.md
- items:
- - name: Domain isolation design example
- href: domain-isolation-policy-design-example.md
- - name: Server isolation design
- href: server-isolation-policy-design.md
- items:
- - name: Server Isolation design example
- href: server-isolation-policy-design-example.md
- - name: Certificate-based isolation design
- href: certificate-based-isolation-policy-design.md
- items:
- - name: Certificate-based Isolation design example
- href: certificate-based-isolation-policy-design-example.md
- - name: Design planning
- items:
- - name: Planning your design
- href: planning-your-windows-firewall-with-advanced-security-design.md
- - name: Planning settings for a basic firewall policy
- href: planning-settings-for-a-basic-firewall-policy.md
- - name: Planning domain isolation zones
- items:
- - name: Domain isolation zones
- href: planning-domain-isolation-zones.md
- - name: Exemption list
- href: exemption-list.md
- - name: Isolated domain
- href: isolated-domain.md
- - name: Boundary zone
- href: boundary-zone.md
- - name: Encryption zone
- href: encryption-zone.md
- - name: Planning server isolation zones
- href: planning-server-isolation-zones.md
- - name: Planning certificate-based authentication
- href: planning-certificate-based-authentication.md
- items:
- - name: Documenting the Zones
- href: documenting-the-zones.md
- - name: Planning group policy deployment for your isolation zones
- href: planning-group-policy-deployment-for-your-isolation-zones.md
- items:
- - name: Planning isolation groups for the zones
- href: planning-isolation-groups-for-the-zones.md
- - name: Planning network access groups
- href: planning-network-access-groups.md
- - name: Planning the GPOs
- href: planning-the-gpos.md
- items:
- - name: Firewall GPOs
- href: firewall-gpos.md
- items:
- - name: GPO_DOMISO_Firewall
- href: gpo-domiso-firewall.md
- - name: Isolated domain GPOs
- href: isolated-domain-gpos.md
- items:
- - name: GPO_DOMISO_IsolatedDomain_Clients
- href: gpo-domiso-isolateddomain-clients.md
- - name: GPO_DOMISO_IsolatedDomain_Servers
- href: gpo-domiso-isolateddomain-servers.md
- - name: Boundary zone GPOs
- href: boundary-zone-gpos.md
- items:
- - name: GPO_DOMISO_Boundary
- href: gpo-domiso-boundary.md
- - name: Encryption zone GPOs
- href: encryption-zone-gpos.md
- items:
- - name: GPO_DOMISO_Encryption
- href: gpo-domiso-encryption.md
- - name: Server isolation GPOs
- href: server-isolation-gpos.md
- - name: Planning GPO deployment
- href: planning-gpo-deployment.md
- - name: Planning to deploy
- href: planning-to-deploy-windows-firewall-with-advanced-security.md
- - name: Deployment guide
- items:
- - name: Deployment overview
- href: windows-firewall-with-advanced-security-deployment-guide.md
- - name: Implementing your plan
- href: implementing-your-windows-firewall-with-advanced-security-design-plan.md
- - name: Basic firewall deployment
- items:
- - name: "Checklist: Implementing a basic firewall policy design"
- href: checklist-implementing-a-basic-firewall-policy-design.md
- - name: Domain isolation deployment
- items:
- - name: "Checklist: Implementing a Domain Isolation Policy Design"
- href: checklist-implementing-a-domain-isolation-policy-design.md
- - name: Server isolation deployment
- items:
- - name: "Checklist: Implementing a Standalone Server Isolation Policy Design"
- href: checklist-implementing-a-standalone-server-isolation-policy-design.md
- - name: Certificate-based authentication
- items:
- - name: "Checklist: Implementing a Certificate-based Isolation Policy Design"
- href: checklist-implementing-a-certificate-based-isolation-policy-design.md
- - name: Best practices
- items:
- - name: Configuring the firewall
- href: best-practices-configuring.md
- - name: Securing IPsec
- href: securing-end-to-end-ipsec-connections-by-using-ikev2.md
- - name: PowerShell
- href: windows-firewall-with-advanced-security-administration-with-windows-powershell.md
- - name: Isolating Microsoft Store Apps on Your Network
- href: isolating-apps-on-your-network.md
- - name: How-to
- items:
- - name: Add Production devices to the membership group for a zone
- href: add-production-devices-to-the-membership-group-for-a-zone.md
- - name: Add test devices to the membership group for a zone
- href: add-test-devices-to-the-membership-group-for-a-zone.md
- - name: Assign security group filters to the GPO
- href: assign-security-group-filters-to-the-gpo.md
- - name: Change rules from request to require mode
- href: Change-Rules-From-Request-To-Require-Mode.Md
- - name: Configure authentication methods
- href: Configure-authentication-methods.md
- - name: Configure data protection (Quick Mode) settings
- href: configure-data-protection-quick-mode-settings.md
- - name: Configure Group Policy to autoenroll and deploy certificates
- href: configure-group-policy-to-autoenroll-and-deploy-certificates.md
- - name: Configure key exchange (main mode) settings
- href: configure-key-exchange-main-mode-settings.md
- - name: Configure the rules to require encryption
- href: configure-the-rules-to-require-encryption.md
- - name: Configure the Windows Firewall log
- href: configure-the-windows-firewall-log.md
- - name: Configure the workstation authentication certificate template
- href: configure-the-workstation-authentication-certificate-template.md
- - name: Configure Windows Firewall to suppress notifications when a program is blocked
- href: configure-windows-firewall-to-suppress-notifications-when-a-program-is-blocked.md
- - name: Confirm that certificates are deployed correctly
- href: confirm-that-certificates-are-deployed-correctly.md
- - name: Copy a GPO to create a new GPO
- href: copy-a-gpo-to-create-a-new-gpo.md
- - name: Create a Group Account in Active Directory
- href: create-a-group-account-in-active-directory.md
- - name: Create a Group Policy Object
- href: create-a-group-policy-object.md
- - name: Create an authentication exemption list rule
- href: create-an-authentication-exemption-list-rule.md
- - name: Create an authentication request rule
- href: create-an-authentication-request-rule.md
- - name: Create an inbound ICMP rule
- href: create-an-inbound-icmp-rule.md
- - name: Create an inbound port rule
- href: create-an-inbound-port-rule.md
- - name: Create an inbound program or service rule
- href: create-an-inbound-program-or-service-rule.md
- - name: Create an outbound port rule
- href: create-an-outbound-port-rule.md
- - name: Create an outbound program or service rule
- href: create-an-outbound-program-or-service-rule.md
- - name: Create inbound rules to support RPC
- href: create-inbound-rules-to-support-rpc.md
- - name: Create WMI filters for the GPO
- href: create-wmi-filters-for-the-gpo.md
- - name: Create Windows Firewall rules in Intune
- href: create-windows-firewall-rules-in-intune.md
- - name: Enable predefined inbound rules
- href: enable-predefined-inbound-rules.md
- - name: Enable predefined outbound rules
- href: enable-predefined-outbound-rules.md
- - name: Exempt ICMP from authentication
- href: exempt-icmp-from-authentication.md
- - name: Link the GPO to the domain
- href: link-the-gpo-to-the-domain.md
- - name: Modify GPO filters
- href: modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md
- - name: Open IP security policies
- href: open-the-group-policy-management-console-to-ip-security-policies.md
- - name: Open Group Policy
- href: open-the-group-policy-management-console-to-windows-firewall.md
- - name: Open Group Policy
- href: open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md
- - name: Open Windows Firewall
- href: open-windows-firewall-with-advanced-security.md
- - name: Restrict server access
- href: restrict-server-access-to-members-of-a-group-only.md
- - name: Enable Windows Firewall
- href: turn-on-windows-firewall-and-configure-default-behavior.md
- - name: Verify Network Traffic
- href: verify-that-network-traffic-is-authenticated.md
- - name: References
- items:
- - name: "Checklist: Creating Group Policy objects"
- href: checklist-creating-group-policy-objects.md
- - name: "Checklist: Creating inbound firewall rules"
- href: checklist-creating-inbound-firewall-rules.md
- - name: "Checklist: Creating outbound firewall rules"
- href: checklist-creating-outbound-firewall-rules.md
- - name: "Checklist: Configuring basic firewall settings"
- href: checklist-configuring-basic-firewall-settings.md
- - name: "Checklist: Configuring rules for the isolated domain"
- href: checklist-configuring-rules-for-the-isolated-domain.md
- - name: "Checklist: Configuring rules for the boundary zone"
- href: checklist-configuring-rules-for-the-boundary-zone.md
- - name: "Checklist: Configuring rules for the encryption zone"
- href: checklist-configuring-rules-for-the-encryption-zone.md
- - name: "Checklist: Configuring rules for an isolated server zone"
- href: checklist-configuring-rules-for-an-isolated-server-zone.md
- - name: "Checklist: Configuring rules for servers in a standalone isolated server zone"
- href: checklist-configuring-rules-for-servers-in-a-standalone-isolated-server-zone.md
- - name: "Checklist: Creating rules for clients of a standalone isolated server zone"
- href: checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone.md
- - name: "Appendix A: Sample GPO template files for settings used in this guide"
- href: appendix-a-sample-gpo-template-files-for-settings-used-in-this-guide.md
- - name: Troubleshooting
- items:
- - name: Troubleshooting UWP app connectivity issues in Windows Firewall
- href: troubleshooting-uwp-firewall.md
- - name: Filter origin audit log improvements
- href: filter-origin-documentation.md
- - name: Quarantine behavior
- href: quarantine.md
- - name: Firewall settings lost on upgrade
- href: firewall-settings-lost-on-upgrade.md
-- name: Windows security
- href: /windows/security/
diff --git a/windows/whats-new/TOC.yml b/windows/whats-new/TOC.yml
index b3ff701a34..2e144448b8 100644
--- a/windows/whats-new/TOC.yml
+++ b/windows/whats-new/TOC.yml
@@ -11,6 +11,8 @@
href: windows-11-plan.md
- name: Prepare for Windows 11
href: windows-11-prepare.md
+ - name: Windows 11 temporary enterprise feature control
+ href: temporary-enterprise-feature-control.md
- name: What's new in Windows 11, version 22H2
href: whats-new-windows-11-version-22h2.md
- name: Windows 10
diff --git a/windows/whats-new/deprecated-features-resources.md b/windows/whats-new/deprecated-features-resources.md
index 6728e2b1bd..330293213d 100644
--- a/windows/whats-new/deprecated-features-resources.md
+++ b/windows/whats-new/deprecated-features-resources.md
@@ -12,15 +12,13 @@ ms.topic: reference
ms.collection:
- highpri
- tier1
+appliesto:
+ - ✅ Windows 11
+ - ✅ Windows 10
---
# Resources for deprecated features
-**Applies to**
-
-- Windows 10
-- Windows 11
-
This article provides additional resources about [deprecated features for Windows client](deprecated-features.md) that may be needed by IT professionals. The following information is provided to help IT professionals plan for the removal of deprecated features:
## Microsoft Support Diagnostic Tool resources
diff --git a/windows/whats-new/deprecated-features.md b/windows/whats-new/deprecated-features.md
index 84ceba70f7..073c3bf2f2 100644
--- a/windows/whats-new/deprecated-features.md
+++ b/windows/whats-new/deprecated-features.md
@@ -12,15 +12,13 @@ ms.topic: conceptual
ms.collection:
- highpri
- tier1
+appliesto:
+ - ✅ Windows 11
+ - ✅ Windows 10
---
# Deprecated features for Windows client
-**Applies to**
-
-- Windows 10
-- Windows 11
-
Each version of Windows client adds new features and functionality. Occasionally, new versions also remove features and functionality, often because they've added a newer option. This article provides details about the features and functionalities that are no longer being developed in Windows client. For more information about features that have been removed, see [Windows features removed](removed-features.md).
For more information about features in Windows 11, see [Feature deprecations and removals](https://www.microsoft.com/windows/windows-11-specifications#table3).
diff --git a/windows/whats-new/feature-lifecycle.md b/windows/whats-new/feature-lifecycle.md
index d987cfd951..ffbc2050c9 100644
--- a/windows/whats-new/feature-lifecycle.md
+++ b/windows/whats-new/feature-lifecycle.md
@@ -12,13 +12,12 @@ ms.date: 10/28/2022
ms.collection:
- highpri
- tier2
+appliesto:
+ - ✅ Windows 11
+ - ✅ Windows 10
---
# Windows client features lifecycle
-Applies to:
-- Windows 10
-- Windows 11
-
Each release of Windows 10 and Windows 11 contains many new and improved features. Occasionally we also remove features and functionality, usually because there is a better option.
## Windows 11 features
diff --git a/windows/whats-new/index.yml b/windows/whats-new/index.yml
index f11b6dbc0c..b99c54cd1c 100644
--- a/windows/whats-new/index.yml
+++ b/windows/whats-new/index.yml
@@ -65,4 +65,4 @@ landingContent:
- text: Compare Windows 11 Editions
url: https://www.microsoft.com/windows/business/compare-windows-11
- text: Windows 10 Enterprise LTSC
- url: ltsc/index.md
+ url: ltsc/overview.md
diff --git a/windows/whats-new/ltsc/TOC.yml b/windows/whats-new/ltsc/TOC.yml
index d7d88350ef..3dede78331 100644
--- a/windows/whats-new/ltsc/TOC.yml
+++ b/windows/whats-new/ltsc/TOC.yml
@@ -1,6 +1,8 @@
- name: Windows 10 Enterprise LTSC
- href: index.md
+ href: index.yml
items:
+ - name: Windows 10 Enterprise LTSC overview
+ href: overview.md
- name: What's new in Windows 10 Enterprise LTSC 2021
href: whats-new-windows-10-2021.md
- name: What's new in Windows 10 Enterprise LTSC 2019
diff --git a/windows/whats-new/ltsc/index.yml b/windows/whats-new/ltsc/index.yml
new file mode 100644
index 0000000000..4744f04260
--- /dev/null
+++ b/windows/whats-new/ltsc/index.yml
@@ -0,0 +1,49 @@
+### YamlMime:Landing
+
+title: What's new in Windows 10 Enterprise LTSC
+summary: Find out about new features and capabilities in the latest release of Windows 10 Enterprise LTSC for IT professionals.
+
+metadata:
+ title: What's new in Windows 10 Enterprise LTSC
+ description: Find out about new features and capabilities in the latest release of Windows 10 Enterprise LTSC for IT professionals.
+ ms.prod: windows-client
+ ms.technology: itpro-fundamentals
+ ms.topic: landing-page
+ ms.collection:
+ - highpri
+ - tier1
+ author: mestew
+ ms.author: mstewart
+ manager: aaroncz
+ ms.date: 05/22/2023
+ localization_priority: medium
+
+landingContent:
+
+ - title: Windows 10 Enterprise LTSC
+ linkLists:
+ - linkListType: overview
+ links:
+ - text: Windows 10 Enterprise LTSC overview
+ url: overview.md
+ - text: What's new in Windows 10 Enterprise LTSC 2021
+ url: whats-new-windows-10-2021.md
+ - text: What's new in Windows 10 Enterprise LTSC 2019
+ url: whats-new-windows-10-2019.md
+ - text: What's new in Windows 10 Enterprise LTSC 2016
+ url: whats-new-windows-10-2016.md
+ - text: What's new in Windows 10 Enterprise LTSC 2015
+ url: whats-new-windows-10-2015.md
+
+ - title: Learn more
+ linkLists:
+ - linkListType: overview
+ links:
+ - text: Windows release health dashboard
+ url: /windows/release-health/
+ - text: Windows 10 update history
+ url: https://support.microsoft.com/topic/windows-10-update-history-857b8ccb-71e4-49e5-b3f6-7073197d98fb
+ - text: Windows features we're no longer developing
+ url: ../deprecated-features.md
+ - text: Features and functionality removed in Windows
+ url: ../removed-features.md
diff --git a/windows/whats-new/ltsc/index.md b/windows/whats-new/ltsc/overview.md
similarity index 90%
rename from windows/whats-new/ltsc/index.md
rename to windows/whats-new/ltsc/overview.md
index e294bee159..2faae9d8de 100644
--- a/windows/whats-new/ltsc/index.md
+++ b/windows/whats-new/ltsc/overview.md
@@ -1,5 +1,5 @@
---
-title: Windows 10 Enterprise LTSC
+title: Windows 10 Enterprise LTSC overview
description: New and updated IT Pro content about new features in Windows 10, LTSC (also known as Windows 10 LTSB).
ms.prod: windows-client
author: mestew
@@ -9,16 +9,13 @@ ms.localizationpriority: low
ms.topic: overview
ms.technology: itpro-fundamentals
ms.date: 12/31/2017
+appliesto:
+ - ✅ Windows 10 Enterprise LTSC
---
# Windows 10 Enterprise LTSC
-**Applies to**
-- Windows 10 Enterprise LTSC
-
-## In this topic
-
-This topic provides links to articles with information about what's new in each release of Windows 10 Enterprise LTSC, and includes a short description of this servicing channel.
+This article provides links to information about what's new in each release of Windows 10 Enterprise LTSC, and includes a short description of this servicing channel.
[What's New in Windows 10 Enterprise LTSC 2021](whats-new-windows-10-2021.md)
[What's New in Windows 10 Enterprise LTSC 2019](whats-new-windows-10-2019.md)
diff --git a/windows/whats-new/ltsc/whats-new-windows-10-2015.md b/windows/whats-new/ltsc/whats-new-windows-10-2015.md
index 0663fe6cd9..da9e6df080 100644
--- a/windows/whats-new/ltsc/whats-new-windows-10-2015.md
+++ b/windows/whats-new/ltsc/whats-new-windows-10-2015.md
@@ -8,15 +8,14 @@ author: mestew
ms.localizationpriority: low
ms.topic: article
ms.technology: itpro-fundamentals
-ms.date: 12/31/2017
+ms.date: 02/26/2023
+appliesto:
+ - ✅ Windows 10 Enterprise LTSC 2015
---
# What's new in Windows 10 Enterprise LTSC 2015
-**Applies to**
-- Windows 10 Enterprise LTSC 2015
-
-This article lists new and updated features and content that are of interest to IT Pros for Windows 10 Enterprise LTSC 2015 (LTSB). For a brief description of the LTSC servicing channel, see [Windows 10 Enterprise LTSC](index.md).
+This article lists new and updated features and content that are of interest to IT Pros for Windows 10 Enterprise LTSC 2015 (LTSB). For a brief description of the LTSC servicing channel, see [Windows 10 Enterprise LTSC](overview.md).
## Deployment
@@ -289,4 +288,4 @@ The new chromium-based Microsoft Edge isn't included in the LTSC release of Wind
## See Also
-[Windows 10 Enterprise LTSC](index.md): A description of the LTSC servicing channel with links to information about each release.
+[Windows 10 Enterprise LTSC](overview.md): A description of the LTSC servicing channel with links to information about each release.
diff --git a/windows/whats-new/ltsc/whats-new-windows-10-2016.md b/windows/whats-new/ltsc/whats-new-windows-10-2016.md
index 1b70c22e66..ba451305fd 100644
--- a/windows/whats-new/ltsc/whats-new-windows-10-2016.md
+++ b/windows/whats-new/ltsc/whats-new-windows-10-2016.md
@@ -9,14 +9,13 @@ ms.localizationpriority: low
ms.topic: article
ms.technology: itpro-fundamentals
ms.date: 12/31/2017
+appliesto:
+ - ✅ Windows 10 Enterprise LTSC 2016
---
# What's new in Windows 10 Enterprise LTSC 2016
-**Applies to**
-- Windows 10 Enterprise LTSC 2016
-
-This article lists new and updated features and content that are of interest to IT Pros for Windows 10 Enterprise LTSC 2016 (LTSB), compared to Windows 10 Enterprise LTSC 2015 (LTSB). For a brief description of the LTSC servicing channel, see [Windows 10 Enterprise LTSC](index.md).
+This article lists new and updated features and content that are of interest to IT Pros for Windows 10 Enterprise LTSC 2016 (LTSB), compared to Windows 10 Enterprise LTSC 2015 (LTSB). For a brief description of the LTSC servicing channel, see [Windows 10 Enterprise LTSC](overview.md).
>[!NOTE]
>Features in Windows 10 Enterprise LTSC 2016 are equivalent to Windows 10, version 1607.
@@ -177,4 +176,4 @@ The new chromium-based Microsoft Edge isn't included in the LTSC release of Wind
## See Also
-[Windows 10 Enterprise LTSC](index.md): A description of the LTSC servicing channel with links to information about each release.
+[Windows 10 Enterprise LTSC](overview.md): A description of the LTSC servicing channel with links to information about each release.
diff --git a/windows/whats-new/ltsc/whats-new-windows-10-2019.md b/windows/whats-new/ltsc/whats-new-windows-10-2019.md
index d5d3090339..52223f9e9b 100644
--- a/windows/whats-new/ltsc/whats-new-windows-10-2019.md
+++ b/windows/whats-new/ltsc/whats-new-windows-10-2019.md
@@ -9,14 +9,13 @@ ms.localizationpriority: medium
ms.topic: conceptual
ms.technology: itpro-fundamentals
ms.date: 04/05/2023
+appliesto:
+ - ✅ Windows 10 Enterprise LTSC 2019
---
# What's new in Windows 10 Enterprise LTSC 2019
-**Applies to**
-- Windows 10 Enterprise LTSC 2019
-
-This article lists new and updated features and content that are of interest to IT Pros for Windows 10 Enterprise LTSC 2019, compared to Windows 10 Enterprise LTSC 2016 (LTSB). For a brief description of the LTSC servicing channel and associated support, see [Windows 10 Enterprise LTSC](index.md).
+This article lists new and updated features and content that are of interest to IT Pros for Windows 10 Enterprise LTSC 2019, compared to Windows 10 Enterprise LTSC 2016 (LTSB). For a brief description of the LTSC servicing channel and associated support, see [Windows 10 Enterprise LTSC](overview.md).
>[!NOTE]
>Features in Windows 10 Enterprise LTSC 2019 are equivalent to Windows 10, version 1809.
@@ -577,4 +576,4 @@ See the following example:
## See also
-[Windows 10 Enterprise LTSC](index.md): A short description of the LTSC servicing channel with links to information about each release.
+[Windows 10 Enterprise LTSC](overview.md): A short description of the LTSC servicing channel with links to information about each release.
diff --git a/windows/whats-new/ltsc/whats-new-windows-10-2021.md b/windows/whats-new/ltsc/whats-new-windows-10-2021.md
index 79dff6896a..48b3e3b651 100644
--- a/windows/whats-new/ltsc/whats-new-windows-10-2021.md
+++ b/windows/whats-new/ltsc/whats-new-windows-10-2021.md
@@ -9,14 +9,13 @@ ms.localizationpriority: high
ms.topic: conceptual
ms.technology: itpro-fundamentals
ms.date: 04/05/2023
+appliesto:
+ - ✅ Windows 10 Enterprise LTSC 2021
---
# What's new in Windows 10 Enterprise LTSC 2021
-**Applies to**
-- Windows 10 Enterprise LTSC 2021
-
-This article lists new and updated features and content that is of interest to IT Pros for Windows 10 Enterprise LTSC 2021, compared to Windows 10 Enterprise LTSC 2019 (LTSB). For a brief description of the LTSC servicing channel and associated support, see [Windows 10 Enterprise LTSC](index.md).
+This article lists new and updated features and content that is of interest to IT Pros for Windows 10 Enterprise LTSC 2021, compared to Windows 10 Enterprise LTSC 2019 (LTSB). For a brief description of the LTSC servicing channel and associated support, see [Windows 10 Enterprise LTSC](overview.md).
> [!NOTE]
> Features in Windows 10 Enterprise LTSC 2021 are equivalent to Windows 10, version 21H2.
@@ -244,4 +243,4 @@ WPA3 H2E standards are supported for enhanced Wi-Fi security.
## See Also
-[Windows 10 Enterprise LTSC](index.md): A short description of the LTSC servicing channel with links to information about each release.
+[Windows 10 Enterprise LTSC](overview.md): A short description of the LTSC servicing channel with links to information about each release.
diff --git a/windows/whats-new/removed-features.md b/windows/whats-new/removed-features.md
index 0cfa8fb10e..d837c8fa8c 100644
--- a/windows/whats-new/removed-features.md
+++ b/windows/whats-new/removed-features.md
@@ -12,15 +12,13 @@ ms.date: 01/05/2023
ms.collection:
- highpri
- tier1
+appliesto:
+ - ✅ Windows 11
+ - ✅ Windows 10
---
# Features and functionality removed in Windows client
-**Applies to**
-
-- Windows 10
-- Windows 11
-
Each version of Windows client adds new features and functionality. Occasionally, new versions also remove features and functionality, often because they've added a newer option. This article provides details about the features and functionality that have been removed in Windows client.
For more information about features that might be removed in a future release, see [Deprecated features for Windows client](deprecated-features.md).
diff --git a/windows/whats-new/temporary-enterprise-feature-control.md b/windows/whats-new/temporary-enterprise-feature-control.md
new file mode 100644
index 0000000000..4db66dd6c4
--- /dev/null
+++ b/windows/whats-new/temporary-enterprise-feature-control.md
@@ -0,0 +1,48 @@
+---
+title: Temporary enterprise feature control in Windows 11
+description: Learn about the Windows 11 features behind temporary enterprise feature control.
+ms.prod: windows-client
+ms.technology: itpro-fundamentals
+ms.author: mstewart
+author: mestew
+manager: aaroncz
+ms.localizationpriority: medium
+ms.topic: reference
+ms.date: 05/19/2023
+ms.collection:
+ - highpri
+ - tier2
+appliesto:
+ - ✅ Windows 11, version 22H2 and later
+---
+
+# Temporary enterprise feature control in Windows 11
+
+New features and enhancements are introduced through the monthly cumulative update to provide continuous innovation for Windows 11. To give organizations time to plan and prepare, some of these new features are temporarily turned off by default. Features that are turned off by default are listed in the KB article for the monthly cumulative update. Typically, a feature is selected to be off by default because it either impacts the user experience or IT administrators significantly.
+
+Features behind temporary enterprise control are automatically disabled for devices that have their Windows updates managed by policies.
+
+## Windows 11 features behind temporary enterprise feature control
+
+The following features are behind temporary enterprise control in Windows 11:
+
+| Feature | KB article where the feature was introduced | Feature update that ends temporary control |
+|---|---|---|
+| Touch-optimized taskbar for 2-in-1 devices | [February 28, 2023 - KB5022913](https://support.microsoft.com/topic/february-28-2023-kb5022913-os-build-22621-1344-preview-3e38c0d9-924d-4f3f-b0b6-3bd49b2657b9) | 2023 annual feature update |
+
+## Enable features behind temporary enterprise feature control
+
+Features that are behind temporary enterprise control will be enabled when one of the following conditions is met:
+
+- The device installs the annual feature update that enables the new features by default
+- The device receives a policy that enables features behind temporary enterprise control
+ - When the policy is enabled, all features on the device behind temporary control are turned on when the device next restarts.
+
+## Policy settings for temporary enterprise feature control
+
+You can use a policy to enable features that are behind temporary enterprise feature control. When this policy is enabled, all features that were disabled behind temporary enterprise feature control are turned on when the device next reboots. The following polices apply to Windows 11, version 22H2 with [KB5022845](https://support.microsoft.com/en-us/topic/february-14-2023-kb5022845-os-build-22621-1265-90a807f4-d2e8-486e-8a43-d09e66319f38) and later:
+
+- **Group Policy:** Computer Configuration\Administrative Templates\Windows Components\Windows Update\Manage end user experience\\**Enable features introduced via servicing that are off by default**
+
+- **CSP**: ./Device/Vendor/MSFT/Policy/Config/Update/[AllowTemporaryEnterpriseFeatureControl](/windows/client-management/mdm/policy-csp-update?toc=/windows/deployment/toc.json&bc=/windows/deployment/breadcrumb/toc.json#allowtemporaryenterprisefeaturecontrol)
+ - In the Intune [settings catalog](/intune/configuration/settings-catalog), this setting is named **Allow Temporary Enterprise Feature Control** under the **Windows Update for Business** category.
diff --git a/windows/whats-new/whats-new-windows-10-version-20H2.md b/windows/whats-new/whats-new-windows-10-version-20H2.md
index 3030181ea5..37a10475d2 100644
--- a/windows/whats-new/whats-new-windows-10-version-20H2.md
+++ b/windows/whats-new/whats-new-windows-10-version-20H2.md
@@ -12,13 +12,12 @@ ms.collection:
- tier2
ms.technology: itpro-fundamentals
ms.date: 12/31/2017
+appliesto:
+ - ✅ Windows 10, version 20H2
---
# What's new in Windows 10, version 20H2 for IT Pros
-**Applies to**
-- Windows 10, version 20H2
-
This article lists new and updated features and content that is of interest to IT Pros for Windows 10, version 20H2, also known as the Windows 10 October 2020 Update. This update also contains all features and fixes included in previous cumulative updates to Windows 10, version 2004.
> [!NOTE]
diff --git a/windows/whats-new/whats-new-windows-10-version-21H1.md b/windows/whats-new/whats-new-windows-10-version-21H1.md
index af47ae3987..3b134e5092 100644
--- a/windows/whats-new/whats-new-windows-10-version-21H1.md
+++ b/windows/whats-new/whats-new-windows-10-version-21H1.md
@@ -12,13 +12,12 @@ ms.collection:
- tier2
ms.technology: itpro-fundamentals
ms.date: 12/31/2017
+appliesto:
+ - ✅ Windows 10, version 21H1
---
# What's new in Windows 10, version 21H1 for IT Pros
-**Applies to**
-- Windows 10, version 21H1
-
This article lists new and updated features and content that is of interest to IT Pros for Windows 10, version 21H1, also known as the **Windows 10 May 2021 Update**. This update also contains all features and fixes included in previous cumulative updates to Windows 10, version 20H2.
Windows 10, version 21H1 is a scoped set of features for select performance improvements, enterprise features, and quality enhancements. As an [H1-targeted release](/lifecycle/faq/windows#what-is-the-servicing-timeline-for-a-version--feature-update--of-windows-10-), 21H1 is serviced for 18 months from the release date for devices running Windows 10 Enterprise or Windows 10 Education editions.
diff --git a/windows/whats-new/whats-new-windows-10-version-21H2.md b/windows/whats-new/whats-new-windows-10-version-21H2.md
index 0e8808f228..8b06af0956 100644
--- a/windows/whats-new/whats-new-windows-10-version-21H2.md
+++ b/windows/whats-new/whats-new-windows-10-version-21H2.md
@@ -12,14 +12,12 @@ ms.collection:
- tier2
ms.technology: itpro-fundamentals
ms.date: 12/31/2017
+appliesto:
+ - ✅ Windows 10, version 21H2
---
# What's new in Windows 10, version 21H2
-**Applies to**:
-
-- Windows 10, version 21H2
-
Windows 10, version 21H2 is the next feature update. This article lists the new and updated features IT Pros should know. Windows 10, version 21H2 is also known as the Windows 10 November 2021 Update. It includes all features and fixes in previous cumulative updates to Windows 10, version 21H1.
Windows 10, version 21H2 is an [H2-targeted release](/lifecycle/faq/windows#what-is-the-servicing-timeline-for-a-version--feature-update--of-windows-10-), and has the following servicing schedule:
diff --git a/windows/whats-new/whats-new-windows-10-version-22H2.md b/windows/whats-new/whats-new-windows-10-version-22H2.md
index e1ecaecbb0..5c158152d8 100644
--- a/windows/whats-new/whats-new-windows-10-version-22H2.md
+++ b/windows/whats-new/whats-new-windows-10-version-22H2.md
@@ -12,6 +12,8 @@ ms.date: 10/18/2022
ms.collection:
- highpri
- tier2
+appliesto:
+ - ✅ Windows 10, version 22H2
---
# What's new in Windows 10, version 22H2
diff --git a/windows/whats-new/whats-new-windows-11-version-22H2.md b/windows/whats-new/whats-new-windows-11-version-22H2.md
index bb565c5358..6a7edcc281 100644
--- a/windows/whats-new/whats-new-windows-11-version-22H2.md
+++ b/windows/whats-new/whats-new-windows-11-version-22H2.md
@@ -12,11 +12,11 @@ ms.collection:
- tier2
ms.technology: itpro-fundamentals
ms.date: 12/31/2017
+appliesto:
+ - ✅ Windows 11, version 22H2
---
# What's new in Windows 11, version 22H2
-
-**Applies to**: Windows 11, version 22H2
Windows 11, version 22H2 is a feature update for Windows 11. It includes all features and fixes in previous cumulative updates to Windows 11, version 21H2, the original Windows 11 release version. This article lists the new and updated features IT Pros should know.
diff --git a/windows/whats-new/windows-11-overview.md b/windows/whats-new/windows-11-overview.md
index df91262622..90928f5742 100644
--- a/windows/whats-new/windows-11-overview.md
+++ b/windows/whats-new/windows-11-overview.md
@@ -12,14 +12,12 @@ ms.topic: overview
ms.collection:
- highpri
- tier1
+appliesto:
+ - ✅ Windows 11
---
# Windows 11 overview
-**Applies to**:
-
-- Windows 11
-
Windows 11 is the next client operating system, and includes features that organizations should know. Windows 11 is built on the same foundation as Windows 10. If you use Windows 10, then Windows 11 is a natural transition. It's an update to what you know, and what you're familiar with.
It offers innovations focused on enhancing end-user productivity, and is designed to support today's hybrid work environment.
diff --git a/windows/whats-new/windows-11-plan.md b/windows/whats-new/windows-11-plan.md
index ce4a6efa32..346990f31f 100644
--- a/windows/whats-new/windows-11-plan.md
+++ b/windows/whats-new/windows-11-plan.md
@@ -12,17 +12,14 @@ ms.collection:
- tier1
ms.technology: itpro-fundamentals
ms.date: 12/31/2017
+appliesto:
+ - ✅ Windows 11
---
# Plan for Windows 11
-**Applies to**
-
-- Windows 11
-
-## Deployment planning
-
This article provides guidance to help you plan for Windows 11 in your organization.
+## Deployment planning
Since Windows 11 is built on the same foundation as Windows 10, you can use the same deployment capabilities, scenarios, and tools—and the same basic deployment strategy that you use today for Windows 10. You'll need to review and update your servicing strategy to adjust for changes in [Servicing and support](#servicing-and-support) for Windows 11.
diff --git a/windows/whats-new/windows-11-prepare.md b/windows/whats-new/windows-11-prepare.md
index 9a0cdaf844..6e9047c606 100644
--- a/windows/whats-new/windows-11-prepare.md
+++ b/windows/whats-new/windows-11-prepare.md
@@ -12,15 +12,13 @@ ms.collection:
- tier1
ms.technology: itpro-fundamentals
ms.date: 12/31/2017
+appliesto:
+ - ✅ Windows 11
+ - ✅ Windows 10
---
# Prepare for Windows 11
-**Applies to**
-
-- Windows 11
-- Windows 10
-
Windows 10 and Windows 11 are designed to coexist, so that you can use the same familiar tools and process to manage both operating systems. Using a single management infrastructure that supports common applications across both Windows 10 and Windows 11 helps to simplify the migration process. You can analyze endpoints, determine application compatibility, and manage Windows 11 deployments in the same way that you do with Windows 10.
After you evaluate your hardware to see if it meets [requirements](windows-11-requirements.md) for Windows 11, it's a good time to review your deployment infrastructure, tools, and overall endpoint and update management processes and look for opportunities to simplify and optimize. This article provides some helpful guidance to accomplish these tasks.
diff --git a/windows/whats-new/windows-11-requirements.md b/windows/whats-new/windows-11-requirements.md
index 74230a9b73..f596c4e962 100644
--- a/windows/whats-new/windows-11-requirements.md
+++ b/windows/whats-new/windows-11-requirements.md
@@ -12,14 +12,13 @@ ms.collection:
- tier1
ms.technology: itpro-fundamentals
ms.date: 02/13/2023
+appliesto:
+ - ✅ Windows 11
+
---
# Windows 11 requirements
-**Applies to**
-
-- Windows 11
-
This article lists the system requirements for Windows 11. Windows 11 is also [supported on a virtual machine (VM)](#virtual-machine-support).
## Hardware requirements
diff --git a/windows/whats-new/windows-licensing.md b/windows/whats-new/windows-licensing.md
index 1af9776fe0..3a56385d67 100644
--- a/windows/whats-new/windows-licensing.md
+++ b/windows/whats-new/windows-licensing.md
@@ -68,7 +68,7 @@ The following table describes the unique Windows Enterprise edition features:
| OS-based feature | Description |
|-|-|
|**[Windows Defender Credential Guard][WIN-1]**|Protects against user credential harvesting and pass-the-hash attacks or pass the token attacks.|
-|**[Managed Microsoft Defender Application Guard for Microsoft Edge][EDGE-1]**| Isolates enterprise-defined untrusted sites with virtualization-based security from Windows, protecting your organization while users browse the Internet.|
+|**[Managed Microsoft Defender Application Guard (MDAG) for Microsoft Edge][WIN-11]**| Isolates enterprise-defined untrusted sites with virtualization-based security from Windows, protecting your organization while users browse the Internet.|
|**[Modern BitLocker Management][WIN-2]** | Allows you to eliminate on-premises tools to monitor and support BitLocker recovery scenarios. |
|**[Personal Data Encryption][WIN-3]**|Encrypts individual's content using Windows Hello for Business to link the encryption keys to user credentials.|
|**[Direct Access][WINS-1]**|Connect remote users to the organization network without the need for traditional VPN connections.|
@@ -127,7 +127,7 @@ Windows Enterprise E3 in Microsoft 365 F3 does not include some use rights previ
## Use a Windows Pro device with the Windows Enterprise user subscription license
-In most cases, the Windows Pro edition comes pre-installed on a business-class device. Microsoft recommends upgrading your Windows Pro devices to Enterprise edition when you have acquired a user subscription licenses for Windows. However, there are cases that require to keep devices on the Pro edition and not upgrade them to Enterprise edition. With Windows 11 Enterprise E3, you can take advantage of features, services and use rights not licensed to the Windows Pro license bound to the device. It includes Windows Enterprise edition with cloud-powered capabilities and subscription use rights, and these capabilities are not always technically enforced. Some scenarios that may require to not upgrade to Windows Enterprise edition:
+In most cases, the Windows Pro edition comes pre-installed on a business-class device. Microsoft recommends upgrading your Windows Pro devices to Enterprise edition when you have acquired a user subscription license for Windows. However, there are cases that require to keep devices on the Pro edition and not upgrade them to Enterprise edition. With Windows 11 Enterprise E3, you can take advantage of features, services and use rights not licensed to the Windows Pro license bound to the device. It includes Windows Enterprise edition with cloud-powered capabilities and subscription use rights, and these capabilities are not always technically enforced. Some scenarios that may require to not upgrade to Windows Enterprise edition:
- Devices not properly provisioned that don't automatically upgrade to Windows Enterprise edition
- Devices may have been acquired for a business process that was not under control of a central IT department or outside of the IT department's knowledge
@@ -142,7 +142,7 @@ The following table lists the Windows 11 Enterprise features and their Windows e
| OS-based feature |Windows Pro|Windows Enterprise|
|-|-|-|
|**[Windows Defender Credential Guard][WIN-1]**|❌|Yes|
-|**[Microsoft Defender Application Guard (MDAG) for Microsoft Edge][EDGE-1]**|Yes|Yes|
+|**[Microsoft Defender Application Guard (MDAG) for Microsoft Edge][WIN-11]**|Yes|Yes|
|**[Modern BitLocker Management][WIN-2]**|Yes|Yes|
|**[Personal data encryption (PDE)][WIN-3]**|❌|Yes|
|**[Direct Access][WINS-1]**|Yes|Yes|
@@ -186,7 +186,6 @@ To learn more about Windows 11 Enterprise E3 and E5 licensing, download the [Win
- How to acquire licenses through Commercial Licensing
[AZ-1]: /azure/virtual-desktop/prerequisites#operating-systems-and-licenses
-[EDGE-1]: /deployedge/microsoft-edge-security-windows-defender-application-guard
[EXT-1]: https://www.microsoft.com/licensing/terms/productoffering/WindowsDesktopOperatingSystem/EAEAS
[EXT-2]: https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-release-health-now-available-in-the-microsoft-365-admin/ba-p/2235908
[EXT-3]: https://windows.com/enterprise
@@ -208,5 +207,7 @@ To learn more about Windows 11 Enterprise E3 and E5 licensing, download the [Win
[WIN-8]: /windows/deployment/do/waas-microsoft-connected-cache
[WIN-9]: /windows/release-health/supported-versions-windows-client#enterprise-and-iot-enterprise-ltsbltsc-editions
[WIN-10]: /windows/whats-new/ltsc/
+[WIN-11]: /windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview
[WINS-1]: /windows-server/remote/remote-access/directaccess/directaccess
[WINS-2]: /windows-server/remote/remote-access/vpn/always-on-vpn/
+