Update enable-exploit-protection.md

denisebmsft · denisebmsft · commit fd9216f40728 · 2024-11-15T11:35:02.000-08:00
diff --git a/defender-endpoint/enable-exploit-protection.md b/defender-endpoint/enable-exploit-protection.md
@@ -80,19 +80,21 @@ You can also set mitigations to [audit mode](evaluate-exploit-protection.md). Au
 2. Select the **App & browser control** tile (or the app icon on the left menu bar) and then select **Exploit protection settings**.
 
 3. Go to **Program settings** and choose the app you want to apply mitigations to.
-    - If the app you want to configure is already listed, select it, and then select **Edit**.
-    - If the app isn't listed, at the top of the list select **Add program to customize** and then choose how you want to add the app.
-    - Use **Add by program name** to have the mitigation applied to any running process with that name. Specify a file with its extension. You can enter a full path to limit the mitigation to only the app with that name in that location.
-    - Use **Choose exact file path** to use a standard Windows Explorer file picker window to find and select the file you want.
+
+   - If the app you want to configure is already listed, select it, and then select **Edit**.
+   - If the app isn't listed, at the top of the list select **Add program to customize** and then choose how you want to add the app.
+   - Use **Add by program name** to have the mitigation applied to any running process with that name. Specify a file with its extension. You can enter a full path to limit the mitigation to only the app with that name in that location.
+   - Use **Choose exact file path** to use a standard Windows Explorer file picker window to find and select the file you want.
 
 4. After selecting the app, you'll see a list of all the mitigations that can be applied. Choosing **Audit** will apply the mitigation in audit mode only. You're notified if you need to restart the process or app, or if you need to restart Windows.
 
 5. Repeat steps 3-4 for all the apps and mitigations you want to configure.
 
 6. Under the **System settings** section, find the mitigation you want to configure and then specify one of the following settings. Apps that aren't configured individually in the **Program settings** section use the settings that are configured here.
-    - **On by default**: The mitigation is *enabled* for apps that don't have this mitigation set in the app-specific **Program settings** section
-    - **Off by default**: The mitigation is *disabled* for apps that don't have this mitigation set in the app-specific **Program settings** section
-    - **Use default**: The mitigation is either enabled or disabled, depending on the default configuration that is set up by Windows 10 or Windows 11 installation; the default value (**On** or **Off**) is always specified next to the **Use default** label for each mitigation
+
+   - **On by default**: The mitigation is *enabled* for apps that don't have this mitigation set in the app-specific **Program settings** section
+   - **Off by default**: The mitigation is *disabled* for apps that don't have this mitigation set in the app-specific **Program settings** section
+   - **Use default**: The mitigation is either enabled or disabled, depending on the default configuration that is set up by Windows 10 or Windows 11 installation; the default value (**On** or **Off**) is always specified next to the **Use default** label for each mitigation
 
 7. Repeat step 6 for all the system-level mitigations you want to configure. Select **Apply** when you're done setting up your configuration.
 
@@ -123,9 +125,10 @@ The result is that DEP is enabled for *test.exe*. DEP won't be enabled for any o
 
 2. Select the **App & browser control** tile (or the app icon on the left menu bar) and then select **Exploit protection**.
 
-3. Go to **Program settings** and choose the app you want to apply mitigations to.<br/>
-    - If the app you want to configure is already listed, select it, and then select **Edit**.
-    - If the app isn't listed, at the top of the list select **Add program to customize** and then choose how you want to add the app.<br/>
+3. Go to **Program settings** and choose the app you want to apply mitigations to.
+
+   - If the app you want to configure is already listed, select it, and then select **Edit**.
+   - If the app isn't listed, at the top of the list select **Add program to customize** and then choose how you want to add the app.<br/>
       - Use **Add by program name** to have the mitigation applied to any running process with that name. Specify a file with an extension. You can enter a full path to limit the mitigation to only the app with that name in that location.
       - Use **Choose exact file path** to use a standard Windows Explorer file picker window to find and select the file you want.
 
@@ -207,7 +210,6 @@ Get-ProcessMitigation -Name processName.exe
 
 > [!IMPORTANT]
 > System-level mitigations that have not been configured will show a status of `NOTSET`.
->
 > - For system-level settings, `NOTSET` indicates the default setting for that mitigation has been applied.
 > - For app-level settings, `NOTSET` indicates the system-level setting for the mitigation will be applied.
 > The default setting for each system-level mitigation can be seen in the Windows Security.
@@ -299,4 +301,5 @@ To reset (undo or remove) the exploit protection mitigations, please review the
 - [Evaluate exploit protection](evaluate-exploit-protection.md)
 - [Configure and audit exploit protection mitigations](customize-exploit-protection.md)
 - [Import, export, and deploy exploit protection configurations](import-export-exploit-protection-emet-xml.md)
+
 [!INCLUDE [Microsoft Defender for Endpoint Tech Community](../includes/defender-mde-techcommunity.md)]
