From 417c34f83ee50c006533383a202cd7476c698180 Mon Sep 17 00:00:00 2001
From: TheDeuceYouSay <58704928+TheDeuceYouSay@users.noreply.github.com>
Date: Fri, 16 May 2025 08:50:18 -0700
Subject: [PATCH] Update configure-attack-disruption.md

Minor edit in the Get-ItemProperty section to improve readability.

Added a CR/LF and added the word "or" between the two PowerShell commands.
---
 defender-xdr/configure-attack-disruption.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/defender-xdr/configure-attack-disruption.md b/defender-xdr/configure-attack-disruption.md
index 26f6004674..033389f64b 100644
--- a/defender-xdr/configure-attack-disruption.md
+++ b/defender-xdr/configure-attack-disruption.md
@@ -45,6 +45,7 @@ The following are prerequisites for configuring automatic attack disruption in M
 The Minimum Sense Agent version required for the **Contain User** action to work is v10.8470. You can identify the Sense Agent version on a device by running the following PowerShell command: 
 
 > Get-ItemProperty -Path 'Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Advanced Threat Protection\' -Name "InstallLocation"
+> or
 > Get-ItemProperty -Path 'Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Advanced Threat Protection\Status' -Name "MsSenseDllVersion"
 
 #### Automation setting for your organizations devices