The SignedVersion rule level in WDAC App Control for Business grants execution rights based on two combined criteria: the file must be signed by a specific publ

> Windows Hardware Quality Lab signing — a Microsoft-operated certification program that tests and cryptographically endorses hardware drivers. The WHQL level i

> The most specific WHQL-family rule level: combines the WHQL EKU trust check, vendor leaf certificate CN, specific driver filename, and a minimum version floor

> Formerly known as: Windows Defender Application Control

> Combines the WHQL EKU trust check with the Common Name of the leaf certificate — allowing only WHQL-certified drivers from a specific named hardware vendor,

Enabled:UMCI extends Windows Defender Application Control enforcement from kernel-mode code down into the full user-mode execution space. Without this option,

Required:WHQL tightens the kernel-mode driver signing standard from the broader Microsoft-signed requirement to the stricter Windows Hardware Quality Labs cert

Enabled:Audit Mode places an App Control for Business policy in a non-enforcing observation state. When Audit Mode is active, the Code Integrity engine evaluate