Merge branch 'master' of https://github.com/MicrosoftDocs/windows-docs-pr into fixhttpurls

windows/security/identity-protection/access-control/service-accounts.md

@@ -114,5 +114,5 @@ The following table provides links to additional resources that are related to s
 | Content type  | References  |
 |---------------|-------------|
 | **Product evaluation** | [What's New for Managed Service Accounts](https://technet.microsoft.com/library/hh831451(v=ws.11).aspx)<br>[Getting Started with Group Managed Service Accounts](https://technet.microsoft.com/library/jj128431(v=ws.11).aspx) |
-| **Deployment** | [Windows Server 2012: Group Managed Service Accounts - Ask Premier Field Engineering (PFE) Platforms - Site Home - TechNet Blogs](http://blogs.technet.com/b/askpfeplat/archive/2012/12/17/windows-server-2012-group-managed-service-accounts.aspx) |
+| **Deployment** | [Windows Server 2012: Group Managed Service Accounts - Ask Premier Field Engineering (PFE) Platforms - Site Home - TechNet Blogs](https://blogs.technet.com/b/askpfeplat/archive/2012/12/17/windows-server-2012-group-managed-service-accounts.aspx) |
 | **Related technologies** | [Security Principals](security-principals.md)<br>[What's new in Active Directory Domain Services](https://technet.microsoft.com/library/mt163897.aspx) |

windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-use-virtual-smart-cards.md

@@ -48,7 +48,7 @@ Virtual smart cards can also be created and deleted by using APIs. For more info
 
 -   [ITPMVirtualSmartCardManagerStatusCallBack](https://msdn.microsoft.com/library/windows/desktop/hh707161(v=vs.85).aspx)
 
-You can use APIs that were introduced in the Windows.Device.SmartCards namespace in Windows Server 2012 R2 and Windows 8.1 to build Microsoft Store apps to manage the full lifecycle of virtual smart cards. For information about how to build an app to do this, see [Strong Authentication: Building Apps That Leverage Virtual Smart Cards in Enterprise, BYOD, and Consumer Environments | Build 2013 | Channel 9](http://channel9.msdn.com/events/build/2013/2-041).
+You can use APIs that were introduced in the Windows.Device.SmartCards namespace in Windows Server 2012 R2 and Windows 8.1 to build Microsoft Store apps to manage the full lifecycle of virtual smart cards. For information about how to build an app to do this, see [Strong Authentication: Building Apps That Leverage Virtual Smart Cards in Enterprise, BYOD, and Consumer Environments | Build 2013 | Channel 9](https://channel9.msdn.com/events/build/2013/2-041).
 
 The following table describes the features that can be developed in a Microsoft Store app:
 

windows/security/threat-protection/auditing/event-4624.md

@@ -158,7 +158,7 @@ This event generates when a logon session is created (on destination machine). I
 
 -   **Restricted Admin Mode** \[Version 2\] \[Type = UnicodeString\]**:** Only populated for **RemoteInteractive** logon type sessions. This is a Yes/No flag indicating if the credentials provided were passed using Restricted Admin mode. Restricted Admin mode was added in Win8.1/2012R2 but this flag was added to the event in Win10.
 
-    Reference: <http://blogs.technet.com/b/kfalde/archive/2013/08/14/restricted-admin-mode-for-rdp-in-windows-8-1-2012-r2.aspx>.
+    Reference: <https://blogs.technet.com/b/kfalde/archive/2013/08/14/restricted-admin-mode-for-rdp-in-windows-8-1-2012-r2.aspx>.
 
     If not a **RemoteInteractive** logon, then this will be "-" string.
 

windows/security/threat-protection/auditing/event-4793.md

@@ -30,7 +30,7 @@ This event generates each time the [Password Policy Checking API](https://msdn.m
 
 The Password Policy Checking API allows an application to check password compliance against an application-provided account database or single account and verify that passwords meet the complexity, aging, minimum length, and history reuse requirements of a password policy.
 
-This event, for example, generates during Directory Services Restore Mode ([DSRM](http://blogs.technet.com/b/askds/archive/2009/03/11/ds-restore-mode-password-maintenance.aspx)) account password reset procedure to check new DSRM password.
+This event, for example, generates during Directory Services Restore Mode ([DSRM](https://blogs.technet.com/b/askds/archive/2009/03/11/ds-restore-mode-password-maintenance.aspx)) account password reset procedure to check new DSRM password.
 
 This event generates on the computer where Password Policy Checking API was called.
 

windows/security/threat-protection/auditing/event-4908.md

@@ -34,7 +34,7 @@ This event is always logged regardless of the "Audit Policy Change" sub-category
 
 More information about Special Groups auditing can be found here:
 
-<http://blogs.technet.com/b/askds/archive/2008/03/11/special-groups-auditing-via-group-policy-preferences.aspx>
+<https://blogs.technet.com/b/askds/archive/2008/03/11/special-groups-auditing-via-group-policy-preferences.aspx>
 
 <https://support.microsoft.com/kb/947223>
 

windows/security/threat-protection/auditing/event-4911.md

@@ -26,7 +26,7 @@ ms.author: dansimp
 
 ***Event Description:***
 
-This event generates when [resource attributes](http://blogs.technet.com/b/canitpro/archive/2013/05/07/step-by-step-protecting-your-information-with-dynamic-access-control.aspx) of the file system object were changed.
+This event generates when [resource attributes](https://blogs.technet.com/b/canitpro/archive/2013/05/07/step-by-step-protecting-your-information-with-dynamic-access-control.aspx) of the file system object were changed.
 
 Resource attributes for file or folder can be changed, for example, using Windows File Explorer (object’s Properties->Classification tab).
 

windows/security/threat-protection/auditing/event-4964.md

@@ -26,7 +26,7 @@ ms.author: dansimp
 
 ***Event Description:***
 
-This event occurs when an account that is a member of any defined [Special Group](http://blogs.technet.com/b/askds/archive/2008/03/11/special-groups-auditing-via-group-policy-preferences.aspx) logs in.
+This event occurs when an account that is a member of any defined [Special Group](https://blogs.technet.com/b/askds/archive/2008/03/11/special-groups-auditing-via-group-policy-preferences.aspx) logs in.
 
 > **Note**  For recommendations, see [Security Monitoring Recommendations](#security-monitoring-recommendations) for this event.
 
@@ -94,7 +94,7 @@ This event occurs when an account that is a member of any defined [Special Group
 
 > S-1-5-32-544;S-1-5-32-123-54-65
 
-&gt; For more information see: <http://blogs.technet.com/b/askds/archive/2008/03/11/special-groups-auditing-via-group-policy-preferences.aspx>
+&gt; For more information see: <https://blogs.technet.com/b/askds/archive/2008/03/11/special-groups-auditing-via-group-policy-preferences.aspx>
 
 ***Field Descriptions:***
 

windows/security/threat-protection/auditing/event-5056.md

@@ -28,9 +28,9 @@ For more information about Cryptographic Next Generation (CNG) visit these pages
 
 -   <https://msdn.microsoft.com/library/windows/desktop/bb204775(v=vs.85).aspx>
 
--   <http://www.microsoft.com/en-us/download/details.aspx?id=1251>
+-   <https://www.microsoft.com/download/details.aspx?id=1251>
 
--   <http://www.microsoft.com/en-us/download/details.aspx?id=30688>
+-   <https://www.microsoft.com/download/details.aspx?id=30688>
 
 This event is mainly used for Cryptographic Next Generation (CNG) troubleshooting.
 

windows/security/threat-protection/auditing/event-5057.md

@@ -28,9 +28,9 @@ For more information about Cryptographic Next Generation (CNG) visit these pages
 
 -   <https://msdn.microsoft.com/library/windows/desktop/bb204775(v=vs.85).aspx>
 
--   <http://www.microsoft.com/en-us/download/details.aspx?id=1251>
+-   <https://www.microsoft.com/download/details.aspx?id=1251>
 
--   <http://www.microsoft.com/en-us/download/details.aspx?id=30688>
+-   <https://www.microsoft.com/download/details.aspx?id=30688>
 
 This event is mainly used for Cryptographic Next Generation (CNG) troubleshooting.
 

windows/security/threat-protection/auditing/event-5060.md

@@ -28,9 +28,9 @@ For more information about Cryptographic Next Generation (CNG) visit these pages
 
 -   <https://msdn.microsoft.com/library/windows/desktop/bb204775(v=vs.85).aspx>
 
--   <http://www.microsoft.com/en-us/download/details.aspx?id=1251>
+-   <https://www.microsoft.com/download/details.aspx?id=1251>
 
--   <http://www.microsoft.com/en-us/download/details.aspx?id=30688>
+-   <https://www.microsoft.com/download/details.aspx?id=30688>
 
 This event is mainly used for Cryptographic Next Generation (CNG) troubleshooting.
 

windows/security/threat-protection/auditing/event-5063.md

@@ -28,9 +28,9 @@ For more information about Cryptographic Next Generation (CNG) visit these pages
 
 -   <https://msdn.microsoft.com/library/windows/desktop/aa376214(v=vs.85).aspx>
 
--   <http://www.microsoft.com/en-us/download/details.aspx?id=1251>
+-   <https://www.microsoft.com/download/details.aspx?id=1251>
 
--   <http://www.microsoft.com/en-us/download/details.aspx?id=30688>
+-   <https://www.microsoft.com/download/details.aspx?id=30688>
 
 This event is mainly used for Cryptographic Next Generation (CNG) troubleshooting.
 

windows/security/threat-protection/auditing/event-5064.md

@@ -28,9 +28,9 @@ For more information about Cryptographic Next Generation (CNG) visit these pages
 
 -   <https://msdn.microsoft.com/library/windows/desktop/aa376214(v=vs.85).aspx>
 
--   <http://www.microsoft.com/en-us/download/details.aspx?id=1251>
+-   <https://www.microsoft.com/download/details.aspx?id=1251>
 
--   <http://www.microsoft.com/en-us/download/details.aspx?id=30688>
+-   <https://www.microsoft.com/download/details.aspx?id=30688>
 
 This event is mainly used for Cryptographic Next Generation (CNG) troubleshooting.
 

windows/security/threat-protection/auditing/event-5065.md

@@ -28,9 +28,9 @@ For more information about Cryptographic Next Generation (CNG) visit these pages
 
 -   <https://msdn.microsoft.com/library/windows/desktop/aa376214(v=vs.85).aspx>
 
--   <http://www.microsoft.com/en-us/download/details.aspx?id=1251>
+-   <https://www.microsoft.com/download/details.aspx?id=1251>
 
--   <http://www.microsoft.com/en-us/download/details.aspx?id=30688>
+-   <https://www.microsoft.com/download/details.aspx?id=30688>
 
 This event is mainly used for Cryptographic Next Generation (CNG) troubleshooting.
 

windows/security/threat-protection/auditing/event-5066.md

@@ -28,9 +28,9 @@ For more information about Cryptographic Next Generation (CNG) visit these pages
 
 -   <https://msdn.microsoft.com/library/windows/desktop/aa376214(v=vs.85).aspx>
 
--   <http://www.microsoft.com/en-us/download/details.aspx?id=1251>
+-   <https://www.microsoft.com/download/details.aspx?id=1251>
 
--   <http://www.microsoft.com/en-us/download/details.aspx?id=30688>
+-   <https://www.microsoft.com/download/details.aspx?id=30688>
 
 This event is mainly used for Cryptographic Next Generation (CNG) troubleshooting.
 

windows/security/threat-protection/auditing/event-5067.md

@@ -28,9 +28,9 @@ For more information about Cryptographic Next Generation (CNG) visit these pages
 
 -   <https://msdn.microsoft.com/library/windows/desktop/aa376214(v=vs.85).aspx>
 
--   <http://www.microsoft.com/en-us/download/details.aspx?id=1251>
+-   <https://www.microsoft.com/download/details.aspx?id=1251>
 
--   <http://www.microsoft.com/en-us/download/details.aspx?id=30688>
+-   <https://www.microsoft.com/download/details.aspx?id=30688>
 
 This event is mainly used for Cryptographic Next Generation (CNG) troubleshooting.
 

windows/security/threat-protection/auditing/event-5068.md

@@ -26,9 +26,9 @@ For more information about Cryptographic Next Generation (CNG) visit these pages
 
 -   <https://msdn.microsoft.com/library/windows/desktop/aa376214(v=vs.85).aspx>
 
--   <http://www.microsoft.com/en-us/download/details.aspx?id=1251>
+-   <https://www.microsoft.com/download/details.aspx?id=1251>
 
--   <http://www.microsoft.com/en-us/download/details.aspx?id=30688>
+-   <https://www.microsoft.com/download/details.aspx?id=30688>
 
 This event is mainly used for Cryptographic Next Generation (CNG) troubleshooting.
 

windows/security/threat-protection/auditing/event-5069.md

@@ -28,9 +28,9 @@ For more information about Cryptographic Next Generation (CNG) visit these pages
 
 -   <https://msdn.microsoft.com/library/windows/desktop/aa376214(v=vs.85).aspx>
 
--   <http://www.microsoft.com/en-us/download/details.aspx?id=1251>
+-   <https://www.microsoft.com/download/details.aspx?id=1251>
 
--   <http://www.microsoft.com/en-us/download/details.aspx?id=30688>
+-   <https://www.microsoft.com/download/details.aspx?id=30688>
 
 This event is mainly used for Cryptographic Next Generation (CNG) troubleshooting.
 

windows/security/threat-protection/auditing/event-5070.md

@@ -28,9 +28,9 @@ For more information about Cryptographic Next Generation (CNG) visit these pages
 
 -   <https://msdn.microsoft.com/library/windows/desktop/aa376214(v=vs.85).aspx>
 
--   <http://www.microsoft.com/en-us/download/details.aspx?id=1251>
+-   <https://www.microsoft.com/download/details.aspx?id=1251>
 
--   <http://www.microsoft.com/en-us/download/details.aspx?id=30688>
+-   <https://www.microsoft.com/download/details.aspx?id=30688>
 
 This event is mainly used for Cryptographic Next Generation (CNG) troubleshooting.
 

windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md

@@ -56,7 +56,7 @@ You can exclude files and folders from being evaluated by most attack surface re
 
 You can specify individual files or folders (using folder paths or fully qualified resource names) but you can't specify which rules the exclusions apply to. An exclusion is applied only when the excluded application or service starts. For example, if you add an exclusion for an update service that is already running, the update service will continue to trigger events until the service is stopped and restarted.
 
-ASR rules support environment variables and wildcards. For information about using wildcards, see [Use wildcards in the file name and folder path or extension exclusion lists](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus#use-wildcards-in-the-file-name-and-folder-path-or-extension-exclusion-lists).
+ASR rules support environment variables and wildcards. For information about using wildcards, see [Use wildcards in the file name and folder path or extension exclusion lists](../windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus.md#use-wildcards-in-the-file-name-and-folder-path-or-extension-exclusion-lists).
 
 The following procedures for enabling ASR rules include instructions for how to exclude files and folders.
 
@@ -76,7 +76,7 @@ The following procedures for enabling ASR rules include instructions for how to
 
 Use the [./Vendor/MSFT/Policy/Config/Defender/AttackSurfaceReductionRules](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-defender#defender-attacksurfacereductionrules) configuration service provider (CSP) to individually enable and set the mode for each rule.
 
-The following is a sample for reference, using [GUID values for ASR rules](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction#attack-surface-reduction-rules).
+The following is a sample for reference, using [GUID values for ASR rules](attack-surface-reduction.md#attack-surface-reduction-rules).
 
 OMA-URI path: ./Vendor/MSFT/Policy/Config/Defender/AttackSurfaceReductionRules
 
@@ -186,4 +186,4 @@ Value: c:\path|e:\path|c:\Whitelisted.exe
 
 * [Reduce attack surfaces with attack surface reduction rules](attack-surface-reduction.md)
 * [Evaluate attack surface reduction](evaluate-attack-surface-reduction.md)
-* [Enable cloud-delivered protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus)
+* [Enable cloud-delivered protection](../windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus.md)