fix errors

windows/keep-secure/TOC.md

@@ -572,7 +572,7 @@
 ###### [Domain member: Maximum machine account password age](domain-member-maximum-machine-account-password-age.md)
 ###### [Domain member: Require strong (Windows 2000 or later) session key](domain-member-require-strong-windows-2000-or-later-session-key.md)
 ###### [Interactive logon: Display user information when the session is locked](interactive-logon-display-user-information-when-the-session-is-locked.md)
-###### [Interactive logon: Do not display last user name](interactive-logon-do-not-display-last-user-name.md)
+###### [Interactive logon: Don\'t display last signed-in](interactive-logon-do-not-display-last-user-name.md)
 ###### [Interactive logon: Do not require CTRL+ALT+DEL](interactive-logon-do-not-require-ctrl-alt-del.md)
 ###### [Interactive logon: Machine account lockout threshold](interactive-logon-machine-account-lockout-threshold.md)
 ###### [Interactive logon: Machine inactivity limit](interactive-logon-machine-inactivity-limit.md)

windows/keep-secure/configure-endpoints-sccm-windows-defender-advanced-threat-protection.md

@@ -45,9 +45,7 @@ You can use System Center Configuration Manager’s existing functionality to cr
 
 2. Extract the contents of the .zip file to a shared, read-only location that can be accessed by the network administrators who will deploy the package. You should have a file named *WindowsDefenderATPOnboardingScript.cmd*.
 
-3. Onboard your devices using SCCM by following the steps in the  [Onboard devices to Windows Defender ATP](https://docs.microsoft.com/en-us/sccm/protect/deploy-use/windows-defender-advanced-threat-protection#onboard-devices-for-windows-defender-atp) topic.
-
-4. Deploy the package by following the steps in the [How to Deploy Packages and Programs in Configuration Manager](https://technet.microsoft.com/library/gg682178.aspx) topic.
+3. Deploy the package by following the steps in the [How to Deploy Packages and Programs in Configuration Manager](https://technet.microsoft.com/library/gg682178.aspx) topic.
 
     a. Choose a predefined device collection to deploy the package to.
 

windows/keep-secure/fix-unhealhty-sensors-windows-defender-advanced-threat-protection.md

@@ -60,7 +60,7 @@ If you took corrective actions and the machine status is still misconfigured, [o
 
 ### No sensor data
 A misconfigured machine with status ‘No sensor data’ has communication with the service but can only report partial sensor data.
-Follow theses actions to correct known issues related to a misconfigured machine with status ‘Impaired communication’:
+Follow theses actions to correct known issues related to a misconfigured machine with status ‘No sensor data’:
 
 - [Ensure the endpoint has Internet connection](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md#ensure-the-endpoint-has-an-internet-connection)</br>
   The Window Defender ATP sensor requires Microsoft Windows HTTP (WinHTTP) to report sensor data and communicate with the Windows Defender ATP service.

windows/keep-secure/interactive-logon-display-user-information-when-the-session-is-locked.md

@@ -12,77 +12,77 @@ author: brianlic-msft
 # Interactive logon: Display user information when the session is locked
 
 **Applies to**
--   Windows 10
+-   Windows 10
 
 Describes the best practices, location, values, and security considerations for the **Interactive logon: Display user information when the session is locked** security policy setting.
 
 ## Reference
-This setting controls whether details such as email address or domain\username appear with the username on the sign-in screen. 
-For clients that run Windows 10 version 1511 and 1507 (RTM), this setting works similarly to previous versions of Windows. 
-Due to a new **Privacy** setting in Windows 10 version 1607, this setting affects those clients differently. 
+This security setting controls whether details such as email address or domain\username appear with the username on the sign-in screen.
+For clients that run Windows 10 version 1511 and 1507 (RTM), this setting works similarly to previous versions of Windows.
+However, because of a new **Privacy** setting introduced in Windows 10 version 1607, this security setting affects those clients differently.
 
 ### Changes in Windows 10 version 1607
 
-Beginning with Windows 10 version 1607, new functionality was added to Windows 10 to hide username details such as email address by default, with the ability to change the default to show the details. 
-This functionality is controlled by a new **Privacy** setting in **Settings** > **Accounts** > **Sign-in options**. 
-The Privacy setting is off by default, which hides the details. 
+Beginning with Windows 10 version 1607, new functionality was added to Windows 10 to hide username details such as email address by default, with the ability to change the default to show the details.
+This functionality is controlled by a new **Privacy** setting in **Settings** > **Accounts** > **Sign-in options**.
+The Privacy setting is off by default, which hides the details.
 
 ![Privacy setting](images\privacy-setting-in-sign-in-options.png)
 
-The **Interactive logon: Display user information when the session is locked** Group Policy setting controls the same functionality. 
+The **Interactive logon: Display user information when the session is locked** Group Policy setting controls the same functionality.
 
 This setting has these possible values:
 
 -   **User display name, domain and user names**
 
-    For a local logon, the user's full name is displayed. 
-    If the user signed in using a Microsoft Account, the user's email address is displayed. 
-    For a domain logon, the domain\username is displayed. 
-    This has the same effect as turning on the **Privacy** setting. 
+    For a local logon, the user's full name is displayed.
+    If the user signed in using a Microsoft account, the user's email address is displayed.
+    For a domain logon, the domain\username is displayed.
+    This has the same effect as turning on the **Privacy** setting.
 
 -   **User display name only**
 
-    The full name of the user who locked the session is displayed. 
+    The full name of the user who locked the session is displayed.
     This has the same effect as turning off the **Privacy** setting.
 
 -   **Do not display user information**
 
-    No names are displayed. 
-    Beginning with Windows 10 version 1607, this option is not supported. 
-    If this option is chosen, the full name of the user who locked the session is displayed instead. 
-    This change makes this setting consistent with the functionality of the new **Privacy** setting. 
-    To have no user information displayed, enable the Group Policy setting **Interactive logon: Don't display last signed-in**.
+    No names are displayed.
+    Beginning with Windows 10 version 1607, this option is not supported.
+    If this option is chosen, the full name of the user who locked the session is displayed instead.
+    This change makes this setting consistent with the functionality of the new **Privacy** setting.
+    To display no user information, enable the Group Policy setting **Interactive logon: Don't display last signed-in**.
 
 -   Blank.
 
-    Default setting. 
-    This translates to “Not defined,” but it will display the user’s full name in the same manner as the option **User display name only**. 
+    Default setting.
+    This translates to “Not defined,” but it will display the user’s full name in the same manner as the option **User display name only**.
     When an option is set, you cannot reset this policy to blank, or not defined.
 
 ### Hotfix for Windows 10 version 1607
 
-Clients that run Windows 10 version 1607 will not show details on the sign-in screen even if the **User display name, domain and user names** option is chosen because the **Privacy** setting is off. 
-If the **Privacy** setting is turned on, details will show. 
+Clients that run Windows 10 version 1607 will not show details on the sign-in screen even if the **User display name, domain and user names** option is chosen because the **Privacy** setting is off.
+If the **Privacy** setting is turned on, details will show.
 
-The **Privacy** setting cannot be changed for clients in bulk. 
-Instead, apply [KB 4013429](https://support.microsoft.com/help/4000825/windows-10-and-windows-server-2016-update-history) to clients that run Windows 10 version 1607 so they behave similarly to previous versions of Windows. 
+The **Privacy** setting cannot be changed for clients in bulk.
+Instead, apply KB 4013429 to clients that run Windows 10 version 1607 so they behave similarly to previous versions of Windows.
 
 There are related Group Policy settings:
 
-- **Computer Configuration\Policies\Administrative Templates\System\Logon\Block user from showing account details on sign-in** prevents users from showing account details on the sign-in screen. 
+- **Computer Configuration\Policies\Administrative Templates\System\Logon\Block user from showing account details on sign-in** prevents users from showing account details on the sign-in screen.
 - **Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Don’t display last signed-in** prevents the username of the last user to sign in from being shown.
-- **Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Don’t display user name at sign in** prevents the username from being shown at Windows sign-in and immediately after credentials are entered and before the desktop appears. 
+- **Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Don’t display username at sign-in** prevents the username from being shown at Windows sign-in and immediately after credentials are entered and before the desktop appears.
 
 ### Interaction with related Group Policy settings
 
-For all versions of Windows 10, only the user display name is shown by default. 
+For all versions of Windows 10, only the user display name is shown by default.
 
-If **Block user from showing account details on sign-in** is enabled, then only the user display name is shown regardless of any other Group Policy settings. 
+If **Block user from showing account details on sign-in** is enabled, then only the user display name is shown regardless of any other Group Policy settings.
 Users will not be able to show details.
 
-If **Block user from showing account details on sign-in** is not enabled, then you can set **Interactive logon: Display user information when the session is locked** to **User display name, domain and user names** to show additional details such as domain\username. 
-In this case, clients that run Windows 10 version 1607 need [KB 4013429](https://support.microsoft.com/help/4000825/windows-10-and-windows-server-2016-update-history) applied. 
-Users will not be able to hide additional details. 
+If **Block user from showing account details on sign-in** is not enabled, then you can set **Interactive logon: Display user information when the session is locked** to **User display name, domain and user names** to show additional details such as domain\username.
+In this case, clients that run Windows 10 version 1607 need KB 4013429 applied.
+Users will not be able to hide additional details.
 
 If **Block user from showing account details on sign-in** is not enabled and **Don’t display last signed-in** is enabled, the username will not be shown.
 
@@ -100,13 +100,13 @@ Computer Configuration\\Windows Settings\\Security Settings\\Local Policies\\Sec
 
 | Server type or Group Policy object (GPO) | Default value |
 | - | - |
-| Default domain policy| Not defined| 
-| Default domain controller policy | Not defined| 
-| Stand-alone server default settings | Not defined| 
-| Domain controller effective default settings | **User display name, domain and user names**| 
-| Member server effective default settings | **User display name, domain and user names**| 
-| Effective GPO default settings on client computers | **User display name, domain and user names**| 
- 
+| Default domain policy| Not defined|
+| Default domain controller policy | Not defined|
+| Stand-alone server default settings | Not defined|
+| Domain controller effective default settings | **User display name, domain and user names**|
+| Member server effective default settings | **User display name, domain and user names**|
+| Effective GPO default settings on client computers | **User display name, domain and user names**|
+
 ## Policy management
 
 This section describes features and tools that are available to help you manage this policy.

windows/keep-secure/interactive-logon-do-not-display-last-user-name.md

@@ -1,5 +1,5 @@
 ---
-title: Interactive logon Do not display last user name (Windows 10)
+title: Interactive logon Don't display last signed-in (Windows 10)
 description: Describes the best practices, location, values, and security considerations for the Interactive logon Do not display last user name security policy setting.
 ms.assetid: 98b24b03-95fe-4edc-8e97-cbdaa8e314fd
 ms.prod: w10
@@ -9,12 +9,12 @@ ms.pagetype: security
 author: brianlic-msft
 ---
 
-# Interactive logon: Do not display last user name
+# Interactive logon: Don't display last signed-in
 
 **Applies to**
 -   Windows 10
 
-Describes the best practices, location, values, and security considerations for the **Interactive logon: Do not display last user name** security policy setting.
+Describes the best practices, location, values, and security considerations for the **Interactive logon: Don't display last signed-in** security policy setting. Before Windows 10 version 1703, this policy setting was named **Interactive logon:Do not display last user name.**
 
 ## Reference
 
@@ -40,14 +40,14 @@ Computer Configuration\\Windows Settings\\Security Settings\\Local Policies\\Sec
 
 ### Default values
 
-| Server type or Group Policy object (GPO) | Default value| 
+| Server type or Group Policy object (GPO) | Default value|
 | - | - |
-| Default domain policy| Disabled| 
-| Default domain controller policy| Disabled| 
-| Stand-alone server default settings | Disabled| 
-| Domain controller effective default settings | Disabled| 
-| Member server effective default settings | Disabled| 
-| Effective GPO default settings on client computers | Disabled| 
+| Default domain policy| Disabled|
+| Default domain controller policy| Disabled|
+| Stand-alone server default settings | Disabled|
+| Domain controller effective default settings | Disabled|
+| Member server effective default settings | Disabled|
+| Effective GPO default settings on client computers | Disabled|
  
 ## Policy management