spell check

windows/keep-secure/alerts-queue-windows-advanced-threat-protection.md

@@ -27,7 +27,7 @@ The following table and screenshot demonstrate the main areas of the **Alerts qu
 Highlighted area|Area name|Description
 :---|:---|:---
 (1)|**Alerts queue**| Select to show **New**, **In Progress**, or **Resolved alerts**
-(2)|Alerts|Each alert shows:<ul><li>The severity of an alert as a coloured bar</li><li>A short description of the alert, including the name of the threat actor (in cases where the attribution is possible)</li><li>The last occurence of the alert on any machine</li><li>The number of days the alert has been in the queue</li><li>The general category or type of alert, or the alert's kill-chain stage</li><li>The affected machine (if there are multiple machines, the number of affected machines will be shown)</li><li>A **Manage Alert** menu icon ![The menu icon looks like three periods stacked on top of each other](images/menu-icon.png) that allows you to update the alert's status and add comments</li></ul>Clicking an alert expands to display more information about the threat and brings you to the date in the timeline when the alert was detected.
+(2)|Alerts|Each alert shows:<ul><li>The severity of an alert as a coloured bar</li><li>A short description of the alert, including the name of the threat actor (in cases where the attribution is possible)</li><li>The last occurrence of the alert on any machine</li><li>The number of days the alert has been in the queue</li><li>The general category or type of alert, or the alert's kill-chain stage</li><li>The affected machine (if there are multiple machines, the number of affected machines will be shown)</li><li>A **Manage Alert** menu icon ![The menu icon looks like three periods stacked on top of each other](images/menu-icon.png) that allows you to update the alert's status and add comments</li></ul>Clicking an alert expands to display more information about the threat and brings you to the date in the timeline when the alert was detected.
 (3)|Alerts sorting and filters | You can sort alerts by: <ul><li>**Newest** (when the threat was last seen on your network)</li><li>**Time in queue** (how long the threat has been in your queue)</li><li>**Severity**</li></ul>You can also filter the displayed alerts by:<ul><li>Severity</li><li>Time period</li></ul>See [Windows Defender ATP alerts](use-windows-defender-advanced-threat-protection.md#windows-defender-atp-alerts) for more details.
 
 ##Sort and filter the Alerts queue

windows/keep-secure/deep-analysis-windows-advanced-threat-protection.md

@@ -17,7 +17,7 @@ ms.sitesec: library
 Cyber security investigations are typically triggered by an alert. Alerts are related to one or more observed files that are often new or unknown. Clicking a file takes you to the file view where you can see the file's metadata. To enrich the data relating to the file you can submit the file for deep analysis. 
 
 The deep analysis feature executes a file in a secure, fully instrumented cloud environment. Deep analysis results show the file's activities, observed behaviors, and associated artifacts, such as dropped files, registry modifications, and communication with IPs. 
-Deep analysis currently supports extensive analysis of PE (portable executable) files (including .exe and .dll files). 
+Deep analysis currently supports extensive analysis of PE (portable executable) files (including _.exe_ and _.dll_ files). 
 
 Deep analysis of a file takes several minutes. When the file analysis is complete, results are made available in the File view page, under a new **Deep analysis summary** section. The summary includes a list of observed *behaviors*, some of which can indicate malicious activity, and *observables*, including contacted IPs and files created on the disk.
 
@@ -47,7 +47,7 @@ When the sample is collected, Windows Defender ATP runs the file in is a secure
 
 ![You can only submit PE files in the file details seciton](images/submit-file.png)
 
->**Note**  Only portable executable (PE) files are supported, including .exe and .dll files
+>**Note**  Only portable executable (PE) files are supported, including _.exe_ and _.dll_ files
 
 A progress bar is displayed and provides information on the different stages of the analysis. You can then view the report when the analysis is done. 
 
@@ -77,7 +77,7 @@ If you encounter a problem when trying to submit a file, try each of the followi
 
 **Troubleshoot deep analysis:**
 
-1. Ensure the file is a PE. PE files typically have .exe or .dll extensions (executable programs or applications).
+1. Ensure the file is a PE. PE files typically have _.exe_ or _.dll_ extensions (executable programs or applications).
 2. Ensure the service has access to the file, that it still exists, and has not been corrupted or modified.
 3. You can wait a short while and try to submit the file again, in case the queue is full or there was a temporary connection or communication error.
 4. Verify the policy setting enables sample collection and try to submit the file again: 

windows/keep-secure/service-onboarding-windows-advanced-threat-protection.md

@@ -19,8 +19,7 @@ You have to assign users to the Windows ATP Service application in Azure Active
 
 **Manage user access to the Windows Defender ATP portal**:
 
-1.  When you first go to the [Windows Defender ATP
+1.  When you first go to the [Windows Defender ATP portal](https://seville.windows.com/) and your directory does not
-    portal](https://seville.windows.com/) and your directory does not
     have users assigned to the Windows ATP Service application, you will
     be directed to open the [Microsoft Azure Dashboard](https://portal.azure.com) to manage user access. 
 

windows/keep-secure/windows-defender-advanced-threat-protection.md

@@ -78,7 +78,7 @@ Topic | Description
 :---|:---
 [Minimum requirements for Windows Defender ATP](minimum-requirements-windows-defender-advanced-threat-protection.md) | This overview topic for IT professionals provides information on the minimum requirements to use Windows Defender Advanced Threat Protection such as network and data storage configuration, and endpoint hardware ans software requirements, and deployment channels.
 [Onboard endpoints and set up the Windows Defender ATP user access](onboard-configure-windows-advanced-threat-protection.md) | You'll need to onboard and configure the service and the endpoints in your network before you can use the service. Learn about how you can assign users to the Windows Defender ATP Service in ADD and using a configuration package to configure endpoints.
-[Windows Defender Advanced Threat Protection portal overview](portal-overview-windows-defender-advanced-threat-protection.md) | Understand the main features of the service and how it levereges Microsoft technology to protect enterprise endpoints from sophisticated cyber attacks.
+[Windows Defender Advanced Threat Protection portal overview](portal-overview-windows-defender-advanced-threat-protection.md) | Understand the main features of the service and how it leverages Microsoft technology to protect enterprise endpoints from sophisticated cyber attacks.
 [Use the Windows Defender Advanced Threat Protection portal](use-windows-defender-advanced-threat-protection.md) | Learn about the capabilities of Windows Defender ATP to help you investigate alerts that might be indicators of possible breaches in your enterprise.
 [Windows Defender Advanced Threat Protection settings](settings-windows-defender-advanced-threat-protection.md) | Learn about setting the time zone and configuring the suppression rules to configure the service to your requirements.  
 [Troubleshoot Windows Defender Advanced Threat Protection](troubleshoot-windows-defender-advanced-threat-protection.md) | This topic contains information to help IT Pros find workarounds for the known issues and troubleshoot issues in Windows Defender ATP.