diff --git a/windows/client-management/mdm/devicemanageability-csp.md b/windows/client-management/mdm/devicemanageability-csp.md
index 724027f5f0..3bf0368ffd 100644
--- a/windows/client-management/mdm/devicemanageability-csp.md
+++ b/windows/client-management/mdm/devicemanageability-csp.md
@@ -1,6 +1,6 @@
---
title: DeviceManageability CSP
-description: The DeviceManageability configuration service provider (CSP) is used retrieve the general information about MDM configuration capabilities on the device. This CSP was added in Windows 10, version 1607.
+description: The DeviceManageability configuration service provider (CSP) is used retrieve general information about MDM configuration capabilities on the device.
ms.assetid: FE563221-D5B5-4EFD-9B60-44FE4066B0D2
ms.reviewer:
manager: dansimp
diff --git a/windows/client-management/mdm/dmclient-csp.md b/windows/client-management/mdm/dmclient-csp.md
index 7946edba39..4767766c8c 100644
--- a/windows/client-management/mdm/dmclient-csp.md
+++ b/windows/client-management/mdm/dmclient-csp.md
@@ -1,6 +1,6 @@
---
title: DMClient CSP
-description: The DMClient configuration service provider is used to specify additional enterprise-specific mobile device management configuration settings for identifying the device in the enterprise domain, security mitigation for certificate renewal, and server-triggered enterprise unenrollment.
+description: Understand how the DMClient configuration service provider works. It is used to specify enterprise-specific mobile device management configuration settings.
ms.assetid: a5cf35d9-ced0-4087-a247-225f102f2544
ms.reviewer:
manager: dansimp
diff --git a/windows/client-management/mdm/eap-configuration.md b/windows/client-management/mdm/eap-configuration.md
index 03e82dc9e8..f687502610 100644
--- a/windows/client-management/mdm/eap-configuration.md
+++ b/windows/client-management/mdm/eap-configuration.md
@@ -1,6 +1,6 @@
---
title: EAP configuration
-description: The topic provides a step-by-step guide for creating an Extensible Authentication Protocol (EAP) configuration XML for the VPN profile and information about EAP certificate filtering in Windows 10.
+description: Learn how to create an Extensible Authentication Protocol (EAP) configuration XML for a VPN profile, plus info about EAP certificate filtering in Windows 10.
ms.assetid: DD3F2292-4B4C-4430-A57F-922FED2A8FAE
ms.reviewer:
manager: dansimp
diff --git a/windows/client-management/mdm/implement-server-side-mobile-application-management.md b/windows/client-management/mdm/implement-server-side-mobile-application-management.md
index bc80bbff44..481d57ea45 100644
--- a/windows/client-management/mdm/implement-server-side-mobile-application-management.md
+++ b/windows/client-management/mdm/implement-server-side-mobile-application-management.md
@@ -1,6 +1,6 @@
---
title: Provide server-side support for mobile app management on Windows
-description: The Windows version of mobile application management (MAM) is a lightweight solution for managing company data access and security on personal devices. MAM support is built into Windows on top of Windows Information Protection (WIP).
+description: The Windows version of mobile application management (MAM) is a lightweight solution for managing company data access and security on personal devices.
ms.author: dansimp
ms.topic: article
ms.prod: w10
diff --git a/windows/deployment/deploy-windows-mdt/create-a-task-sequence-with-configuration-manager-and-mdt.md b/windows/deployment/deploy-windows-mdt/create-a-task-sequence-with-configuration-manager-and-mdt.md
index 692b7306a7..9076a17339 100644
--- a/windows/deployment/deploy-windows-mdt/create-a-task-sequence-with-configuration-manager-and-mdt.md
+++ b/windows/deployment/deploy-windows-mdt/create-a-task-sequence-with-configuration-manager-and-mdt.md
@@ -1,6 +1,6 @@
---
title: Create a task sequence with Configuration Manager (Windows 10)
-description: In this topic, you will learn how to create a Microsoft System Center 2012 R2 Configuration Manager task sequence with Microsoft Deployment Toolkit (MDT) integration using the MDT wizard.
+description: Create a Microsoft System Center 2012 R2 Configuration Manager task sequence with Microsoft Deployment Toolkit (MDT) integration using the MDT wizard.
ms.assetid: 0b069bec-5be8-47c6-bf64-7a630f41ac98
ms.reviewer:
manager: laurawi
diff --git a/windows/deployment/deploy-windows-mdt/use-orchestrator-runbooks-with-mdt.md b/windows/deployment/deploy-windows-mdt/use-orchestrator-runbooks-with-mdt.md
index 234a716425..e7cabd8fec 100644
--- a/windows/deployment/deploy-windows-mdt/use-orchestrator-runbooks-with-mdt.md
+++ b/windows/deployment/deploy-windows-mdt/use-orchestrator-runbooks-with-mdt.md
@@ -1,177 +1,178 @@
----
-title: Use Orchestrator runbooks with MDT (Windows 10)
-description: This topic will show you how to integrate Microsoft System Center 2012 R2 Orchestrator with MDT to replace the existing web services that are used in deployment solutions.
-ms.assetid: 68302780-1f6f-4a9c-9407-b14371fdce3f
-ms.reviewer:
-manager: laurawi
-ms.author: greglin
-keywords: web services, database
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.localizationpriority: medium
-ms.sitesec: library
-ms.pagetype: mdt
-audience: itpro
author: greg-lindsay
-ms.topic: article
----
-
-# Use Orchestrator runbooks with MDT
-
-This topic will show you how to integrate Microsoft System Center 2012 R2 Orchestrator with MDT to replace the existing web services that are used in deployment solutions.
-MDT can integrate with System Center 2012 R2 Orchestrator, which is a component that ties the Microsoft System Center products together, as well as other products from both Microsoft and third-party vendors. The difference between using Orchestrator and "normal" web services, is that with Orchestrator you have a rich drag-and-drop style interface when building the solution, and little or no coding is required.
-
-**Note**
-If you are licensed to use Orchestrator, we highly recommend that you start using it. To find out more about licensing options for System Center 2012 R2 and Orchestrator, visit the [System Center 2012 R2](https://go.microsoft.com/fwlink/p/?LinkId=619553) website.
-
-## Orchestrator terminology
-
-Before diving into the core details, here is a quick course in Orchestrator terminology:
-- **Orchestrator Server.** This is a server that executes runbooks.
-- **Runbooks.** A runbook is similar to a task sequence; it is a series of instructions based on conditions. Runbooks consist of workflow activities; an activity could be Copy File, Get User from Active Directory, or even Write to Database.
-- **Orchestrator Designer.** This is where you build the runbooks. In brief, you do that by creating an empty runbook, dragging in the activities you need, and then connecting them in a workflow with conditions and subscriptions.
-- **Subscriptions.** These are variables that come from an earlier activity in the runbook. So if you first execute an activity in which you type in a computer name, you can then subscribe to that value in the next activity. All these variables are accumulated during the execution of the runbook.
-- **Orchestrator Console.** This is the Microsoft Silverlight-based web page you can use interactively to execute runbooks. The console listens to TCP port 81 by default.
-- **Orchestrator web services.** These are the web services you use in the Microsoft Deployment Toolkit to execute runbooks during deployment. The web services listen to TCP port 82 by default.
-- **Integration packs.** These provide additional workflow activities you can import to integrate with other products or solutions, like the rest of Active Directory, other System Center 2012 R2 products, or Microsoft Exchange Server, to name a few.
-
-**Note**
-To find and download additional integration packs, see [Integration Packs for System Center 2012 - Orchestrator](https://go.microsoft.com/fwlink/p/?LinkId=619554).
-
-## Create a sample runbook
-
-This section assumes you have Orchestrator 2012 R2 installed on a server named OR01. In this section, you create a sample runbook, which is used to log some of the MDT deployment information into a text file on OR01.
-
-1. On OR01, using File Explorer, create the **E:\\Logfile** folder, and grant Users modify permissions (NTFS).
-2. In the **E:\\Logfile** folder, create the DeployLog.txt file.
- **Note**
- Make sure File Explorer is configured to show known file extensions so the file is not named DeployLog.txt.txt.
-
- 
-
- Figure 23. The DeployLog.txt file.
-
-3. Using System Center 2012 R2 Orchestrator Runbook Designer, in the **Runbooks** node, create the **1.0 MDT** folder.
-
- 
-
- Figure 24. Folder created in the Runbooks node.
-
-4. In the **Runbooks** node, right-click the **1.0 MDT** folder, and select **New / Runbook**.
-5. On the ribbon bar, click **Check Out**.
-6. Right-click the **New Runbook** label, select **Rename**, and assign the name **MDT Sample**.
-7. Add (using a drag-and-drop operation) the following items from the **Activities** list to the middle pane:
- 1. Runbook Control / Initialize Data
- 2. Text File Management / Append Line
-8. Connect **Initialize Data** to **Append Line**.
-
- 
-
- Figure 25. Activities added and connected.
-
-9. Right-click the **Initialize Data** activity, and select **Properties**
-10. On **the Initialize Data Properties** page, click **Add**, change **Parameter 1** to **OSDComputerName**, and then click **Finish**.
-
- 
-
- Figure 26. The Initialize Data Properties window.
-
-11. Right-click the **Append Line** activity, and select **Properties**.
-12. On the **Append Line Properties** page, in the **File** text box, type **E:\\Logfile\\DeployLog.txt**.
-13. In the **File** encoding drop-down list, select **ASCII**.
-14. In the **Append** area, right-click inside the **Text** text box and select **Expand**.
-
- 
-
- Figure 27. Expanding the Text area.
-
-15. In the blank text box, right-click and select **Subscribe / Published Data**.
-
- 
-
- Figure 28. Subscribing to data.
-
-16. In the **Published Data** window, select the **OSDComputerName** item, and click **OK**.
-17. After the **{OSDComputerName from "Initialize Data"}** text, type in **has been deployed at** and, once again, right-click and select **Subscribe / Published Data**.
-18. In the **Published Data** window, select the **Show common Published Data** check box, select the **Activity end time** item, and click **OK**.
-
- 
-
- Figure 29. The expanded text box after all subscriptions have been added.
-
-19. On the **Append Line Properties** page, click **Finish**.
- ## Test the demo MDT runbook
- After the runbook is created, you are ready to test it.
-20. On the ribbon bar, click **Runbook Tester**.
-21. Click **Run**, and in the **Initialize Data Parameters** dialog box, use the following setting and then click **OK**:
- - OSDComputerName: PC0010
-22. Verify that all activities are green (for additional information, see each target).
-23. Close the **Runbook Tester**.
-24. On the ribbon bar, click **Check In**.
-
-
-
-Figure 30. All tests completed.
-
-## Use the MDT demo runbook from MDT
-
-1. On MDT01, using the Deployment Workbench, in the MDT Production deployment share, select the **Task Sequences** node, and create a folder named **Orchestrator**.
-2. Right-click the **Orchestrator** node, and select **New Task Sequence**. Use the following settings for the New Task Sequence Wizard:
- 1. Task sequence ID: OR001
- 2. Task sequence name: Orchestrator Sample
- 3. Task sequence comments: <blank>
- 4. Template: Custom Task Sequence
-3. In the **Orchestrator** node, double-click the **Orchestrator Sample** task sequence, and then select the **Task Sequence** tab.
-4. Remove the default **Application Install** action.
-5. Add a **Gather** action and select the **Gather only local data (do not process rules)** option.
-6. After the **Gather** action, add a **Set Task Sequence Variable** action with the following settings:
- 1. Name: Set Task Sequence Variable
- 2. Task Sequence Variable: OSDComputerName
- 3. Value: %hostname%
-7. After the **Set Task Sequence Variable** action, add a new **Execute Orchestrator Runbook** action with the following settings:
- 1. Orchestrator Server: OR01.contoso.com
- 2. Use Browse to select **1.0 MDT / MDT Sample**.
-8. Click **OK**.
-
-
-
-Figure 31. The ready-made task sequence.
-
-## Run the orchestrator sample task sequence
-
-Since this task sequence just starts a runbook, you can test this on the PC0001 client that you used for the MDT simulation environment.
-**Note**
-Make sure the account you are using has permissions to run runbooks on the Orchestrator server. For more information about runbook permissions, see [Runbook Permissions](https://go.microsoft.com/fwlink/p/?LinkId=619555).
-
-1. On PC0001, log on as **CONTOSO\\MDT\_BA**.
-2. Using an elevated command prompt (run as Administrator), type the following command:
-
- ``` syntax
- cscript \\MDT01\MDTProduction$\Scripts\Litetouch.vbs
- ```
-3. Complete the Windows Deployment Wizard using the following information:
- 1. Task Sequence: Orchestrator Sample
- 2. Credentials:
- 1. User Name: MDT\_BA
- 2. Password: P@ssw0rd
- 3. Domain: CONTOSO
-4. Wait until the task sequence is completed and then verify that the DeployLog.txt file in the E:\\Logfile folder on OR01 was updated.
-
-
-
-Figure 32. The ready-made task sequence.
-
-## Related topics
-
-[Set up MDT for BitLocker](set-up-mdt-for-bitlocker.md)
-
-[Configure MDT deployment share rules](configure-mdt-deployment-share-rules.md)
-
-[Configure MDT for UserExit scripts](configure-mdt-for-userexit-scripts.md)
-
-[Simulate a Windows10 deployment in a test environment](simulate-a-windows-10-deployment-in-a-test-environment.md)
-
-[Use the MDT database to stage Windows 10 deployment information](use-the-mdt-database-to-stage-windows-10-deployment-information.md)
-
-[Assign applications using roles in MDT](assign-applications-using-roles-in-mdt.md)
-
-[Use web services in MDT](use-web-services-in-mdt.md)
+---
+title: Use Orchestrator runbooks with MDT (Windows 10)
+description: Learn how to integrate Microsoft System Center 2012 R2 Orchestrator with MDT to replace the existing web services that are used in deployment solutions.
+ms.assetid: 68302780-1f6f-4a9c-9407-b14371fdce3f
+ms.reviewer:
+manager: laurawi
+ms.author: greglin
+keywords: web services, database
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.localizationpriority: medium
+ms.sitesec: library
+ms.pagetype: mdt
+audience: itpro
+author: greg-lindsay
+ms.topic: article
+---
+
+# Use Orchestrator runbooks with MDT
+
+This topic will show you how to integrate Microsoft System Center 2012 R2 Orchestrator with MDT to replace the existing web services that are used in deployment solutions.
+MDT can integrate with System Center 2012 R2 Orchestrator, which is a component that ties the Microsoft System Center products together, as well as other products from both Microsoft and third-party vendors. The difference between using Orchestrator and "normal" web services, is that with Orchestrator you have a rich drag-and-drop style interface when building the solution, and little or no coding is required.
+
+**Note**
+If you are licensed to use Orchestrator, we highly recommend that you start using it. To find out more about licensing options for System Center 2012 R2 and Orchestrator, visit the [System Center 2012 R2](https://go.microsoft.com/fwlink/p/?LinkId=619553) website.
+
+## Orchestrator terminology
+
+Before diving into the core details, here is a quick course in Orchestrator terminology:
+- **Orchestrator Server.** This is a server that executes runbooks.
+- **Runbooks.** A runbook is similar to a task sequence; it is a series of instructions based on conditions. Runbooks consist of workflow activities; an activity could be Copy File, Get User from Active Directory, or even Write to Database.
+- **Orchestrator Designer.** This is where you build the runbooks. In brief, you do that by creating an empty runbook, dragging in the activities you need, and then connecting them in a workflow with conditions and subscriptions.
+- **Subscriptions.** These are variables that come from an earlier activity in the runbook. So if you first execute an activity in which you type in a computer name, you can then subscribe to that value in the next activity. All these variables are accumulated during the execution of the runbook.
+- **Orchestrator Console.** This is the Microsoft Silverlight-based web page you can use interactively to execute runbooks. The console listens to TCP port 81 by default.
+- **Orchestrator web services.** These are the web services you use in the Microsoft Deployment Toolkit to execute runbooks during deployment. The web services listen to TCP port 82 by default.
+- **Integration packs.** These provide additional workflow activities you can import to integrate with other products or solutions, like the rest of Active Directory, other System Center 2012 R2 products, or Microsoft Exchange Server, to name a few.
+
+**Note**
+To find and download additional integration packs, see [Integration Packs for System Center 2012 - Orchestrator](https://go.microsoft.com/fwlink/p/?LinkId=619554).
+
+## Create a sample runbook
+
+This section assumes you have Orchestrator 2012 R2 installed on a server named OR01. In this section, you create a sample runbook, which is used to log some of the MDT deployment information into a text file on OR01.
+
+1. On OR01, using File Explorer, create the **E:\\Logfile** folder, and grant Users modify permissions (NTFS).
+2. In the **E:\\Logfile** folder, create the DeployLog.txt file.
+ **Note**
+ Make sure File Explorer is configured to show known file extensions so the file is not named DeployLog.txt.txt.
+
+ 
+
+ Figure 23. The DeployLog.txt file.
+
+3. Using System Center 2012 R2 Orchestrator Runbook Designer, in the **Runbooks** node, create the **1.0 MDT** folder.
+
+ 
+
+ Figure 24. Folder created in the Runbooks node.
+
+4. In the **Runbooks** node, right-click the **1.0 MDT** folder, and select **New / Runbook**.
+5. On the ribbon bar, click **Check Out**.
+6. Right-click the **New Runbook** label, select **Rename**, and assign the name **MDT Sample**.
+7. Add (using a drag-and-drop operation) the following items from the **Activities** list to the middle pane:
+ 1. Runbook Control / Initialize Data
+ 2. Text File Management / Append Line
+8. Connect **Initialize Data** to **Append Line**.
+
+ 
+
+ Figure 25. Activities added and connected.
+
+9. Right-click the **Initialize Data** activity, and select **Properties**
+10. On **the Initialize Data Properties** page, click **Add**, change **Parameter 1** to **OSDComputerName**, and then click **Finish**.
+
+ 
+
+ Figure 26. The Initialize Data Properties window.
+
+11. Right-click the **Append Line** activity, and select **Properties**.
+12. On the **Append Line Properties** page, in the **File** text box, type **E:\\Logfile\\DeployLog.txt**.
+13. In the **File** encoding drop-down list, select **ASCII**.
+14. In the **Append** area, right-click inside the **Text** text box and select **Expand**.
+
+ 
+
+ Figure 27. Expanding the Text area.
+
+15. In the blank text box, right-click and select **Subscribe / Published Data**.
+
+ 
+
+ Figure 28. Subscribing to data.
+
+16. In the **Published Data** window, select the **OSDComputerName** item, and click **OK**.
+17. After the **{OSDComputerName from "Initialize Data"}** text, type in **has been deployed at** and, once again, right-click and select **Subscribe / Published Data**.
+18. In the **Published Data** window, select the **Show common Published Data** check box, select the **Activity end time** item, and click **OK**.
+
+ 
+
+ Figure 29. The expanded text box after all subscriptions have been added.
+
+19. On the **Append Line Properties** page, click **Finish**.
+ ## Test the demo MDT runbook
+ After the runbook is created, you are ready to test it.
+20. On the ribbon bar, click **Runbook Tester**.
+21. Click **Run**, and in the **Initialize Data Parameters** dialog box, use the following setting and then click **OK**:
+ - OSDComputerName: PC0010
+22. Verify that all activities are green (for additional information, see each target).
+23. Close the **Runbook Tester**.
+24. On the ribbon bar, click **Check In**.
+
+
+
+Figure 30. All tests completed.
+
+## Use the MDT demo runbook from MDT
+
+1. On MDT01, using the Deployment Workbench, in the MDT Production deployment share, select the **Task Sequences** node, and create a folder named **Orchestrator**.
+2. Right-click the **Orchestrator** node, and select **New Task Sequence**. Use the following settings for the New Task Sequence Wizard:
+ 1. Task sequence ID: OR001
+ 2. Task sequence name: Orchestrator Sample
+ 3. Task sequence comments: <blank>
+ 4. Template: Custom Task Sequence
+3. In the **Orchestrator** node, double-click the **Orchestrator Sample** task sequence, and then select the **Task Sequence** tab.
+4. Remove the default **Application Install** action.
+5. Add a **Gather** action and select the **Gather only local data (do not process rules)** option.
+6. After the **Gather** action, add a **Set Task Sequence Variable** action with the following settings:
+ 1. Name: Set Task Sequence Variable
+ 2. Task Sequence Variable: OSDComputerName
+ 3. Value: %hostname%
+7. After the **Set Task Sequence Variable** action, add a new **Execute Orchestrator Runbook** action with the following settings:
+ 1. Orchestrator Server: OR01.contoso.com
+ 2. Use Browse to select **1.0 MDT / MDT Sample**.
+8. Click **OK**.
+
+
+
+Figure 31. The ready-made task sequence.
+
+## Run the orchestrator sample task sequence
+
+Since this task sequence just starts a runbook, you can test this on the PC0001 client that you used for the MDT simulation environment.
+**Note**
+Make sure the account you are using has permissions to run runbooks on the Orchestrator server. For more information about runbook permissions, see [Runbook Permissions](https://go.microsoft.com/fwlink/p/?LinkId=619555).
+
+1. On PC0001, log on as **CONTOSO\\MDT\_BA**.
+2. Using an elevated command prompt (run as Administrator), type the following command:
+
+ ``` syntax
+ cscript \\MDT01\MDTProduction$\Scripts\Litetouch.vbs
+ ```
+3. Complete the Windows Deployment Wizard using the following information:
+ 1. Task Sequence: Orchestrator Sample
+ 2. Credentials:
+ 1. User Name: MDT\_BA
+ 2. Password: P@ssw0rd
+ 3. Domain: CONTOSO
+4. Wait until the task sequence is completed and then verify that the DeployLog.txt file in the E:\\Logfile folder on OR01 was updated.
+
+
+
+Figure 32. The ready-made task sequence.
+
+## Related topics
+
+[Set up MDT for BitLocker](set-up-mdt-for-bitlocker.md)
+
+[Configure MDT deployment share rules](configure-mdt-deployment-share-rules.md)
+
+[Configure MDT for UserExit scripts](configure-mdt-for-userexit-scripts.md)
+
+[Simulate a Windows10 deployment in a test environment](simulate-a-windows-10-deployment-in-a-test-environment.md)
+
+[Use the MDT database to stage Windows 10 deployment information](use-the-mdt-database-to-stage-windows-10-deployment-information.md)
+
+[Assign applications using roles in MDT](assign-applications-using-roles-in-mdt.md)
+
+[Use web services in MDT](use-web-services-in-mdt.md)
diff --git a/windows/deployment/deploy-windows-mdt/use-the-mdt-database-to-stage-windows-10-deployment-information.md b/windows/deployment/deploy-windows-mdt/use-the-mdt-database-to-stage-windows-10-deployment-information.md
index 79b6610104..1ca54bbdb6 100644
--- a/windows/deployment/deploy-windows-mdt/use-the-mdt-database-to-stage-windows-10-deployment-information.md
+++ b/windows/deployment/deploy-windows-mdt/use-the-mdt-database-to-stage-windows-10-deployment-information.md
@@ -1,6 +1,6 @@
---
title: Use MDT database to stage Windows 10 deployment info (Windows 10)
-description: This topic is designed to teach you how to use the MDT database to pre-stage information on your Windows 10 deployment in a Microsoft SQL Server 2012 SP1 Express database, rather than include the information in a text file (CustomSettings.ini).
+description: Learn how to use the MDT database to pre-stage information on your Windows 10 deployment in a Microsoft SQL Server 2012 SP1 Express database.
ms.assetid: 8956ab54-90ba-45d3-a384-4fdec72c4d46
ms.reviewer:
manager: laurawi
diff --git a/windows/deployment/planning/creating-an-apphelp-message-in-compatibility-administrator.md b/windows/deployment/planning/creating-an-apphelp-message-in-compatibility-administrator.md
index 8d8da0f126..c35e379797 100644
--- a/windows/deployment/planning/creating-an-apphelp-message-in-compatibility-administrator.md
+++ b/windows/deployment/planning/creating-an-apphelp-message-in-compatibility-administrator.md
@@ -1,6 +1,6 @@
---
title: Create AppHelp Message in Compatibility Administrator (Windows 10)
-description: The Compatibility Administrator tool enables you to create an AppHelp text message. This is a blocking or non-blocking message that appears when a user starts an application that you know has major functionality issues on the Windows® operating system.
+description: Create an AppHelp text message with Compatibility Administrator; a message that appears upon starting an app with major issues on the Windows® operating system.
ms.assetid: 5c6e89f5-1942-4aa4-8439-ccf0ecd02848
ms.reviewer:
manager: laurawi
diff --git a/windows/deployment/upgrade/upgrade-to-windows-10-with-system-center-configuraton-manager.md b/windows/deployment/upgrade/upgrade-to-windows-10-with-system-center-configuraton-manager.md
index 513ae0cfd8..c6118f8f14 100644
--- a/windows/deployment/upgrade/upgrade-to-windows-10-with-system-center-configuraton-manager.md
+++ b/windows/deployment/upgrade/upgrade-to-windows-10-with-system-center-configuraton-manager.md
@@ -1,6 +1,6 @@
---
title: Perform in-place upgrade to Windows 10 via Configuration Manager
-description: The simplest path to upgrade PCs currently running Windows 7, Windows 8, or Windows 8.1 to Windows 10 is through an in-place upgrade. Use a System Center Configuration Manager task sequence to completely automate the process.
+description: In-place upgrades make upgrading Windows 7, Windows 8, and Windows 8.1 to Windows 10 easy -- you can even automate the whole process with a SCCM task sequence.
ms.assetid: F8DF6191-0DB0-4EF5-A9B1-6A11D5DE4878
ms.reviewer:
manager: laurawi
diff --git a/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.md b/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.md
index 5ab13673ea..226acb2e7c 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.md
@@ -1,6 +1,6 @@
---
title: BitLocker Key Management FAQ (Windows 10)
-description: This topic for the IT professional answers frequently asked questions concerning the requirements to use, upgrade, deploy and administer, and key management policies for BitLocker.
+description: Browse frequently asked questions concerning the requirements to use, upgrade, deploy and administer, and key management policies for BitLocker.
ms.assetid: c40f87ac-17d3-47b2-afc6-6c641f72ecee
ms.reviewer:
ms.prod: w10
diff --git a/windows/security/information-protection/tpm/tpm-fundamentals.md b/windows/security/information-protection/tpm/tpm-fundamentals.md
index 8f99d1e45e..e2ae8c85e5 100644
--- a/windows/security/information-protection/tpm/tpm-fundamentals.md
+++ b/windows/security/information-protection/tpm/tpm-fundamentals.md
@@ -1,6 +1,6 @@
---
title: TPM fundamentals (Windows 10)
-description: This topic for the IT professional provides a description of the components of the Trusted Platform Module (TPM 1.2 and TPM 2.0) and explains how they are used to mitigate dictionary attacks.
+description: Inform yourself about the components of the Trusted Platform Module (TPM 1.2 and TPM 2.0) and how they are used to mitigate dictionary attacks.
ms.assetid: ac90f5f9-9a15-4e87-b00d-4adcf2ec3000
ms.reviewer:
ms.prod: w10
diff --git a/windows/security/threat-protection/auditing/audit-application-generated.md b/windows/security/threat-protection/auditing/audit-application-generated.md
index 72a5aecec7..b594ba40ca 100644
--- a/windows/security/threat-protection/auditing/audit-application-generated.md
+++ b/windows/security/threat-protection/auditing/audit-application-generated.md
@@ -1,6 +1,6 @@
---
title: Audit Application Generated (Windows 10)
-description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Application Generated, which determines whether the operating system generates audit events when applications attempt to use the Windows Auditing application programming interfaces (APIs).
+description: The policy setting, Audit Application Generated, determines if audit events are generated when applications attempt to use the Windows Auditing APIs.
ms.assetid: 6c58a365-b25b-42b8-98ab-819002e31871
ms.reviewer:
manager: dansimp
diff --git a/windows/security/threat-protection/auditing/audit-central-access-policy-staging.md b/windows/security/threat-protection/auditing/audit-central-access-policy-staging.md
index 061105bbac..f655b5d8c6 100644
--- a/windows/security/threat-protection/auditing/audit-central-access-policy-staging.md
+++ b/windows/security/threat-protection/auditing/audit-central-access-policy-staging.md
@@ -1,6 +1,6 @@
---
title: Audit Central Access Policy Staging (Windows 10)
-description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Central Access Policy Staging, which determines permissions on a Central Access Policy.
+description: The Advanced Security Audit policy setting, Audit Central Access Policy Staging, determines permissions on a Central Access Policy.
ms.assetid: D9BB11CE-949A-4B48-82BF-30DC5E6FC67D
ms.reviewer:
manager: dansimp
diff --git a/windows/security/threat-protection/auditing/audit-kerberos-authentication-service.md b/windows/security/threat-protection/auditing/audit-kerberos-authentication-service.md
index d28314643d..529003459d 100644
--- a/windows/security/threat-protection/auditing/audit-kerberos-authentication-service.md
+++ b/windows/security/threat-protection/auditing/audit-kerberos-authentication-service.md
@@ -1,6 +1,6 @@
---
title: Audit Kerberos Authentication Service (Windows 10)
-description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Kerberos Authentication Service, which determines whether to generate audit events for Kerberos authentication ticket-granting ticket (TGT) requests.
+description: The policy setting Audit Kerberos Authentication Service decides if audit events are generated for Kerberos authentication ticket-granting ticket (TGT) requests
ms.assetid: 990dd6d9-1a1f-4cce-97ba-5d7e0a7db859
ms.reviewer:
manager: dansimp
diff --git a/windows/security/threat-protection/auditing/audit-network-policy-server.md b/windows/security/threat-protection/auditing/audit-network-policy-server.md
index 6d7eaac005..697ae99b16 100644
--- a/windows/security/threat-protection/auditing/audit-network-policy-server.md
+++ b/windows/security/threat-protection/auditing/audit-network-policy-server.md
@@ -1,6 +1,6 @@
---
title: Audit Network Policy Server (Windows 10)
-description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Network Policy Server, which determines whether the operating system generates audit events for RADIUS (IAS) and Network Access Protection (NAP) activity on user access requests (Grant, Deny, Discard, Quarantine, Lock, and Unlock).
+description: The policy setting, Audit Network Policy Server, determines if audit events are generated for RADIUS (IAS) and NAP activity on user access requests.
ms.assetid: 43b2aea4-26df-46da-b761-2b30f51a80f7
ms.reviewer:
manager: dansimp
diff --git a/windows/security/threat-protection/auditing/audit-process-termination.md b/windows/security/threat-protection/auditing/audit-process-termination.md
index 3943542ccf..7ba49fbd59 100644
--- a/windows/security/threat-protection/auditing/audit-process-termination.md
+++ b/windows/security/threat-protection/auditing/audit-process-termination.md
@@ -1,6 +1,6 @@
---
title: Audit Process Termination (Windows 10)
-description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Process Termination, which determines whether the operating system generates audit events when an attempt is made to end a process.
+description: The Advanced Security Audit policy setting, Audit Process Termination, determines if audit events are generated when an attempt is made to end a process.
ms.assetid: 65d88e53-14aa-48a4-812b-557cebbf9e50
ms.reviewer:
manager: dansimp
diff --git a/windows/security/threat-protection/auditing/audit-security-group-management.md b/windows/security/threat-protection/auditing/audit-security-group-management.md
index 710f45b4ae..d75b85e522 100644
--- a/windows/security/threat-protection/auditing/audit-security-group-management.md
+++ b/windows/security/threat-protection/auditing/audit-security-group-management.md
@@ -1,6 +1,6 @@
---
title: Audit Security Group Management (Windows 10)
-description: This topic for the IT professional describes the advanced security audit policy setting, Audit Security Group Management, which determines whether the operating system generates audit events when specific security group management tasks are performed.
+description: The policy setting, Audit Security Group Management, determines if audit events are generated when specific security group management tasks are performed.
ms.assetid: ac2ee101-557b-4c84-b9fa-4fb23331f1aa
ms.reviewer:
manager: dansimp
diff --git a/windows/security/threat-protection/auditing/audit-sensitive-privilege-use.md b/windows/security/threat-protection/auditing/audit-sensitive-privilege-use.md
index ac5edaec4a..3bdb900b00 100644
--- a/windows/security/threat-protection/auditing/audit-sensitive-privilege-use.md
+++ b/windows/security/threat-protection/auditing/audit-sensitive-privilege-use.md
@@ -1,6 +1,6 @@
---
title: Audit Sensitive Privilege Use (Windows 10)
-description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Sensitive Privilege Use, which determines whether the operating system generates audit events when sensitive privileges (user rights) are used.
+description: The policy setting, Audit Sensitive Privilege Use, determines if the operating system generates audit events when sensitive privileges (user rights) are used.
ms.assetid: 915abf50-42d2-45f6-9fd1-e7bd201b193d
ms.reviewer:
manager: dansimp
diff --git a/windows/security/threat-protection/auditing/monitor-the-central-access-policies-that-apply-on-a-file-server.md b/windows/security/threat-protection/auditing/monitor-the-central-access-policies-that-apply-on-a-file-server.md
index 4a9c0d7f29..7be96ce69b 100644
--- a/windows/security/threat-protection/auditing/monitor-the-central-access-policies-that-apply-on-a-file-server.md
+++ b/windows/security/threat-protection/auditing/monitor-the-central-access-policies-that-apply-on-a-file-server.md
@@ -1,6 +1,6 @@
---
title: Monitor central access policies on a file server (Windows 10)
-description: This topic for the IT professional describes how to monitor changes to the central access policies that apply to a file server when using advanced security auditing options to monitor dynamic access control objects.
+description: Learn how to monitor changes to the central access policies that apply to a file server, when using advanced security auditing options.
ms.assetid: 126b051e-c20d-41f1-b42f-6cff24dcf20c
ms.reviewer:
ms.author: dansimp
diff --git a/windows/security/threat-protection/device-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md b/windows/security/threat-protection/device-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md
index 92fb064c14..e88b1b13e8 100644
--- a/windows/security/threat-protection/device-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md
+++ b/windows/security/threat-protection/device-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md
@@ -1,6 +1,6 @@
---
title: Deployment guidelines for Windows Defender Device Guard (Windows 10)
-description: To help you plan a deployment of Microsoft Windows Defender Device Guard, this article describes hardware requirements for Windows Defender Device Guard, outlines deployment approaches, and describes methods for code signing and code integrity policies.
+description: Plan your deployment of Windows Defender Device Guard. Learn about hardware requirements, deployment approaches, code signing and code integrity policies.
keywords: virtualization, security, malware
ms.prod: w10
ms.mktglfcycl: deploy
diff --git a/windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md b/windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md
index 49f815ce3f..60fe8eaa5f 100644
--- a/windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md
+++ b/windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md
@@ -1,6 +1,6 @@
---
title: Access Credential Manager as a trusted caller (Windows 10)
-description: Describes the best practices, location, values, policy management, and security considerations for the Access Credential Manager as a trusted caller security policy setting.
+description: Describes best practices, security considerations and more for the security policy setting, Access Credential Manager as a trusted caller.
ms.assetid: a51820d2-ca5b-47dd-8e9b-d7008603db88
ms.reviewer:
ms.author: dansimp
diff --git a/windows/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only.md b/windows/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only.md
index f6beb6795e..429a6e932a 100644
--- a/windows/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only.md
+++ b/windows/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only.md
@@ -1,6 +1,6 @@
---
title: Accounts Limit local account use of blank passwords (Windows 10)
-description: Describes the best practices, location, values, and security considerations for the Accounts Limit local account use of blank passwords to console logon only security policy setting.
+description: Learn best practices, security considerations, and more for the policy setting, Accounts Limit local account use of blank passwords to console logon only.
ms.assetid: a1bfb58b-1ae8-4de9-832b-aa889a6e64bd
ms.reviewer:
ms.author: dansimp
diff --git a/windows/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers.md b/windows/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers.md
index 2f0c68363e..0eb20f0245 100644
--- a/windows/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers.md
+++ b/windows/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers.md
@@ -1,6 +1,6 @@
---
title: Microsoft network client Send unencrypted password (Windows 10)
-description: Describes the best practices, location, values, policy management and security considerations for the Microsoft network client Send unencrypted password to third-party SMB servers security policy setting.
+description: Learn about best practices and more for the security policy setting, Microsoft network client Send unencrypted password to third-party SMB servers.
ms.assetid: 97a76b93-afa7-4dd9-bb52-7c9e289b6017
ms.reviewer:
ms.author: dansimp
diff --git a/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares.md b/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares.md
index 56ba9ce742..b679530985 100644
--- a/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares.md
+++ b/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares.md
@@ -1,6 +1,6 @@
---
title: Network access Do not allow anonymous enumeration (Windows 10)
-description: Describes the best practices, location, values, and security considerations for the Network access Do not allow anonymous enumeration of SAM accounts and shares security policy setting.
+description: Learn about best practices and more for the security policy setting, Network access Do not allow anonymous enumeration of SAM accounts and shares.
ms.assetid: 3686788d-4cc7-4222-9163-cbc7c3362d73
ms.reviewer:
ms.author: dansimp
diff --git a/windows/security/threat-protection/security-policy-settings/network-access-named-pipes-that-can-be-accessed-anonymously.md b/windows/security/threat-protection/security-policy-settings/network-access-named-pipes-that-can-be-accessed-anonymously.md
index cfb1f5e23c..ca8b104079 100644
--- a/windows/security/threat-protection/security-policy-settings/network-access-named-pipes-that-can-be-accessed-anonymously.md
+++ b/windows/security/threat-protection/security-policy-settings/network-access-named-pipes-that-can-be-accessed-anonymously.md
@@ -1,6 +1,6 @@
---
title: Network access Named Pipes that can be accessed anonymously (Windows 10)
-description: Describes the best practices, location, values, policy management and security considerations for the Network access Named Pipes that can be accessed anonymously security policy setting.
+description: Describes best practices, security considerations and more for the security policy setting, Network access Named Pipes that can be accessed anonymously.
ms.assetid: 8897d2a4-813e-4d2b-8518-fcee71e1cf2c
ms.reviewer:
ms.author: dansimp
diff --git a/windows/security/threat-protection/security-policy-settings/network-list-manager-policies.md b/windows/security/threat-protection/security-policy-settings/network-list-manager-policies.md
index b052ac4ccf..4ac7af5f3c 100644
--- a/windows/security/threat-protection/security-policy-settings/network-list-manager-policies.md
+++ b/windows/security/threat-protection/security-policy-settings/network-list-manager-policies.md
@@ -1,6 +1,6 @@
---
title: Network List Manager policies (Windows 10)
-description: Network List Manager policies are security settings that you can use to configure different aspects of how networks are listed and displayed on one device or on many devices.
+description: Network List Manager policies are security settings that configure different aspects of how networks are listed and displayed on one device or on many devices.
ms.assetid: bd8109d4-b07c-4beb-a9a6-affae2ba2fda
ms.reviewer:
ms.author: dansimp
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers.md b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers.md
index 0e229ebce6..582a95f107 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers.md
@@ -1,6 +1,6 @@
---
title: Network security Restrict NTLM Outgoing traffic (Windows 10)
-description: Describes the best practices, location, values, management aspects, and security considerations for the Network Security Restrict NTLM Outgoing NTLM traffic to remote servers security policy setting.
+description: Learn about best practices, security considerations and more for the policy setting, Network Security Restrict NTLM Outgoing NTLM traffic to remote servers.
ms.assetid: 63437a90-764b-4f06-aed8-a4a26cf81bd1
ms.reviewer:
ms.author: dansimp
diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations.md b/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations.md
index 47e4c3b995..77c4b06163 100644
--- a/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations.md
+++ b/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations.md
@@ -1,6 +1,6 @@
---
title: Only elevate UIAccess app installed in secure location (Windows 10)
-description: Describes the best practices, location, values, policy management and security considerations for the User Account Control Only elevate UIAccess applications that are installed in secure locations security policy setting.
+description: Learn about best practices and more for the policy setting, User Account Control Only elevate UIAccess applications that are installed in secure locations.
ms.assetid: 4333409e-a5be-4f2f-8808-618f53abd22c
ms.reviewer:
ms.author: dansimp
diff --git a/windows/security/threat-protection/windows-10-mobile-security-guide.md b/windows/security/threat-protection/windows-10-mobile-security-guide.md
index 6e9ba266d1..5ce47adcb7 100644
--- a/windows/security/threat-protection/windows-10-mobile-security-guide.md
+++ b/windows/security/threat-protection/windows-10-mobile-security-guide.md
@@ -1,6 +1,6 @@
---
title: Windows 10 Mobile security guide (Windows 10)
-description: This guide provides a detailed description of the most important security features in the Windows 10 Mobile operating system—identity access and control, data protection, malware resistance, and app platform security.
+description: The most important security features in the Windows 10 Mobile — identity access & control, data protection, malware resistance, and app platform security.
ms.assetid: D51EF508-699E-4A68-A7CD-91D821A97205
ms.reviewer:
manager: dansimp
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-applocker-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-applocker-rules.md
index 2147e2fe3f..acfdd8e57d 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-applocker-rules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-applocker-rules.md
@@ -1,6 +1,6 @@
---
title: Document your AppLocker rules (Windows 10)
-description: This topic describes what rule conditions to associate with each file, how to associate the rule conditions with each file, the source of the rule, and whether the file should be included or excluded.
+description: Learn how to document your Applocker rules with this planning guide. Associate rule conditions with files, permissions, rule source, and implementation.
ms.assetid: 91a198ce-104a-45ff-b49b-487fb40cd2dd
ms.reviewer:
ms.author: dansimp