diff --git a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide.md b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide.md
index 34ed60715b..f85125b2ca 100644
--- a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide.md
+++ b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide.md
@@ -19,9 +19,9 @@ This topic provides a roadmap for planning and getting started on the Windows De
 
 ## Planning
 
-1. **Review requirements, especially hardware requirements for VBS**. Review the [virtualization-based security (VBS) features](windows/security/threat-protection/device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md#how-windows-defender-device-guard-features-help-protect-against-threats) and corresponding [hardware, firmware, and software requirements](windows/security/threat-protection/device-guard/requirements-and-deployment-planning-guidelines-for-device-guard.md#hardware-firmware-and-software-requirements-for-windows-defender-device-guard). 
+1. **Review requirements, especially hardware requirements for VBS**. Review the [virtualization-based security (VBS) features](./device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md#how-windows-defender-device-guard-features-help-protect-against-threats) and corresponding [hardware, firmware, and software requirements](./device-guard/requirements-and-deployment-planning-guidelines-for-device-guard.md#hardware-firmware-and-software-requirements-for-windows-defender-device-guard). 
 
-2. **Group devices by degree of control needed**. [Group devices](windows/security/threat-protection/device-guard/requirements-and-deployment-planning-guidelines-for-device-guard.md#windows-defender-device-guard-deployment-in-different-scenarios-types-of-devices). Do most devices fit neatly into a few categories, or are they scattered across all categories? Are users allowed to install any application or must they choose from a list? Are users allowed to use their own peripheral devices?<br>Deployment is simpler if everything is locked down in the same way, but meeting individual departments’ needs, and working with a wide variety of devices, may require a more complicated and flexible deployment.
+2. **Group devices by degree of control needed**. [Group devices](./device-guard/requirements-and-deployment-planning-guidelines-for-device-guard.md#windows-defender-device-guard-deployment-in-different-scenarios-types-of-devices). Do most devices fit neatly into a few categories, or are they scattered across all categories? Are users allowed to install any application or must they choose from a list? Are users allowed to use their own peripheral devices?<br>Deployment is simpler if everything is locked down in the same way, but meeting individual departments’ needs, and working with a wide variety of devices, may require a more complicated and flexible deployment.
 
 3. **Review how much variety in software and hardware is needed by roles or departments**. When several departments all use the same hardware and software, you might need to deploy only one Windows Defender Application Control (WDAC) policy for them. More variety across departments might mean you need to create and manage more WDAC policies. The following questions can help you clarify how many WDAC policies to create:
     - How standardized is the hardware?<br>This can be relevant because of drivers. You could create a WDAC policy on hardware that uses a particular set of drivers, and if other drivers in your environment use the same signature, they would also be allowed to run. However, you might need to create several WDAC policies on different "reference" hardware, then merge the policies together, to ensure that the resulting policy recognizes all the drivers in your environment.
@@ -33,13 +33,13 @@ This topic provides a roadmap for planning and getting started on the Windows De
     - Is there already a list of accepted applications?<br>A list of accepted applications can be used to help create a baseline WDAC policy.<br>As of Windows 10, version 1703, it might also be useful to have a list of plug-ins, add-ins, or modules that you want to allow only in a specific app (such as a line-of-business app). Similarly, it might be useful to have a list of plug-ins, add-ins, or modules that you want to block in a specific app (such as a browser).
 
     - As part of a threat review process, have you reviewed systems for software that can load arbitrary DLLs or run code or scripts? 
-    In day-to-day operations, your organization’s security policy may allow certain applications, code, or scripts to run on your systems depending on their role and the context. However, if your security policy requires that you run only trusted applications, code, and scripts on your systems, you may decide to lock these systems down securely with Windows Defender Application Control policies. You can also fine-tune your control by using Windows Defender Application Control in combination with AppLocker, as described in [Windows Defender Device Guard with AppLocker](introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md#windows-defender-device-guard-with-applocker). 
+    In day-to-day operations, your organization’s security policy may allow certain applications, code, or scripts to run on your systems depending on their role and the context. However, if your security policy requires that you run only trusted applications, code, and scripts on your systems, you may decide to lock these systems down securely with Windows Defender Application Control policies. You can also fine-tune your control by using Windows Defender Application Control in combination with AppLocker, as described in [Windows Defender Device Guard with AppLocker](./device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md#windows-defender-device-guard-with-applocker). 
 
     Legitimate applications from trusted vendors provide valid functionality. However, an attacker could also potentially use that same functionality to run malicious executable code that could bypass WDAC.
 
     For operational scenarios that require elevated security, certain applications with known Code Integrity bypasses may represent a security risk if you whitelist them in your WDAC policies. Other applications where older versions of the application had vulnerabilities also represent a risk. Therefore, you may want to deny or block such applications from your WDAC policies. For applications with vulnerabilities, once the vulnerabilities are fixed you can create a rule that only allows the fixed or newer versions of that application. The decision to allow or block applications depends on the context and on how the reference system is being used.
 
-    Security professionals collaborate with Microsoft continuously to help protect customers. With the help of their valuable reports, Microsoft has identified a list of known applications that an attacker could potentially use to bypass Windows Defender Application Control. Depending on the context, you may want to block these applications. To view this list of applications and for use case examples, such as disabling msbuild.exe, see [Deploy Windows Defender Application Control: steps](steps-to-deploy-windows-defender-application-control.md).
+    Security professionals collaborate with Microsoft continuously to help protect customers. With the help of their valuable reports, Microsoft has identified a list of known applications that an attacker could potentially use to bypass Windows Defender Application Control. Depending on the context, you may want to block these applications. To view this list of applications and for use case examples, such as disabling msbuild.exe, see [Steps to Deploy Windows Defender Application Control](./device-guard/steps-to-deploy-windows-defender-application-control.md).
 
 
 
diff --git a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-design-guide.md b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-design-guide.md
index 93acc071ac..06f9907511 100644
--- a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-design-guide.md
+++ b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-design-guide.md
@@ -25,7 +25,7 @@ This guide covers design and planning for Windows Defender Application Control (
 | [Understand WDAC policy design decisions](understand-windows-defender-application-control-policy-design-decisions.md) | This topic lists the design questions, possible answers, and ramifications of the decisions when you plan a deployment of application control policies. |
 | [Select the types of rules to create](select-types-of-rules-to-create.md) | This topic lists resources you can use when selecting your application control policy rules by using WDAC. |
 | [Plan for WDAC policy management](plan-windows-defender-application-control-management.md) | This topic describes the decisions you need to make to establish the processes for managing and maintaining WDAC policies. |
-| [Create your AppLocker planning document](create-your-windows-defender-application-control-planning-document.md) | This planning topic summarizes the information you need to research and include in your planning document. | 
+| [Create your WDAC planning document](create-your-windows-defender-application-control-planning-document.md) | This planning topic summarizes the information you need to research and include in your planning document. | 
  
-After planning is complete, the next step is to deploy WDAC. [Windows Defender Application Control Deployment Guide](windows-defender-application-control-deployment-guide.md) covers the creation and testing of policies, deploying the enforcement setting, and managing and maintaining the policies.
+After planning is complete, the next step is to deploy WDAC. The [Windows Defender Application Control Deployment Guide](windows-defender-application-control-deployment-guide.md) covers the creation and testing of policies, deploying the enforcement setting, and managing and maintaining the policies.
  
\ No newline at end of file