Merge branch 'vsmandalika-devops4318240-28aug'

windows/security/information-protection/bitlocker/bcd-settings-and-bitlocker.md

@@ -18,14 +18,14 @@ ms.date: 02/28/2019
 ms.custom: bitlocker
 ---
 
-# BCD settings and BitLocker
+# Boot Configuration Data settings and BitLocker
 
 **Applies to**
 -   Windows 10
 
-This topic for IT professionals describes the BCD settings that are used by BitLocker.
+This topic for IT professionals describes the Boot Configuration Data (BCD) settings that are used by BitLocker.
 
-When protecting data at rest on an operating system volume, during the boot process BitLocker verifies that the security sensitive boot configuration data (BCD) settings have not changed since BitLocker was last enabled, resumed, or recovered.
+When protecting data at rest on an operating system volume, during the boot process BitLocker verifies that the security sensitive BCD settings have not changed since BitLocker was last enabled, resumed, or recovered.
 
 ## BitLocker and BCD Settings
 

windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md

@@ -27,7 +27,7 @@ This topic for the IT professional explains how BitLocker features can be used t
 
 ## Using BitLocker to encrypt volumes
 
-BitLocker provides full volume encryption (FVE) for operating system volumes, as well as fixed and removable data volumes. To support fully encrypted operating system volumes, BitLocker uses an unencrypted system volume for the files required to boot, decrypt, and load the operating system. This volume is automatically created during a new installation of both client and server operating systems.
+BitLocker provides full volume encryption (FVE) for operating system volumes, as well as fixed and removable data drives. To support fully encrypted operating system drives, BitLocker uses an unencrypted system partition for the files required to boot, decrypt, and load the operating system. This volume is automatically created during a new installation of both client and server operating systems.
 
 In the event that the drive was prepared as a single contiguous space, BitLocker requires a new volume to hold the boot files. BdeHdCfg.exe can create these volumes.
 

windows/security/information-protection/bitlocker/bitlocker-countermeasures.md

@@ -43,7 +43,7 @@ Before Windows starts, you must rely on security features implemented as part of
 
 ### Trusted Platform Module
 
-A TPM is a microchip designed to provide basic security-related functions, primarily involving encryption keys. 
+A trusted platform module (TPM) is a microchip designed to provide basic security-related functions, primarily involving encryption keys. 
 On some platforms, TPM can alternatively be implemented as a part of secure firmware. 
 BitLocker binds encryption keys with the TPM to ensure that a computer has not been tampered with while the system was offline. 
 For more info about TPM, see [Trusted Platform Module](https://docs.microsoft.com/windows/device-security/tpm/trusted-platform-module-overview).
@@ -126,7 +126,7 @@ For SBP-2 and 1394 (a.k.a. Firewire), refer to the “SBP-2 Mitigation” sectio
  
 ## Attack countermeasures
 
-This section covers countermeasures for specific types attacks. 
+This section covers countermeasures for specific types of attacks. 
 
 ### Bootkits and rootkits
 
@@ -172,7 +172,7 @@ Mitigation:
 Targeted attack with plenty of time; this attacker will open the case, will solder, and will use sophisticated hardware or software.
 
 Mitigation:
-- Pre-boot authentication set to TPM with a PIN protector (with a sophisticated alphanumeric PIN to help the TPM anti-hammering mitigation).
+- Pre-boot authentication set to TPM with a PIN protector (with a sophisticated alphanumeric PIN [enhanced pin] to help the TPM anti-hammering mitigation).
 
   -And-