diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/audit-windows-defender-exploit-guard.md b/windows/security/threat-protection/windows-defender-exploit-guard/audit-windows-defender-exploit-guard.md
index 0131be7167..a17ef04dd9 100644
--- a/windows/security/threat-protection/windows-defender-exploit-guard/audit-windows-defender-exploit-guard.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/audit-windows-defender-exploit-guard.md
@@ -21,7 +21,7 @@ ms.date: 09/18/2018
 
 - [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
 
-You can enable attack surface reduction rules, eploit protection, network protection, and controlled folder access in audit mode. This lets you see a record of what *would* have happened if you had enabled the feature.
+You can enable attack surface reduction rules, exploit protection, network protection, and controlled folder access in audit mode. This lets you see a record of what *would* have happened if you had enabled the feature.
 
 You might want to do this when testing how the features will work in your organization, to ensure it doesn't affect your line-of-business apps, and to get an idea of how many suspicious file modification attempts generally occur over a certain period.
 
@@ -69,4 +69,4 @@ You can also use the a custom PowerShell script that enables the features in aud
 - [Protect devices from exploits](exploit-protection-exploit-guard.md) 
 - [Reduce attack surfaces with attack surface reduction rules](attack-surface-reduction-exploit-guard.md) 
 - [Protect your network](network-protection-exploit-guard.md) 
-- [Protect important folders](controlled-folders-exploit-guard.md)
\ No newline at end of file
+- [Protect important folders](controlled-folders-exploit-guard.md)