From 7ae6295536990a626d93c5e63fc5dd39b9c56001 Mon Sep 17 00:00:00 2001
From: Joey Caparas <macapara@microsoft.com>
Date: Fri, 13 Apr 2018 14:49:27 -0700
Subject: [PATCH] minor update to ca

---
 ...access-windows-defender-advanced-threat-protection.md | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-atp/conditional-access-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/conditional-access-windows-defender-advanced-threat-protection.md
index 0032fa71a3..90258f9dc1 100644
--- a/windows/security/threat-protection/windows-defender-atp/conditional-access-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/conditional-access-windows-defender-advanced-threat-protection.md
@@ -40,7 +40,7 @@ The compliance policy is used with conditional access to allow only devices that
 ## Understand the conditional access flow
 Conditional access is put in place so that when a threat is seen on a device, access to sensitive content is blocked until the threat is remediated. 
 
-When a device is found to be at high risk, the signal is communicated to Intune. 
+The flow begins with a device being identified to be at high risk. When a device is found to be at high risk, the signal is communicated to Intune. 
 
 In Intune, a device compliance policy is used in conjunction with Azure AD conditional access to block access to applications. In parallel,  an automated investigation and remediation process is launched.
 
@@ -81,15 +81,16 @@ Take the following steps to enable conditional access:
 
 
 ### Step 1: Turn on the Microsoft Intune connection
-1. In the navigation pane, select **Preferences setup** > **Advanced features**.
+1. In the navigation pane, select **Settings** > **General** > **Advanced features** > **Microsoft Intune connection**.
 2. Toggle the Microsoft Intune setting to **On**.
 3. Click **Save preferences**.
 
 
 ### Step 2: Turn on the Windows Defender ATP integration in Intune
 1. Sign in to the [Azure portal](https://portal.azure.com).
-2. Select **Device compliance** > **Windows Defender ATP**. Set **Connect Windows 10.0.15063+ devices to Windows Defender Advanced Threat Protection** to **On**.
-3. Click **Save**.
+2. Select **Device compliance** > **Windows Defender ATP**.
+3. Set **Connect Windows 10.0.15063+ devices to Windows Defender Advanced Threat Protection** to **On**.
+4. Click **Save**.
 
 
 ### Step 3: Create the compliance policy in Intune