updates based on reviewer's comments

.openpublishing.redirection.json

@@ -21479,6 +21479,11 @@
       "source_path": "windows/security/identity-protection/user-account-control/user-account-control-overview.md",
       "redirect_url": "/windows/security/application-security/application-control/user-account-control",
       "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/configure-s-mime.md",
+      "redirect_url": "/windows/security/operating-system-security/data-protection/configure-s-mime",
+      "redirect_document_id": false
     }
   ]
 }

windows/security/application-security/application-control/user-account-control/how-it-works.md

@@ -29,7 +29,7 @@ To better understand how this process works, let's take a closer look at the Win
 
 The following diagram shows how the sign in process for an administrator differs from the sign in process for a standard user.
 
-:::image type="content" source="images/uac-windows-logon-process.gif" alt-text="UAC Windows logon process diagram.":::
+:::image type="content" source="images/uac-windows-logon-process.gif" alt-text="Diagram that describes the UAC Windows logon process.":::
 
 By default, both standard and administrator users access resources and execute apps in the security context of a standard user.\
 When a user signs in, the system creates an access token for that user. The access token contains information about the level of access that the user is granted, including specific security identifiers (SIDs) and Windows privileges.
@@ -83,7 +83,7 @@ The elevation prompt color-coding is as follows:
 
 Some Control Panel items, such as **Date and Time**, contain a combination of administrator and standard user operations. Standard users can view the clock and change the time zone, but a full administrator access token is required to change the local system time. The following is a screenshot of the **Date and Time** Control Panel item.
 
-:::image type="content" source="images/uac-shield-icon.png" alt-text="Screenshot showing the UAC Shield Icon in Date and Time Properties" border="false":::
+:::image type="content" source="images/uac-shield-icon.png" alt-text="Screenshot showing the UAC Shield Icon in Date and Time Properties." border="false":::
 
 The shield icon on the **Change date and time...** button indicates that the process requires a full administrator access token.
 
@@ -101,7 +101,7 @@ While malware could present an imitation of the secure desktop, this issue can't
 
 The following diagram details the UAC architecture.
 
-:::image type="content" source="images/uac-architecture.gif" alt-text="UAC architecture diagram.":::
+:::image type="content" source="images/uac-architecture.gif" alt-text="Diagram that describes the UAC architecture.":::
 
 To better understand each component, review the following tables:
 

windows/security/operating-system-security/data-protection/configure-s-mime.md

@@ -2,7 +2,7 @@
 title: Configure S/MIME for Windows
 description: S/MIME lets users encrypt outgoing messages and attachments so that only intended recipients with a digital ID, also known as a certificate, can read them. Learn how to configure S/MIME for Windows.
 ms.topic: how-to
-ms.date: 05/30/2023
+ms.date: 05/31/2023
 ---
 
 
@@ -35,28 +35,26 @@ A digitally signed message reassures the recipient that the message hasn't been
 
 On the device, perform the following steps: (add select certificate)
 
-1.  Open the Mail app
-1.  Open **Settings**
-    :::image type="content" alt-text="settings icon in mail app." source="images/mailsettings.png":::
-1.  Select **Email security**
-    :::image type="content" alt-text="email security settings." source="images/emailsecurity.png":::
-1.  In **Select an account**, select the account for which you want to configure S/MIME options.
-1.  Make a certificate selection for digital signature and encryption.
-    - Select **Automatically** to let the app choose the certificate.
-    - Select **Manually** to specify the certificate yourself from the list of valid certificates on the device.
-1.  (Optional) Select **Always sign with S/MIME**, **Always encrypt with S/MIME**, or both, to automatically digitally sign or encrypt all outgoing messages.
+1. Open the Mail app
+1. Open **Settings > Email security**
+   :::image type="content" alt-text="Screenshot of the Windows Mail app, security settings." source="images/email-security.png":::
+1. In **Select an account**, select the account for which you want to configure S/MIME options
+1. Make a certificate selection for digital signature and encryption
+   - Select **Automatically** to let the app choose the certificate
+   - Select **Manually** to specify the certificate yourself from the list of valid certificates on the device
+1. (Optional) Select **Always sign with S/MIME**, **Always encrypt with S/MIME**, or both, to automatically digitally sign or encrypt all outgoing messages
 
-    > [!NOTE]
-    > The option to sign or encrypt can be changed for individual messages, unless EAS policies prevent it.
+   > [!NOTE]
+   > The option to sign or encrypt can be changed for individual messages, unless EAS policies prevent it.
 
-1.  Select the back arrow.
+1. Select the back arrow
 
 ## Encrypt or sign individual messages
 
-1.  While composing a message, select **Options** from the ribbon
-1.  Use **Sign** and **Encrypt** icons to turn on digital signature and encryption for this message
+1. While composing a message, select **Options** from the ribbon
+1. Use **Sign** and **Encrypt** icons to turn on digital signature and encryption for this message
 
-    :::image type="content" alt-text="sign or encrypt message." source="images/signencrypt.png":::
+    :::image type="content" alt-text="Screenshot of the Windows Mail app, showing the options to sign or encrypt message." source="images/sign-encrypt.png":::
 
 ## Read signed or encrypted messages
 
@@ -66,8 +64,8 @@ When you receive an encrypted message, the mail app checks whether there's a cer
 
 When you receive a signed email, the app provides a feature to install corresponding encryption certificate on your device if the certificate is available. This certificate can then be used to send encrypted email to this person.
 
-1.  Open a signed email
-1.  Select the digital signature icon in the reading pane
-1.  Select **Install.**
+1. Open a signed email
+1. Select the digital signature icon in the reading pane
+1. Select **Install.**
 
-  :::image type="content" alt-text="message security information." source="images/installcert.png":::
+  :::image type="content" alt-text="Screenshot of the Windows Mail app, showing a message to install the sender's encryption certificate." source="images/install-cert.png":::

windows/security/operating-system-security/data-protection/toc.yml

@@ -100,7 +100,7 @@ items:
     - name: Disable allowing users to select when a password is required when resuming from connected standby for PDE
       href: ../../information-protection/personal-data-encryption/pde-in-intune/intune-disable-password-connected-standby.md
 - name: Configure S/MIME for Windows
-  href: ../../identity-protection/configure-s-mime.md
+  href: configure-s-mime.md
 - name: Windows Information Protection (WIP)
   href: ../../information-protection/windows-information-protection/protect-enterprise-data-using-wip.md
   items: