final changes/tweaks to check meta before pub

windows/threat-protection/windows-defender-exploit-guard/evaluate-controlled-folder-access.md

@@ -73,11 +73,11 @@ You can enable Controlled Folder Access, run the tool, and see what the experien
 
 6. You'll be asked to specify a name and location for the file. You can choose anything you wish to test.
 
-![](images/cfa-filecreator.png)
+    ![](images/cfa-filecreator.png)
 
 7. A notification will appear, indicating that the tool was prevented from creating the file, as in the following example:
 
-![](images/cfa-notif.png)
+    ![](images/cfa-notif.png)
 
 ## Review Controlled Folder Access events in Windows Event Viewer
 
@@ -87,7 +87,7 @@ You can also review the Windows event log to see the events there were created w
 
 2. On the left panel, under **Actions**, click **Import custom view...**
 
-3. Navigate to the Exploit Guard Evaluation Package, and select the file *cfa-events.xml*. Alternatively, [download the XML directly](scripts/cfa-events.xml).
+3. Navigate to the Exploit Guard Evaluation Package, and select the file *cfa-events.xml*. Alternatively, [copy the XML directly](event-views-exploit-guard.md).
 
 4. Click **OK**.