From bac50e06c2f033976b07ee654acc6e40debee776 Mon Sep 17 00:00:00 2001
From: Beth Levin <elizabeth.levin@microsoft.com>
Date: Mon, 4 Nov 2019 16:09:51 -0800
Subject: [PATCH] Did some reordering and code cleanup

---
 .../microsoft-defender-atp-mac-resources.md   |   2 +-
 .../microsoft-defender-atp-mac.md             | 126 ++++++++++--------
 2 files changed, 68 insertions(+), 60 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac-resources.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac-resources.md
index 8f172fba55..d96067c63f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac-resources.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac-resources.md
@@ -18,7 +18,7 @@ ms.collection: M365-security-compliance
 ms.topic: conceptual
 ---
 
-# Resources
+# Microsoft Defender ATP for Mac Resources
 
 **Applies to:**
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md
index 065948350a..4df3c0034c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md
@@ -35,20 +35,34 @@ If you have any feedback that you would like to share, submit it by opening Micr
 
 ### Prerequisites
 
-- Access to the Microsoft Defender Security Center portal
+- A Microsoft Defender ATP subscription and access to the Microsoft Defender Security Center portal
 - Beginner-level experience in macOS and BASH scripting
 - Administrative privileges on the device (in case of manual deployment)
 
+### Installation instructions
+
+There are several methods and deployment tools that you can use to install and configure Microsoft Defender ATP for Mac.
+
+- Third-party management tools:
+
+    - [Microsoft Intune-based deployment](microsoft-defender-atp-mac-install-with-intune.md)
+    - [JAMF-based deployment](microsoft-defender-atp-mac-install-with-jamf.md)
+    - [Other MDM products](microsoft-defender-atp-mac-install-with-other-mdm.md)
+
+- Command-line tool:
+    - [Manual deployment](microsoft-defender-atp-mac-install-manually.md)
+
 ### System requirements
 
-> [!CAUTION]
-> The three most recent major releases of macOS are supported. Beta versions of macOS are not supported.
->
-> macOS Sierra (10.12) support will end on January 1, 2020.
+The three most recent major releases of macOS are supported:
 
-- Supported macOS versions: 10.15 (Catalina), 10.14 (Mojave), 10.13 (High Sierra)
+- 10.15 (Catalina), 10.14 (Mojave), 10.13 (High Sierra)
 - Disk space: 650 MB
 
+ Beta versions of macOS are not supported. macOS Sierra (10.12) support will end on January 1, 2020.
+
+### Network connections
+
 After you've enabled the service, you may need to configure your network or firewall to allow outbound connections between it and your endpoints.
 
 The following table lists the services and their associated URLs that your network must be able to connect to. You should ensure that there are no firewall or network filtering rules that would deny access to these URLs, or you may need to create an *allow* rule specifically for them.
@@ -88,32 +102,18 @@ Once Microsoft Defender ATP is installed, connectivity can be validated by runni
 $ mdatp --connectivity-test
 ```
 
-### Installation instructions
+## Enable Endpoint Detection and Response preview features
 
-There are several methods and deployment tools that you can use to install and configure Microsoft Defender ATP for Mac.
+If you are an Endpoint Detection and Response (EDR) private or public preview customer, you can set up your machine to receive EDR preview features. Currently this flag enables or disables the entire EDR functionality.
 
-In general you need to take the following steps:
+### Intune-based EDR preview set up
 
-- Ensure that you have a Microsoft Defender ATP subscription and have access to the Microsoft Defender ATP Portal
-- Deploy Microsoft Defender ATP for Mac using one of the following deployment methods:
-  - Via third-party management tools:
-    - [Microsoft Intune-based deployment](microsoft-defender-atp-mac-install-with-intune.md)
-    - [JAMF-based deployment](microsoft-defender-atp-mac-install-with-jamf.md)
-    - [Other MDM products](microsoft-defender-atp-mac-install-with-other-mdm.md)
-  - Via the command-line tool:
-    - [Manual deployment](microsoft-defender-atp-mac-install-manually.md)
-
-## How to enable EDR preview
-
-If you are an EDR private \ public preview customer, you can enable your machine to receive EDR preview features.
-Currently this flag enables \ disables the entire EDR functionality.
-- Intune-based enable
-  - Create configuration profile com.microsoft.wdav.plist with the following content: 
-    ```XML
+Create configuration profile com.microsoft.wdav.plist with the following content:
+```XML
     <?xml version="1.0" encoding="utf-8"?> 
     <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> 
     <plist version="1"> 
-        <dict> 
+    <dict> 
             <key>PayloadUUID</key> 
             <string>C4E6A782-0C8D-44AB-A025-EB893987A295</string> 
             <key>PayloadType</key> 
@@ -160,55 +160,63 @@ Currently this flag enables \ disables the entire EDR functionality.
                     </dict> 
                 </dict> 
             </array> 
-        </dict> 
+            </dict> 
     </plist> 
-    ```
-    For more info, refer to [Microsoft Intune-based deployment](microsoft-defender-atp-mac-install-with-intune.md)
-- JAMF-based enable
-  - Create configuration profile com.microsoft.wdav.plist with the following content: 
-    ```XML
-    <?xml version="1.0" encoding="UTF-8"?> 
-    <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> 
-    <plist version="1.0"> 
-    <dict> 
-        <key>edr</key> 
-        <dict> 
-            <key>earlyPreview</key> 
-            <true/> 
-        </dict> 
-    </dict> 
-    </plist> 
-    ```
-    For more info, refer to [JAMF-based deployment](microsoft-defender-atp-mac-install-with-jamf.md)
-- Manual enable
-  - In command prompt, run
-    ```bash
+```
+
+For more info, refer to [Microsoft Intune-based deployment](microsoft-defender-atp-mac-install-with-intune.md).
+
+### JAMF-based EDR preview set up
+
+Create configuration profile com.microsoft.wdav.plist with the following content: 
+    
+```XML
+    <?xml version="1.0" encoding="UTF-8"?>
+    <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+    <plist version="1.0">
+    <dict>
+        <key>edr</key>
+        <dict>
+            <key>earlyPreview</key>
+            <true/>
+        </dict>
+    </dict>
+    </plist>
+```
+
+For more info, refer to [JAMF-based deployment](microsoft-defender-atp-mac-install-with-jamf.md).
+
+### Manual EDR preview set up
+
+In command prompt, run
+
+ ```bash
     $ mdatp --early-preview true
-    ```
-    For more info, refer to [Set preferences for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-preferences.md)
+```
+
+For more info, refer to [Set preferences for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-preferences.md).
+
+### Test EDR set up
 
 To test if EDR is enabled and functioning properly on a machine, visit machine details. Timeline tab should contain events.
+
 - If timeline shows no events, please make sure System Extension were approved for machine.
 - If you are on Catalina and seeing no file events, make sure Full Disk Access was allowed.
 For more info, refer to deployment instructions:
+
     - [Microsoft Intune-based deployment](microsoft-defender-atp-mac-install-with-intune.md)
     - [JAMF-based deployment](microsoft-defender-atp-mac-install-with-jamf.md)
     - [Other MDM products](microsoft-defender-atp-mac-install-with-other-mdm.md)
-  - Via the command-line tool:
     - [Manual deployment](microsoft-defender-atp-mac-install-manually.md)
 
-## How to update Microsoft Defender ATP for Mac
+## Update Microsoft Defender ATP for Mac
 
 Microsoft regularly publishes software updates to improve performance, security, and to deliver new features. To update Microsoft Defender ATP for Mac, a program named Microsoft AutoUpdate (MAU) is used.
 
 To read more on how to configure MAU in enterprise environments, refer to [Deploy updates for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-updates.md)
 
-## How to configure Microsoft Defender ATP for Mac
-
-Guidance for how to configure the product in enterprise environments is available in [Set preferences for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-preferences.md).
-
 ## Resources
 
-- For more information about logging, uninstalling, or other topics, see the [Resources](microsoft-defender-atp-mac-resources.md) page.
-
-- [Privacy for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-privacy.md)
+- [Microsoft Defender ATP for Mac Resources](microsoft-defender-atp-mac-resources.md) has more information about logging, uninstalling, or other topics
+- [Set preferences for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-preferences.md) has guidance on how to configure the product in enterprise environments
+- [Privacy for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-privacy.md) has privacy info