Merged PR 5358: 1/18 AM Publish

devices/surface-hub/surfacehub-whats-new-1703.md

@@ -15,11 +15,9 @@ ms.localizationpriority: medium
 
 Watch Surface Hub engineer Jordan Marchese present updates to Microsoft Surface Hub with Windows 10, version 1703 (Creators Update). 
 
-<a href="http://www.youtube.com/watch?feature=player_embedded&v=R8tX10VIgq0
-" target="_blank"><img src="http://img.youtube.com/vi/R8tX10VIgq0/0.jpg" 
-alt="Watch a video about Creators Update on Surface Hub" width="240" height="180" border="10" /></a>
+<a href="https://www.youtube.com/watch?v=R8tX10VIgq0" target="_blank"> <img src="images/whats-new-video-thumbnail.png" alt="Link to Surface Hub video on Youtube" /></a>
 
-Windows 10, version 1703 (also called the Creators Update), introduces the following changes for Microsoft Surface Hub:
+Windows 10, version 1703 (also called the Creators Update), introduces the following changes for Microsoft Surface Hub.
 
 ## New settings
 
@@ -40,7 +38,7 @@ Settings have been added to mobile device management (MDM) and configuration ser
 Plus settings based on the new [NetworkQoSPolicy CSP](https://msdn.microsoft.com/en-us/windows/hardware/commercialize/customize/mdm/networkqospolicy-csp) and [NetworkProxy CSP](https://msdn.microsoft.com/en-us/windows/hardware/commercialize/customize/mdm/networkproxy-csp).
 </br>
 
-## Provizioning wizard
+## Provisioning wizard
 
 An easy-to-use wizard helps you quickly create provisioning packages that you can apply to multiple Surface Hub devices, and includes bulk join to Azure Active Directory. [Learn how to create a provisioning package for Surface Hub.](provisioning-packages-for-certificates-surface-hub.md)
 

education/trial-in-a-box/index.md

@@ -24,6 +24,8 @@ ms.date: 12/11/2017
 <center><iframe width="560" height="315" src="https://aka.ms/edu-welcome" frameborder="3" allow="autoplay; encrypted-media" allowfullscreen></iframe></center>
 -->
 
+Welcome to Microsoft Education Trial in a Box. We built this trial to make it easy to try our latest classroom technologies. We have two scenarios for you to try: one for educators and one for IT. We recommend starting with Educators. To begin, click **Get started** below. 
+
 </br>
 
 | ![Get started for Educators](images/teacher_rotated_resized.png) | ![Get started for IT Admins](images/itadmin_rotated_resized.png) |

windows/access-protection/hello-for-business/hello-adequate-domain-controllers.md

@@ -79,7 +79,7 @@ Add the number of authentications for each domain controller for the median time
 Review the distribution of authentication.  Hopefully, none of these are above 70 percent.  It's always good to reserve some capacity for the unexpected.  Also, the primary purposes of a domain controller is to provide authentication and handle Active Directory operations. Identify domain controllers with lower distributions of authentication as potential candidates for the initial domain controller upgrades in conjunction with a reasonable distribution of clients provisioned for Windows Hello for Business.
   
 ## Monitoring Authentication
-Using the same methods previously described above, monitor the Kerberos authentication after upgrading a domain controller and your first phase of Windows Hello for Business deployments.  Make note of the delta of authentication before and after upgrading the domain controller to Windows Server 2016.  This delta is representative of authentication resulting from the first phase of your Windows Hello for Busines clients.  This gives you a baseline for your environment to where you can form a statement such as 
+Using the same methods previously described above, monitor the Kerberos authentication after upgrading a domain controller and your first phase of Windows Hello for Business deployments.  Make note of the delta of authentication before and after upgrading the domain controller to Windows Server 2016.  This delta is representative of authentication resulting from the first phase of your Windows Hello for Business clients.  This gives you a baseline for your environment to where you can form a statement such as 
 
 ```"Every n Windows Hello for Business clients results in x percentage of key-trust authentication."```
 

windows/access-protection/hello-for-business/hello-biometrics-in-enterprise.md

@@ -50,22 +50,18 @@ We’ve been working with the device manufacturers to help ensure a high-level o
 -   **False Reject Rate (FRR).** Represents the instances a biometric identification solution fails to verify an authorized person correctly. Usually represented as a percentage, the sum of the True Accept Rate and False Reject Rate is 1. Can be with or without anti-spoofing or liveness detection.
 
 ### Fingerprint sensor requirements
-To allow fingerprint matching, you must have devices with fingerprint sensors and software. Fingerprint sensors, or sensors that use an employee’s unique fingerprint as an alternative log on option, can be touch sensors (large area or small area) or swipe sensors. Each type of sensor has its own set of detailed requirements that must be implemented by the manufacturer, but all of the sensors must include anti-spoofing measures (required) and a way to configure them (optional).
+To allow fingerprint matching, you must have devices with fingerprint sensors and software. Fingerprint sensors, or sensors that use an employee’s unique fingerprint as an alternative log on option, can be touch sensors (large area or small area) or swipe sensors. Each type of sensor has its own set of detailed requirements that must be implemented by the manufacturer, but all of the sensors must include anti-spoofing measures (required).
 
 **Acceptable performance range for small to large size touch sensors**
 
 -   False Accept Rate (FAR): <0.001 – 0.002%
 
--   False Reject Rate (FRR) without Anti-spoofing or liveness detection: <5%
-
 -   Effective, real world FRR with Anti-spoofing or liveness detection: <10%
 
 **Acceptable performance range for swipe sensors**
 
 -   False Accept Rate (FAR): <0.002%
 
--   False Reject Rate (FRR) without Anti-spoofing or liveness detection: <5%
-
 -   Effective, real world FRR with Anti-spoofing or liveness detection: <10%
 
 ### Facial recognition sensors

windows/access-protection/hello-for-business/hello-features.md

@@ -73,7 +73,7 @@ For this policy setting, the **type** and **scenario** attribute values are stat
 |Health|2304|
 |Uncategorized|7936|
 
-The **rssiMin** attribute value signal strength needed for the device to be considered "in-range".  The default value of **-10** enables a user to move about an average size office or cubicle without triggering Windows to lock the device.  The **rssiMaxDelta** has a default value of **-10**, which instruct Windows 10 to lock the device once the signal strength weakens by more than measurement of 10.  
+The **rssiMin** attribute value signal indicates the strength needed for the device to be considered "in-range".  The default value of **-10** enables a user to move about an average size office or cubicle without triggering Windows to lock the device.  The **rssiMaxDelta** has a default value of **-10**, which instruct Windows 10 to lock the device once the signal strength weakens by more than measurement of 10.  
 
 RSSI measurements are relative and lower as the bluetooth signals between the two paired devices reduces. Therefore a measurement of 0 is stronger than -10, which is stronger than -60, which is an indicator the devices are moving further apart from each other.
 

windows/access-protection/hello-for-business/hello-hybrid-cert-trust-devreg.md

@@ -41,7 +41,7 @@ Begin configuring device registration to support Hybrid Windows Hello for Busine
 
 To do this, follow the **Configure device settings** steps under [Setting up Azure AD Join in your organization](https://azure.microsoft.com/en-us/documentation/articles/active-directory-azureadjoin-setup/)  
 
-## Configure Active Directory to support Azure device syncrhonization
+## Configure Active Directory to support Azure device synchronization
 
 Azure Active Directory is now configured for device registration. Next, you need to configure the on-premises Active Directory to support synchronizing hybrid Azure AD joined devices. Begin with upgrading the Active Directory Schema 
 

windows/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus.md

@@ -35,7 +35,7 @@ See the Enterprise Mobility and Security blog post [Important changes to Microso
 >[!TIP]
 >You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the following features are working:
 >- Cloud-delivered protection
->- Fast learning (including Black at first sight)
+>- Fast learning (including Block at first sight)
 >- Potentially unwanted application blocking
 
 ## Allow connections to the Windows Defender Antivirus cloud

windows/threat-protection/windows-defender-antivirus/evaluate-windows-defender-antivirus.md

@@ -31,7 +31,7 @@ If you're an enterprise security administrator, and you want to determine how we
 >[!TIP]
 >You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the following features are working and see how they work:
 >- Cloud-delivered protection
->- Fast learning (including Black at first sight)
+>- Fast learning (including Block at first sight)
 >- Potentially unwanted application blocking
 
 

windows/threat-protection/windows-defender-antivirus/troubleshoot-windows-defender-antivirus.md

@@ -37,7 +37,7 @@ The tables list:
 >[!TIP]
 >You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the following features are working:
 >- Cloud-delivered protection
->- Fast learning (including Black at first sight)
+>- Fast learning (including Block at first sight)
 >- Potentially unwanted application blocking
 
 <a id="windows-defender-av-ids"></a>

windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md

@@ -46,7 +46,7 @@ Some of the highlights of Windows Defender AV include:
 >[!TIP]
 >You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the following features are working and see how they work:
 >- Cloud-delivered protection
->- Fast learning (including Black at first sight)
+>- Fast learning (including Block at first sight)
 >- Potentially unwanted application blocking
 
 ## What's new in Windows 10, version 1703

windows/threat-protection/windows-defender-atp/run-av-scan-windows-defender-advanced-threat-protection.md

@@ -46,7 +46,7 @@ Parameter |	Type	| Description
 Comment |	String | Comment to associate with the action. **Required**.
 ScanType|	ScanType	| Defines the type of the Scan. **Required**.
 
-**ScanType** controls the type of isolation to perform and can be one of the following:
+**ScanType** controls the type of scan to perform and can be one of the following:
 
 - **Quick** – Perform quick scan on the machine
 - **Full** – Perform full scan on the machine

windows/threat-protection/windows-defender-exploit-guard/network-protection-exploit-guard.md

@@ -95,5 +95,5 @@ You can review the Windows event log to see events that are created when Network
 
 Topic | Description 
 ---|---
-[Evaluate Network protection](evaluate-network-protection.md) | Undertake aa quick scenario that demonstrate how the feature works, and what events would typically be created.
-[Enable Network protection](enable-network-protection.md) | Use Group Policy, PowerShell, or MDM CSPs to enable and manage the Network protection feature in your network.
+[Evaluate Network protection](evaluate-network-protection.md) | Undertake a quick scenario that demonstrate how the feature works, and what events would typically be created.
+[Enable Network protection](enable-network-protection.md) | Use Group Policy, PowerShell, or MDM CSPs to enable and manage the Network protection feature in your network.