diff --git a/windows/security/threat-protection/windows-defender-atp/configure-server-endpoints-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/configure-server-endpoints-windows-defender-advanced-threat-protection.md
index 4a952a3d15..808f13b4ca 100644
--- a/windows/security/threat-protection/windows-defender-atp/configure-server-endpoints-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/configure-server-endpoints-windows-defender-advanced-threat-protection.md
@@ -54,7 +54,7 @@ You’ll be able to onboard in the same method available for Windows 10 client e
       - Name: ForceDefenderPassiveMode
       - Value: 1
 
-    b. Run the following PowerSHell command to verify that the passive mode was configured:
+    b. Run the following PowerShell command to verify that the passive mode was configured:
     ```Get-WinEvent -FilterHashtable @{ProviderName="Microsoft-Windows-Sense" ;ID=84}```
 
     c. Confirm  that a recent event containing the passive mode event is found: