From e986e3932744be037a307140f517a391f30ca6f4 Mon Sep 17 00:00:00 2001
From: Stephanie Savell <101299710+v-stsavell@users.noreply.github.com>
Date: Wed, 8 Mar 2023 13:51:11 -0600
Subject: [PATCH] Update event-4624.md

Acro edit.
---
 windows/security/threat-protection/auditing/event-4624.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/auditing/event-4624.md b/windows/security/threat-protection/auditing/event-4624.md
index 9f1c6ce104..e081fcb3f0 100644
--- a/windows/security/threat-protection/auditing/event-4624.md
+++ b/windows/security/threat-protection/auditing/event-4624.md
@@ -318,6 +318,6 @@ For 4624(S): An account was successfully logged on.
 
     - If the **Authentication Package** is NTLM. In this case, monitor for **Key Length** not equal to 128, because all Windows operating systems starting with Windows 2000 support 128-bit Key Length.
 
-- If you monitor for potentially malicious software, or software that is not authorized to request logon actions, monitor this event for **Process Name**.
+- If you monitor for potentially malicious software, or software that isn't authorized to request logon actions, monitor this event for **Process Name**.
 
-- If you have a trusted logon processes list, monitor for a **Logon Process** that is not from the list.
+- If you have a trusted logon processes list, monitor for a **Logon Process** that isn't from the list.