Task ID 23142312 and 29028100

Made cosmetic changes to the certificate section in event-tags-explanation, and added a line break before the Figure 1 image in audit-and-enforce.

windows/security/threat-protection/windows-defender-application-control/audit-and-enforce-windows-defender-application-control-policies.md

@@ -41,7 +41,8 @@ To familiarize yourself with creating WDAC rules from audit events, follow these
 
 2. Review the **CodeIntegrity - Operational** and **AppLocker - MSI and Script** event logs to confirm events, like those shown in Figure 1, are generated related to the application. For information about the types of events you should see, refer to [Understanding Application Control events](event-id-explanations.md).
 
-   **Figure 1. Exceptions to the deployed WDAC policy**
+   **Figure 1. Exceptions to the deployed WDAC policy** <br>
+
    ![Event showing exception to WDAC policy](images/dg-fig23-exceptionstocode.png)
 
 3. In an elevated PowerShell session, run the following commands to initialize variables used by this procedure. This procedure builds upon the **Lamna_FullyManagedClients_Audit.xml** policy introduced in [Create a WDAC policy for fully managed devices](create-wdac-policy-for-fully-managed-devices.md) and will produce a new policy called **EventsPolicy.xml**.

windows/security/threat-protection/windows-defender-application-control/event-tag-explanations.md

@@ -94,7 +94,7 @@ Represents why verification failed, or if it succeeded.
 
 ## Microsoft Root CAs trusted by Windows
 
-The rule means trust anything signed by a cert that chains to this root CA.
+The rule means trust anything signed by a certificate that chains to this root CA.
 | Root ID | Root Name |
 |---|----------|
 | 0| None |