fixed warnings

windows/security/threat-protection/TOC.md

@@ -462,7 +462,7 @@
 #### [Configure conditional access](microsoft-defender-atp/configure-conditional-access.md)
 #### [Configure Microsoft Cloud App Security integration](microsoft-defender-atp/microsoft-cloud-app-security-config.md)
 
-### [Use audit mode](microsoft-defender-atp/audit-windows-defender)
+### [Use audit mode](microsoft-defender-atp/audit-windows-defender.md)
 
 ## Reference
 ### [Management and APIs]()

windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md

@@ -27,7 +27,7 @@ You can enable controlled folder access by using any of these methods:
 
 * [Windows Security app](#windows-security-app)
 * [Microsoft Intune](#intune)
-* [Mobile Device Management (MDM)](#mdm)
+* [Mobile Device Management (MDM)](#mobile-device-management-mmd)
 * [Microsoft Endpoint Configuration Manager](#microsoft-endpoint-configuration-manager)
 * [Group Policy](#group-policy)
 * [PowerShell](#powershell)

windows/security/threat-protection/microsoft-defender-atp/event-views.md

@@ -127,7 +127,7 @@ You can also manually navigate to the event area that corresponds to the feature
 
 ## List of attack surface reduction events
 
-All attack surface reductiond events are located under **Applications and Services Logs > Microsoft > Windows** and then the folder or provider as listed in the following table.
+All attack surface reduction events are located under **Applications and Services Logs > Microsoft > Windows** and then the folder or provider as listed in the following table.
 
 You can access these events in Windows Event viewer: