Fixed link

memildin · memildin · commit 05491ffac431 · 2020-01-05T12:34:42.000+02:00
diff --git a/articles/security-center/alerts-reference.md b/articles/security-center/alerts-reference.md
@@ -113,7 +113,7 @@ Below the alerts table is a table describing the Azure Security Center kill chai
 |**Activity from infrequent country**|Activity from a location that wasn't recently or ever visited by any user in the organization has occurred.<br>This detection considers past activity locations to determine new and infrequent locations. The anomaly detection engine stores information about previous locations used by users in the organization.|Unknown|
 |**Activity from anonymous IP addresses**|Users activity from an IP address that has been identified as an anonymous proxy IP address has been detected.<br>These proxies are used by people who want to hide their device’s IP address, and can be used for malicious intent. This detection uses a machine learning algorithm that reduces false positives, such as mis-tagged IP addresses that are widely used by users in the organization.|Unknown|
 |**Impossible travel detected**|Two user activities (in a single or multiple sessions) have occurred, originating from geographically distant locations. This occurs within a time period shorter than the time it would have taken the user to travel from the first location to the second. This indicates that a different user is using the same credentials.<br>This detection uses a machine learning algorithm that ignores obvious false positives contributing to the impossible travel conditions, such as VPNs and locations regularly used by other users in the organization. The detection has an initial learning period of seven days, during which it learns a new user’s activity pattern. |Unknown|
-||<a name="alerts-azurekv"></a><h3>Azure Key Vault (Preview)</h3> [Further details and notes](security-center-alerts-service-layer.md#azure-key-vault-)|.|
+||<a name="alerts-azurekv"></a><h3>Azure Key Vault (Preview)</h3> [Further details and notes](security-center-alerts-service-layer.md#azure-keyvault)|.|
 |**Access from a TOR exit node to a Key Vault**|The Key Vault has been accessed by someone using the TOR IP anonymization system to hide their location. Malicious actors often try to hide their location when attempting to gain unauthorized access to internet-connected resources.|Unknown|
 |**Suspicious policy change and secret query in a Key Vault**|A Key Vault policy change has been made and then operations to list and/or get secrets occurred. In addition, this operation pattern isn't normally performed by the user on this vault. This is highly indicative that the Key Vault is compromised and the secrets within have been stolen by a malicious actor.|Unknown|
 |**Suspicious secret listing and query in a Key Vault**|A Secret List operation was followed by many Secret Get operations. Also, this operation pattern isn't normally performed by the user on this vault. This indicates that someone could be dumping the secrets stored in the Key Vault for potentially malicious purposes.|Unknown|
