Merge pull request #178102 from alexbuckgit/alexbuckgit/docutune-autopr-20211031-023112-8143247

laurabren · web-flow · commit 056e04913b5a · 2021-11-02T12:25:33.000-07:00
DocuTune: Rejoin broken lines
diff --git a/articles/active-directory-b2c/azure-sentinel.md b/articles/active-directory-b2c/azure-sentinel.md
@@ -104,8 +104,7 @@ In the following example, you receive a notification if someone tries to force a
 
 6. Select **Next: Incident settings (Preview)**. You'll configure and add the automated response later.
 
-7. Go to the **Review and create** tab to review all the
-   settings for your new alert rule. When the **Validation passed** message appears, select **Create** to initialize your alert rule.
+7. Go to the **Review and create** tab to review all the settings for your new alert rule. When the **Validation passed** message appears, select **Create** to initialize your alert rule.
 
     ![Screenshot that shows the tab for reviewing and creating an rule.](./media/azure-sentinel/review-create.png)
 
diff --git a/articles/active-directory/fundamentals/protect-m365-from-on-premises-attacks.md b/articles/active-directory/fundamentals/protect-m365-from-on-premises-attacks.md
diff --git a/articles/active-directory/fundamentals/security-operations-privileged-identity-management.md b/articles/active-directory/fundamentals/security-operations-privileged-identity-management.md
@@ -21,8 +21,7 @@ The security of business assets depends on the integrity of the privileged accou
 
 For cloud services, prevention and response are the joint responsibilities of the cloud service provider and the customer. 
 
-Traditionally, organizational security has focused on the entry and exit points of a network as the security perimeter. However, SaaS apps and personal devices have made this approach less effective. In Azure 
-Active Directory (Azure AD), we replace the network security perimeter with authentication in your organization's identity layer. As users are assigned to privileged administrative roles, their access must be protected in on-premises, cloud, and hybrid environments 
+Traditionally, organizational security has focused on the entry and exit points of a network as the security perimeter. However, SaaS apps and personal devices have made this approach less effective. In Azure Active Directory (Azure AD), we replace the network security perimeter with authentication in your organization's identity layer. As users are assigned to privileged administrative roles, their access must be protected in on-premises, cloud, and hybrid environments.
 
 You're entirely responsible for all layers of security for your on-premises IT environment. When you use Azure cloud services, prevention and response are joint responsibilities of Microsoft as the cloud service provider and you as the customer. 
 
diff --git a/articles/active-directory/manage-apps/f5-aad-integration.md b/articles/active-directory/manage-apps/f5-aad-integration.md
@@ -25,9 +25,7 @@ SHA addresses this blind spot by enabling organizations to continue using their
 
 Having Azure AD pre-authenticate access to BIG-IP published services provides many benefits:
 
-- Password-less authentication through [Windows Hello](/windows/security/identity-protection/hello-for-business/hello-overview),
-[MS Authenticator](https://support.microsoft.com/account-billing/download-and-install-the-microsoft-authenticator-app-351498fc-850a-45da-b7b6-27e523b8702a), [Fast Identity Online (FIDO) keys](../authentication/howto-authentication-passwordless-security-key.md),
-and [Certificate-based authentication](../authentication/active-directory-certificate-based-authentication-get-started.md)
+- Password-less authentication through [Windows Hello](/windows/security/identity-protection/hello-for-business/hello-overview), [MS Authenticator](https://support.microsoft.com/account-billing/download-and-install-the-microsoft-authenticator-app-351498fc-850a-45da-b7b6-27e523b8702a), [Fast Identity Online (FIDO) keys](../authentication/howto-authentication-passwordless-security-key.md), and [Certificate-based authentication](../authentication/active-directory-certificate-based-authentication-get-started.md)
 
 - Preemptive [Conditional Access](../conditional-access/overview.md) and [Azure AD Multi-Factor Authentication (MFA)](../authentication/concept-mfa-howitworks.md)
 
diff --git a/articles/active-directory/saas-apps/sentry-tutorial.md b/articles/active-directory/saas-apps/sentry-tutorial.md
@@ -87,8 +87,7 @@ Follow these steps to enable Azure AD SSO in the Azure portal.
 	> [!NOTE]
 	> These values are not real. Update these values with the actual values Identifier, Reply URL, and Sign-on URL. For more information about finding these values, see the [Sentry documentation](https://docs.sentry.io/product/accounts/sso/azure-sso/#installation). You can also refer to the patterns shown in the **Basic SAML Configuration** section in the Azure portal.
 
-1. On the **Set up single sign-on with SAML** page, in the **SAML Signing Certificate** section, click the copy icon to copy the **App 
-Metadata URL** value, and then save it on your computer.
+1. On the **Set up single sign-on with SAML** page, in the **SAML Signing Certificate** section, click the copy icon to copy the **App Metadata URL** value, and then save it on your computer.
 
    ![The Certificate download link](common/copy-metadataurl.png)
 	
diff --git a/articles/azure-government/azure-secure-isolation-guidance.md b/articles/azure-government/azure-secure-isolation-guidance.md
@@ -248,8 +248,7 @@ These logical isolation options are discussed in the rest of this section.
 #### Hypervisor isolation
 Hypervisor isolation in Azure is based on [Microsoft Hyper-V](/windows-server/virtualization/hyper-v/hyper-v-technology-overview) technology, which enables Azure Hypervisor-based isolation to benefit from decades of Microsoft experience in operating system security and investments in Hyper-V technology for virtual machine isolation. You can review independent third-party assessment reports about Hyper-V security functions, including the [National Information Assurance Partnership (NIAP) Common Criteria Evaluation and Validation Scheme (CCEVS) reports](https://www.niap-ccevs.org/Product/PCL.cfm?par303=Microsoft%20Corporation) such as the [report published in Feb-2021](https://www.niap-ccevs.org/Product/Compliant.cfm?PID=11087) that is discussed herein.
 
-The Target of Evaluation (TOE) was composed of Microsoft Windows Server, Microsoft Windows 10 version 1909 (November 2019 Update), 
-and Microsoft Windows Server 2019 (version 1809) Hyper-V (&#8220;Windows&#8221;). TOE enforces the following security policies as described in the report:
+The Target of Evaluation (TOE) was composed of Microsoft Windows Server, Microsoft Windows 10 version 1909 (November 2019 Update), and Microsoft Windows Server 2019 (version 1809) Hyper-V (&#8220;Windows&#8221;). TOE enforces the following security policies as described in the report:
 
 - **Security Audit** – Windows has the ability to collect audit data, review audit logs, protect audit logs from overflow, and restrict access to audit logs. Audit information generated by the system includes the date and time of the event, the user identity that caused the event to be generated, and other event-specific data. Authorized administrators can review, search, and sort audit records. Authorized administrators can also configure the audit system to include or exclude potentially auditable events to be audited based on a wide range of characteristics. In the context of this evaluation, the protection profile requirements cover generating audit events, authorized review of stored audit records, and providing secure storage for audit event entries.
 - **Cryptographic Support** – Windows provides validated cryptographic functions that support encryption/decryption, cryptographic signatures, cryptographic hashing, and random number generation. Windows implements these functions in support of IPsec, TLS, and HTTPS protocol implementation. Windows also ensures that its Guest VMs have access to entropy data so that virtualized operating systems can ensure the implementation of strong cryptography.
diff --git a/articles/azure-government/compare-azure-government-global-azure.md b/articles/azure-government/compare-azure-government-global-azure.md
@@ -420,8 +420,7 @@ The following Azure managed disks **features are not currently available** in Az
 
 ### [Azure NetApp Files](../azure-netapp-files/index.yml)
 
-For Azure NetApp Files feature availability in Azure Government and how to access the Azure NetApp Files service within Azure Government,
-see [Azure NetApp Files for Azure Government](../azure-netapp-files/azure-government.md). 
+For Azure NetApp Files feature availability in Azure Government and how to access the Azure NetApp Files service within Azure Government, see [Azure NetApp Files for Azure Government](../azure-netapp-files/azure-government.md). 
 
 ### [Azure Import/Export](../import-export/storage-import-export-service.md)
 
diff --git a/articles/azure-government/compliance/compliance-tic.md b/articles/azure-government/compliance/compliance-tic.md
@@ -163,8 +163,7 @@ Virtual network injection enables customers to selectively deploy dedicated inst
 
 An increasing number of Azure multitenant services offer *service endpoints*. Service endpoints are an alternate method for integrating to Azure virtual networks. Virtual network service endpoints extend your virtual network IP address space and the identity of your virtual network to the service over a direct connection. Traffic from the virtual network to the Azure service always stays within the Azure backbone network. 
 
-After you enable a service endpoint for a service, use policies exposed by the service
-to restrict connections for the service to that virtual network. Access checks are enforced in the platform by the Azure service. Access to a locked resource is granted only if the request originates from the allowed virtual network or subnet, or from the two IPs that are used to identify your on-premises traffic if you use ExpressRoute. Use this method to effectively prevent inbound/outbound traffic from directly leaving the PaaS service.
+After you enable a service endpoint for a service, use policies exposed by the service to restrict connections for the service to that virtual network. Access checks are enforced in the platform by the Azure service. Access to a locked resource is granted only if the request originates from the allowed virtual network or subnet, or from the two IPs that are used to identify your on-premises traffic if you use ExpressRoute. Use this method to effectively prevent inbound/outbound traffic from directly leaving the PaaS service.
 
 :::image type="content" source="./media/tic-diagram-g.png" alt-text="Service endpoints overview" border="false":::
 
diff --git a/articles/azure-monitor/essentials/activity-log-schema.md b/articles/azure-monitor/essentials/activity-log-schema.md
@@ -681,10 +681,7 @@ This category contains the record of any new recommendations that are generated
 
 ## Policy category
 
-This category contains records of all effect action operations performed by [Azure
-Policy](../../governance/policy/overview.md). Examples of the types of events you would see in this
-category include _Audit_ and _Deny_. Every action taken by Policy is modeled as an operation on a
-resource.
+This category contains records of all effect action operations performed by [Azure Policy](../../governance/policy/overview.md). Examples of the types of events you would see in this category include _Audit_ and _Deny_. Every action taken by Policy is modeled as an operation on a resource.
 
 ### Sample Policy event
 
@@ -892,4 +889,4 @@ Following is an example of an event using this schema..
 
 ## Next steps
 * [Learn more about the Activity Log](./platform-logs-overview.md)
-* [Create a diagnostic setting to send Activity Log to Log Analytics workspace, Azure storage, or event hubs](./diagnostic-settings.md)
+* [Create a diagnostic setting to send Activity Log to Log Analytics workspace, Azure storage, or event hubs](./diagnostic-settings.md)
diff --git a/articles/azure-monitor/logs/manage-cost-storage.md b/articles/azure-monitor/logs/manage-cost-storage.md
@@ -583,9 +583,7 @@ This table lists some suggestions for reducing the volume of logs collected.
 
 ### Getting nodes as billed in the Per Node pricing tier
 
-To get a list of computers that will be billed as nodes if the workspace is in the legacy Per Node pricing tier, look for nodes that are sending **billed data types** (some data types are free). 
-To do this, use the [_IsBillable property](./log-standard-columns.md#_isbillable) and use the leftmost field of the fully qualified domain name. This returns the count of computers with billed 
-data per hour (which is the granularity at which nodes are counted and billed):
+To get a list of computers that will be billed as nodes if the workspace is in the legacy Per Node pricing tier, look for nodes that are sending **billed data types** (some data types are free). To do this, use the [_IsBillable property](./log-standard-columns.md#_isbillable) and use the leftmost field of the fully qualified domain name. This returns the count of computers with billed data per hour (which is the granularity at which nodes are counted and billed):
 
 ```kusto
 find where TimeGenerated > ago(24h) project Computer, TimeGenerated
diff --git a/articles/cognitive-services/Speech-Service/how-to-custom-speech-test-and-train.md b/articles/cognitive-services/Speech-Service/how-to-custom-speech-test-and-train.md
@@ -187,7 +187,7 @@ Additionally, you'll want to account for the following restrictions:
 
 ## Structured text data for training (Public Preview)
 
-Often the expected utterances follow a certain pattern. One common pattern is that utterances only differ by words or phrases from a list. Examples of this could be “I have a question about `product`,” where `product` is a list of possible products. Or, “Make that `object` `color`,” where `object` is a list of geometric shapes and `color` is a list of colors. To simplify the creation of training data and to enable better modeling inside the Custom Language Model, you can use a structured text in markdown format to define lists of items and then reference these inside your training utterances. Additionally, the markdown format also supports specifying the phonetic pronunciation of words. The markdown format shares its format with the _.lu_ markdown used to train Language Understanding models, in particular list entities and example utterances. See the <a href="https://docs.microsoft.com/azure/bot-service/file-format/bot-builder-lu-file-format?view=azure-bot-service-4.0" target="_blank">.lu file format</a> doc for more information on the complete _.lu_ markdown. 
+Often the expected utterances follow a certain pattern. One common pattern is that utterances only differ by words or phrases from a list. Examples of this could be “I have a question about `product`,” where `product` is a list of possible products. Or, “Make that `object` `color`,” where `object` is a list of geometric shapes and `color` is a list of colors. To simplify the creation of training data and to enable better modeling inside the Custom Language Model, you can use a structured text in markdown format to define lists of items and then reference these inside your training utterances. Additionally, the markdown format also supports specifying the phonetic pronunciation of words. The markdown format shares its format with the `.lu` markdown used to train Language Understanding models, in particular list entities and example utterances. For more information about the complete `.lu` markdown, see the <a href="/azure/bot-service/file-format/bot-builder-lu-file-format" target="_blank"> `.lu` file format</a>.
 
 Here is an example of the markdown format:
 
diff --git a/articles/cognitive-services/Speech-Service/speech-sdk-microphone.md b/articles/cognitive-services/Speech-Service/speech-sdk-microphone.md
@@ -48,13 +48,9 @@ The recommended properties when selecting microphones are:
 | Frequency Response | ± 3 dB, 200-8000 Hz Floating Mask\* |
 | Reliability | Storage Temperature Range -40°C to 70°C<br />Operating Temperature Range -20°C to 55°C |
 
-\*_Higher sampling rates or "wider" frequency ranges may be necessary
-for high-quality communications (VoIP) applications_
+\*_Higher sampling rates or "wider" frequency ranges may be necessary for high-quality communications (VoIP) applications_
 
-Good component selection must be paired with good
-electroacoustic integration in order to avoid impairing the performance
-of the components used. Unique use cases may also necessitate additional
-requirements (for example: operating temperature ranges).
+Good component selection must be paired with good electroacoustic integration in order to avoid impairing the performance of the components used. Unique use cases may also necessitate additional requirements (for example: operating temperature ranges).
 
 ## Microphone array integration
 
@@ -74,9 +70,7 @@ The performance of the microphone array when integrated into a device will diffe
 
 ## Speaker integration recommendations
 
-As echo cancellation is necessary for speech recognition devices that
-contain speakers, additional recommendations are provided for speaker
-selection and integration.
+As echo cancellation is necessary for speech recognition devices that contain speakers, additional recommendations are provided for speaker selection and integration.
 
 | Parameter | Recommended |
 | --------- | ----------- |
@@ -87,8 +81,7 @@ selection and integration.
 
 ## Integration design architecture
 
-The following guidelines for architecture are necessary when integrating
-microphones into a device:
+The following guidelines for architecture are necessary when integrating microphones into a device:
 
 | Parameter | Recommendation |
 | --------- | -------------- |
diff --git a/articles/machine-learning/concept-enterprise-security.md b/articles/machine-learning/concept-enterprise-security.md
@@ -46,8 +46,7 @@ Each workspace has an associated system-assigned [managed identity](../active-di
 
 The system-assigned managed identity is used for internal service-to-service authentication between Azure Machine Learning and other Azure resources. The identity token is not accessible to users and cannot be used by them to gain access to these resources. Users can only access the resources through [Azure Machine Learning control and data plane APIs](how-to-assign-roles.md), if they have sufficient RBAC permissions.
 
-The managed identity needs Contributor permissions on the resource group containing the workspace in order to provision the associated resources, 
-and to [deploy Azure Container Instances for web service endpoints](how-to-deploy-azure-container-instance.md).
+The managed identity needs Contributor permissions on the resource group containing the workspace in order to provision the associated resources, and to [deploy Azure Container Instances for web service endpoints](how-to-deploy-azure-container-instance.md).
 
 We don't recommend that admins revoke the access of the managed identity to the resources mentioned in the preceding table. You can restore access by using the [resync keys operation](how-to-change-storage-access-key.md).
 
diff --git a/articles/machine-learning/how-to-deploy-azure-kubernetes-service.md b/articles/machine-learning/how-to-deploy-azure-kubernetes-service.md
@@ -300,7 +300,7 @@ Add another version to your endpoint and configure the scoring traffic percentil
 > [!TIP]
 > The second version, created by the following code snippet, accepts 10% of traffic. The first version is configured for 20%, so only 30% of the traffic is configured for specific versions. The remaining 70% is sent to the first endpoint version, because it is also the default version.
 
- ```python
+```python
 from azureml.core.webservice import AksEndpoint
 
 # add another model deployment to the same endpoint as above
@@ -319,7 +319,7 @@ Update existing versions or delete them in an endpoint. You can change the versi
 > [!TIP]
 > After the following code snippet, the second version is now default. It is now configured for 40%, while the original version is still configured for 20%. This means that 40% of traffic is not accounted for by version configurations. The leftover traffic will be routed to the second version, because it is now default. It effectively receives 80% of the traffic.
 
- ```python
+```python
 from azureml.core.webservice import AksEndpoint
 
 # update the version's scoring traffic percentage and if it is a default or control type
diff --git a/articles/migrate/tutorial-migrate-aws-virtual-machines.md b/articles/migrate/tutorial-migrate-aws-virtual-machines.md
@@ -376,8 +376,7 @@ After you've verified that the test migration works as expected, you can migrate
 ## Troubleshooting / Tips
 
 **Question:** I cannot see my AWS VM in the discovered list of servers for migration   
-**Answer:** Check if your replication appliance meets the requirements. Make sure
-Mobility Agent is installed on the source VM to be migrated and is registered the Configuration Server. Check the network setting and firewall rules to enable a network path between the replication appliance and source AWS VMs.  
+**Answer:** Check if your replication appliance meets the requirements. Make sure Mobility Agent is installed on the source VM to be migrated and is registered the Configuration Server. Check the network setting and firewall rules to enable a network path between the replication appliance and source AWS VMs.  
 
 **Question:** How do I know if my VM was successfully migrated   
 **Answer:** Post-migration, you can view and manage the VM from the Virtual Machines page. Connect to the migrated VM to validate.  
diff --git a/articles/migrate/tutorial-migrate-gcp-virtual-machines.md b/articles/migrate/tutorial-migrate-gcp-virtual-machines.md
diff --git a/articles/purview/supported-classifications.md b/articles/purview/supported-classifications.md
diff --git a/articles/security/develop/secure-deploy.md b/articles/security/develop/secure-deploy.md
diff --git a/articles/security/develop/secure-develop.md b/articles/security/develop/secure-develop.md
diff --git a/articles/web-application-firewall/ag/ag-overview.md b/articles/web-application-firewall/ag/ag-overview.md
