Wording changes

msmbaldwin · msmbaldwin · commit 0a73eb26176c · 2020-01-10T16:14:34.000-08:00
diff --git a/articles/security/benchmarks/introduction.md b/articles/security/benchmarks/introduction.md
@@ -14,24 +14,24 @@ ms.custom: security-baselines
 
 # Azure security benchmark introduction
 
-You may have several years or even decades of experience with on-premises computing. You know how to secure those deployments. But the cloud is different. How do you know if your cloud deployments are secure? What are the differences between security practices for on-premises systems and security practices for cloud deployments?
+You may have several years or even decades of experience with on-premises computing. You know how to secure those deployments; but the cloud is different. How do you know if your cloud deployments are secure? What are the differences between security practices for on-premises systems and cloud deployments?
 
-There is a large collection of white papers, best practices, reference architectures, web guidance, open-source tools, commercial solutions, intelligence feeds, and more that can be used to help secure the cloud. Which option should you use? What can you do to get an acceptable level of security in the cloud? 
+There is a large collection of white papers, best practices, reference architectures, web guidance, open-source tools, commercial solutions, intelligence feeds, and more, that can be used to help secure the cloud. Which option should you use? What can you do to get an acceptable level of security in the cloud? 
 
-One of the best ways to secure your cloud deployments is to focus on cloud security benchmark recommendations. Benchmark recommendations for securing any service begin with a fundamental understanding of cybersecurity risk and how to manage it. You can then use this understanding by adopting benchmark security recommendations from your cloud service provider to help select specific security configuration settings in your environment. 
+One of the best ways to secure your cloud deployments is to focus on cloud security benchmark recommendations. Benchmark recommendations, for securing any service, begin with a fundamental understanding of cybersecurity risk and how to manage it. You can then use this understanding by adopting benchmark security recommendations from your cloud service provider to help select specific security configuration settings in your environment. 
 
 The Azure Security Benchmark includes a collection of high-impact security recommendations you can use to help secure most of the services you use in Azure. You can think of these recommendations as "general" or "organizational" as they are applicable to most Azure services. The Azure Security Benchmark recommendations are then customized for each Azure service, and this customized guidance is contained in service recommendations articles. 
 
-The Azure Security Benchmark documentation specify Security Controls and Service Recommendations.
+The Azure Security Benchmark documentation specifies security controls and service recommendations.
 
-- **Security Controls**: The Azure Security Benchmark recommendations are categorized by security controls. Security controls represent high-level vendor-agnostic security requirements, such as network security and data protection. Each security control has a set of security recommendations and instructions that help you enable those recommendations. 
-- **Service Recommendations**: When available, benchmark recommendations for Azure services will include Azure Security Benchmark recommendations that are tailored for the service, as well as additional recommendations that are unique for the particular service. 
+- **Security Controls**: The Azure Security Benchmark recommendations are categorized by security controls. Security controls represent high-level vendor-agnostic security requirements, such as network security and data protection. Each security control has a set of security recommendations and instructions that help you implment those recommendations. 
+- **Service Recommendations**: When available, benchmark recommendations for Azure services will include Azure Security Benchmark recommendations that are tailored specifically for that service. 
 
 The terms "Control", "Benchmark", and "Baseline" are used often in the Azure Security Benchmark documentation and it's important to understand how Azure uses those terms. 
 
 | Term | Description | Example |
 |--|--|--|
-| Control | A **control** is a high-level description of a feature or activity that needs to be addressed, and is not specific to a technology or implementation. | Data Protection is one of the security controls. This control contains specific actions that need to be addressed to help ensure data is protected. |
+| Control | A **control** is a high-level description of a feature or activity that needs to be addressed and is not specific to a technology or implementation. | Data Protection is one of the security controls. This control contains specific actions that need to be addressed to help ensure data is protected. |
 | Benchmark | A **benchmark** contains security recommendations for a specific technology, such as Azure. The recommendations are categorized by the control to which they belong. | The Azure Security benchmark comprises the security recommendations specific to the Azure platform  |
 | Baseline | A **baseline** is the security requirements for an organization. The security requirements are based on benchmark recommendations. Each organization decides which benchmark recommendations to include in their baseline. | The Contoso company creates its security baseline by choosing to require specific recommendations in the Azure Security Benchmark. |
 
diff --git a/articles/security/benchmarks/overview.md b/articles/security/benchmarks/overview.md
@@ -16,7 +16,7 @@ ms.custom: security-baselines
 
 The Azure Security Benchmark contains recommendations that help you improve the security of your applications and data on Azure.
 
-This Benchmark focuses on cloud-centric control areas. These controls are consistent with well-known security benchmarks, such as those described by the Center for Internet Security (CIS) Controls Version 7.1 
+This Benchmark focuses on cloud-centric control areas. These controls are consistent with well-known security benchmarks, such as those described by the Center for Internet Security (CIS) Controls Version 7.1.
 
 The following controls are used in the Azure Security Benchmark: 
 
@@ -39,9 +39,9 @@ You can also download the [Azure Security Benchmark v1 excel spreadsheet](https:
 Each recommendation includes the following information: 
 
 - **Azure ID**: The Azure Security Benchmark ID that corresponds to the recommendation. 
-- **CIS ID(s)**: The CIS benchmark recommendation # that corresponds to this recommendation.  
+- **CIS ID(s)**: The CIS benchmark recommendation(s) that correspond to this recommendation.  
 - **Responsibility**: Whether the customer or the service-provider (or both) is (are) responsible for implementing this recommendation. Security responsibilities are shared in the public cloud. Some security controls are only available to the cloud service provider and therefore the provider is responsible  for addressing those. These are general observations – for some individual services, the responsibility will be different than what is listed in the Azure Security Benchmark. Those differences are described in the baseline recommendations for the individual service. 
-- **Details**: The rationale for the recommendation and links to guidance on how to implement the recommendation. If the recommendation is supported by Azure Security Center, that information will be listed here.  
+- **Details**: The rationale for the recommendation and links to guidance on how to implement it. If the recommendation is supported by Azure Security Center, that information will also be listed.
 
 We welcome your detailed feedback and active participation in the Azure Security Benchmark effort. If you would like to provide the Benchmark team direct input, please fill out the form at [https://aka.ms/AzSecBenchmark](https://aka.ms/AzSecBenchmark).
 
diff --git a/articles/security/benchmarks/security-control-network-security.md b/articles/security/benchmarks/security-control-network-security.md
@@ -96,11 +96,11 @@ Understand Azure Security Center Integrated Threat Intelligence:
 
 https://docs.microsoft.com/azure/security-center/security-center-alerts-service-layer
 
-Understand Azure Security Center Adaptive Network Hardening
+Understand Azure Security Center Adaptive Network Hardening:
 
 https://docs.microsoft.com/azure/security-center/security-center-adaptive-network-hardening
 
-Understand Azure Security Center Just In Time Network Access Control
+Understand Azure Security Center Just In Time Network Access Control:
 
 https://docs.microsoft.com/azure/security-center/security-center-just-in-time
 
@@ -174,7 +174,7 @@ https://docs.microsoft.com/azure/virtual-network/service-tags-overview
 
 Define and implement standard security configurations for network resources with Azure Policy.
 
-You may also use Azure Blueprints to simplify large scale Azure deployments by packaging key environment artifacts, such as Azure Resource Manager templates, RBAC controls, and policies, in a single blueprint definition. You can apply the blueprint to new subscriptions and environments, and fine-tune control and management through versioning.
+You may also use Azure Blueprints to simplify large scale Azure deployments by packaging key environment artifacts, such as Azure Resource Manager templates, RBAC controls, and policies, in a single blueprint definition. You can apply the blueprint to new subscriptions and fine-tune control and management through versioning.
 
 How to configure and manage Azure Policy:
 
