Update certificate-based-authentication-faq.yml

Justinha · Justinha · commit 1f931260513e · 2023-02-21T13:57:07.000-08:00
diff --git a/articles/active-directory/authentication/certificate-based-authentication-faq.yml b/articles/active-directory/authentication/certificate-based-authentication-faq.yml
@@ -69,7 +69,7 @@ sections:
           
           Use the [Set-AzureADTrustedCertificateAuthority](/powershell/module/azuread/set-azureadtrustedcertificateauthority) cmdlet:
           
-          ```powershell
+          ```PowerShell
           $c=Get-AzureADTrustedCertificateAuthority
           $c[0]. crlDistributionPoint=""
           Set-AzureADTrustedCertificateAuthority -CertificateAuthorityInformation $c[0]
@@ -120,14 +120,14 @@ sections:
           The browser caches the certificate after the certificate picker appears. If the user retries, the cached certificate is used automatically. The user should close the browser, and reopen a new session to try CBA again.          
 
       - question: |
-          Why does not proof up for registering other auth methods come up when I use single factor certificates?
+          Why doesn't proof up for registering other auth methods come up when I use single factor certificates?
         answer: |
-          A user will be considered MFA capable when a user is in scope for Certificate-based authentication auth method. This means user will not be able to use proof up as part of their authentication to registerd other available methods and should have MFA via another method to register other available auth methods.
+          A user is considered capable for MFA when the user is in scope for **Certificate-based authentication** in the Authentication methods policy. This policy requirement means a user can't use proof up as part of their authentication to register other available methods.
           
       - question: |
           How can I use single-factor certificates to complete MFA?
         answer: |
-          We have support for single factor CBA to get MFA. CBA SF + PSI (passwordless phone sign in) and CBA SF + FIDO2 are the two supported combinations to get MFA using single factor certificates.
+          We have support for single factor CBA to get MFA. CBA SF + passwordless phone sign-in (PSI) and CBA SF + FIDO2 are the two supported combinations to get MFA using single factor certificates.
           [MFA with single factor certificates](../authentication/concept-certificate-based-authentication-technical-deep-dive.md#mfa-authentication-flow-using-single-factor-certificates-and-passwordless-sign-in) 
           
       - question: |
@@ -147,7 +147,7 @@ sections:
            ```
 
       - question: |
-           After a CRL endpoint is configured, end users are not able to login with the following diagnostic message:
+           After a CRL endpoint is configured, end users aren't able to sign in and they see the following diagnostic message:
            
            ```http
            AADSTS500173: Unable to download CRL. Invalid status code Forbidden from CRL distribution point
