Updated findings

Author: Ajay Kundnani

articles/virtual-machines/media/trusted-launch/02-g2totl-stop-vm.png

@@ -34,7 +34,7 @@ Azure Virtual Machines supports enabling Trusted Launch on existing [Azure Gener
 - Azure Generation 2 VM(s) should be **stopped and deallocated** before enabling Trusted Launch security type.
 - Azure Backup if enabled for Generation 2 VM(s) should be configured with [Enhanced Backup Policy](../backup/backup-azure-vms-enhanced-policy.md). Trusted Launch security type cannot be enabled for Generation 2 VM(s) configured with *Standard Policy* backup protection.
 
-## Best Practices
+## Best practices
 
 - [Create restore point](create-restore-points.md) for Azure Generation 2 VM(s) before enabling Trusted Launch security type. You can use the Restore Point to re-create the disks and Generation 2 VM with the previous well-known state.
 - Enable Trusted launch on a test Generation 2 VM and ensure if any changes are required to meet the prerequisites before enabling Trusted Launch on Generation 2 VMs running production workloads.
@@ -268,7 +268,7 @@ New-AzResourceGroupDeployment `
 
 5. Verify that the deployment is successful. Check for the security type and UEFI settings of the VM using Azure portal. Check the Security type section in the Overview page.
 
-:::image type="content" source="./media/trusted-launch/gen2-tvm-settings.png" alt-text="Screenshot of the Trusted Launch properties of the VM.":::
+:::image type="content" source="./media/trusted-launch/generation-2-trusted-launch-settings.png" alt-text="Screenshot of the Trusted Launch properties of the VM.":::
 
 6. Start the upgraded Trusted Launch VM and ensure that it has started successfully and verify that you are able to log in to the VM using either RDP (for Windows VM) or SSH (for Linux VM).
 

articles/virtual-machines/media/trusted-launch/03-g2totl-click-standard.png

@@ -339,7 +339,7 @@ New-AzVM -Name MyVm -Credential $vmCred -SecurityType Standard
 
 ---
 
-## Feature Support
+## Feature support
 
 ### Does trusted launch support Azure Compute Gallery?
 
@@ -368,13 +368,14 @@ Backups taken before [upgrading existing Generation 2 VM to Trusted Launch](trus
 ### Will backup continue to work after enabling Trusted Launch?
 Backups configured with [enhanced policy](../backup/backup-azure-vms-enhanced-policy.md) will continue to take backup of VM after enabling Trusted Launch.
 
-## Boot Integrity Monitoring
+## Boot integrity monitoring
 
 ### What happens when an integrity fault is detected?
 
 Trusted launch for Azure virtual machines is monitored for advanced threats. If such threats are detected, an alert is triggered. Alerts are only available if [Defender for Cloud's enhanced security features](../security-center/enable-enhanced-security.md) are enabled.
 
 Microsoft Defender for Cloud periodically performs attestation. If the attestation fails, a medium severity alert is triggered. Trusted launch attestation can fail for the following reasons:
+
 - The attested information, which includes a log of the Trusted Computing Base (TCB), deviates from a trusted baseline (like when Secure Boot is enabled). This deviation indicates an untrusted module(s) have been loaded and the OS may be compromised.
 - The attestation quote could not be verified to originate from the vTPM of the attested VM. This verification failure indicates a malware is present and may be intercepting traffic to the TPM.
 - The attestation extension on the VM is not responding. This unresponsive extension indicates a denial-of-service attack by malware or an OS admin.

articles/virtual-machines/media/trusted-launch/04-g2totl-select-dropdown.png

@@ -165,9 +165,10 @@ You can deploy trusted launch VMs using a quickstart template:
 - **Recommended** [Trusted launch VM Supported (`TrustedLaunchSupported`) images](#trusted-launch-vm-supported-images) are images where the source does not have VM Guest state information and can be used to create either [Generation 2 VMs](generation-2.md) or [Trusted Launch VMs](trusted-launch.md).
 - [Trusted launch VM (`TrustedLaunch`) images](#trusted-launch-vm-images) are images where the source usually has [VM Guest state information](trusted-launch-faq.md#what-is-vm-guest-state-vmgs) and can be used to create only [Trusted Launch VMs](trusted-launch.md).
 
-### Trusted launch VM Supported Images
+### Trusted launch VM supported images
 
 For the following image sources, the security type on the image definition should be set to `TrustedLaunchsupported`:
+
 - Gen2 OS Disk VHD
 - Gen2 Managed Image
 - Gen2 Gallery Image Version

articles/virtual-machines/media/trusted-launch/05-g2totl-select-uefi-settings.png

@@ -66,6 +66,7 @@ Azure offers trusted launch as a seamless way to improve the security of [genera
 ## Additional information
 
 **Regions**:
+
 - All public regions
 - All Azure Government regions