Merge pull request #230636 from janicericketts/patch-65

prmerger-automator[bot] · web-flow · commit 73aa8ee0acbc · 2023-03-14T17:09:01.000Z
Fix broken link
diff --git a/articles/active-directory/fundamentals/auth-passwordless.md b/articles/active-directory/fundamentals/auth-passwordless.md
@@ -18,5 +18,5 @@ Microsoft Azure Active Directory (Azure AD) enables integration with the followi
 
 - [Overview of Azure AD certificate-based authentication](../authentication/concept-certificate-based-authentication.md): Azure AD certificate-based authentication (CBA) enables customers to allow or require users to authenticate directly with X.509 certificates against their Azure AD for applications and browser sign-in. This feature enables customers to adopt phishing resistant authentication and authenticate with an X.509 certificate against their Public Key Infrastructure (PKI). 
 - [Enable passwordless security key sign-in](../authentication/howto-authentication-passwordless-security-key.md): For enterprises that use passwords and have a shared PC environment, security keys provide a seamless way for workers to authenticate without entering a username or password. Security keys provide improved productivity for workers, and have better security. This article explains how to sign in to web-based applications with your Azure AD account using a FIDO2 security key.
-- [Windows Hello for Business Overview](/windows/security/identity-protection/hello-for-business/hello-overview.md): Windows Hello for Business replaces passwords with strong two-factor authentication on devices. This authentication consists of a type of user credential that is tied to a device and uses a biometric or PIN.
+- [Windows Hello for Business Overview](https://learn.microsoft.com/windows/security/identity-protection/hello-for-business/hello-overview): Windows Hello for Business replaces passwords with strong two-factor authentication on devices. This authentication consists of a type of user credential that is tied to a device and uses a biometric or PIN.
 - [Enable passwordless sign-in with Microsoft Authenticator](../authentication/howto-authentication-passwordless-phone.md): Microsoft Authenticator can be used to sign in to any Azure AD account without using a password. Microsoft Authenticator uses key-based authentication to enable a user credential that is tied to a device, where the device uses a PIN or biometric. Windows Hello for Business uses a similar technology. Microsoft Authenticator can be used on any device platform, including mobile. Microsoft Authenticator can be used with any app or website that integrates with Microsoft Authentication Libraries.
diff --git a/articles/active-directory/fundamentals/auth-remote-desktop-gateway.md b/articles/active-directory/fundamentals/auth-remote-desktop-gateway.md
@@ -16,7 +16,7 @@ ms.collection: M365-identity-device-management
 ---
 # Remote Desktop Gateway Services
 
-A standard Remote Desktop Services (RDS) deployment includes various [Remote Desktop role services](/windows-server/remote/remote-desktop-services/Desktop-hosting-logical-architecture) running on Windows Server. The RDS deployment with Azure Active Directory (Azure AD) Application Proxy has a permanent outbound connection from the server that is running the connector service. Other deployments leave open inbound connections through a load balancer.
+A standard Remote Desktop Services (RDS) deployment includes various [Remote Desktop role services](https://learn.microsoft.com/windows-server/remote/remote-desktop-services/desktop-hosting-logical-architecture) running on Windows Server. The RDS deployment with Azure Active Directory (Azure AD) Application Proxy has a permanent outbound connection from the server that is running the connector service. Other deployments leave open inbound connections through a load balancer.
 
 This authentication pattern allows you to offer more types of applications by publishing on premises applications through Remote Desktop Services. It reduces the attack surface of their deployment by using Azure AD Application Proxy.
 
@@ -44,4 +44,4 @@ Explore the following resources to learn more about implementing Remote Desktop
 ## Next steps
 
 * [Azure Active Directory authentication and synchronization protocol overview](auth-sync-overview.md) describes integration with authentication and synchronization protocols. Authentication integrations enable you to use Azure AD and its security and management features with little or no changes to your applications that use legacy authentication methods. Synchronization integrations enable you to sync user and group data to Azure AD and then user Azure AD management capabilities. Some sync patterns enable automated provisioning.
-* [Remote Desktop Services architecture](/windows-server/remote/remote-desktop-services/Desktop-hosting-logical-architecture.md) describes configurations for deploying Remote Desktop Services to host Windows apps and desktops for end-users.
+* [Remote Desktop Services architecture](https://learn.microsoft.com/windows-server/remote/remote-desktop-services/desktop-hosting-logical-architecture) describes configurations for deploying Remote Desktop Services to host Windows apps and desktops for end-users.
diff --git a/articles/active-directory/fundamentals/security-operations-introduction.md b/articles/active-directory/fundamentals/security-operations-introduction.md
@@ -19,7 +19,7 @@ ms.collection: M365-identity-device-management
 
 # Azure Active Directory security operations guide
 
-Microsoft has a successful and proven approach to [Zero Trust security](https://aka.ms/Zero-Trust) using [Defense in Depth](https://us-cert.cisa.gov/bsi/articles/knowledge/principles/defense-in-depth) principles that use identity as a control plane. Organizations continue to embrace a hybrid workload world for scale, cost savings, and security. Azure Active Directory (Azure AD) plays a pivotal role in your strategy for identity management. Recently, news surrounding identity and security compromise has increasingly prompted enterprise IT to consider their identity security posture as a measurement of defensive security success.
+Microsoft has a successful and proven approach to [Zero Trust security](https://aka.ms/Zero-Trust) using [Defense in Depth](https://www.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf) principles that use identity as a control plane. Organizations continue to embrace a hybrid workload world for scale, cost savings, and security. Azure Active Directory (Azure AD) plays a pivotal role in your strategy for identity management. Recently, news surrounding identity and security compromise has increasingly prompted enterprise IT to consider their identity security posture as a measurement of defensive security success.
 
 Increasingly, organizations must embrace a mixture of on-premises and cloud applications, which users access with both on–premises and cloud-only accounts. Managing users, applications, and devices both on-premises and in the cloud poses challenging scenarios.
 
