Addressed PR review feedback

Author: msmbaldwin

articles/security/benchmarks/security-control-data-protection.md

@@ -125,6 +125,6 @@ Use Azure Monitor with the Azure Activity Log to create alerts for when changes
 - [How to create alerts for Azure Activity Log events](https://docs.microsoft.com/azure/azure-monitor/platform/alerts-activity-log)
 
 
-## Next Steps
+## Next steps
 
 - See the next Security Control:  [Vulnerability Management](security-control-vulnerability-management.md)

articles/security/benchmarks/security-control-data-recovery.md

@@ -65,6 +65,6 @@ Enable Soft-Delete and purge protection in Key Vault to protect keys against acc
 - [Soft delete for Azure Storage blobs](https://docs.microsoft.com/azure/storage/blobs/storage-blob-soft-delete?tabs=azure-portal)
 
 
-## Next Steps
+## Next steps
 
 - See the next Security Control:  [Incident Response](security-control-incident-response.md)

articles/security/benchmarks/security-control-identity-access-control.md

@@ -161,6 +161,6 @@ In support scenarios where Microsoft needs to access customer data, Customer Loc
 - [Understand Customer Lockbox](https://docs.microsoft.com/azure/security/fundamentals/customer-lockbox-overview)
 
 
-## Next Steps
+## Next steps
 
 - See the next Security Control: [Data Protection](security-control-data-protection.md)

articles/security/benchmarks/security-control-incident-response.md

@@ -85,6 +85,6 @@ Use the Workflow Automation feature in Azure Security Center to automatically tr
 - [How to configure Workflow Automation and Logic Apps](https://docs.microsoft.com/azure/security-center/workflow-automation)
 
 
-## Next Steps
+## Next steps
 
 - See the next Security Control: [Penetration Tests and Red Team Exercises](security-control-penetration-tests-red-team-exercises.md)

articles/security/benchmarks/security-control-inventory-asset-management.md

@@ -60,7 +60,7 @@ Use tagging, management groups, and separate subscriptions, where appropriate, t
 |--|--|--|
 | 6.4 | 2.1 | Customer |
 
-Create an inventory of approved Azure resources and approved software for compute resources as pery our organizational needs.
+Create an inventory of approved Azure resources and approved software for compute resources as per our organizational needs.
 
 ## 6.5: Monitor for unapproved Azure resources
 
@@ -82,7 +82,7 @@ Use Azure Resource Graph to query/discover resources within their subscription(s
 |--|--|--|
 | 6.6 | 2.3, 2.4 | Customer |
 
-Use Azure virtual machine Inventory to automate the collection of information about all software on Virtual Machines. Software Name, Version, Publisher, and Refresh time are available from the Azure Portal. To get access to install date and other information, enable guest-level diagnostics and bring the Windows Event Logs into a Log Analytics Workspace.
+Use Azure virtual machine Inventory to automate the collection of information about all software on Virtual Machines. Software Name, Version, Publisher, and Refresh time are available from the Azure portal. To get access to install date and other information, enable guest-level diagnostics and bring the Windows Event Logs into a Log Analytics Workspace.
 
 - [How to enable Azure virtual machine Inventory](https://docs.microsoft.com/azure/automation/automation-tutorial-installed-software)
 
@@ -169,6 +169,6 @@ Software that is required for business operations, but may incur higher risk for
 - [How to create an NSG with a security config](https://docs.microsoft.com/azure/virtual-network/tutorial-filter-network-traffic)
 
 
-## Next Steps
+## Next steps
 
 - See the next Security Control: [Secure Configuration](security-control-secure-configuration.md)

articles/security/benchmarks/security-control-logging-monitoring.md

@@ -149,6 +149,6 @@ Use Microsoft Monitoring Agent on all supported Azure Windows virtual machines t
 - [Syslog data sources in Azure Monitor](https://docs.microsoft.com/azure/azure-monitor/platform/data-sources-syslog)
 
 
-## Next Steps
+## Next steps
 
 - See the next Security Control: [Identity and Access Control](security-control-identity-access-control.md)

articles/security/benchmarks/security-control-malware-defense.md

@@ -53,6 +53,6 @@ Microsoft Antimalware will automatically install the latest signatures and engin
 - [How to deploy Microsoft Antimalware for Azure Cloud Services and Virtual Machines](https://docs.microsoft.com/azure/security/fundamentals/antimalware)
 
 
-## Next Steps
+## Next steps
 
 - See the next Security Control: [Data Recovery](security-control-data-recovery.md)

articles/security/benchmarks/security-control-network-security.md

@@ -182,6 +182,6 @@ Use Azure Activity Log to monitor resource configurations and detect changes to
 
 - [How to create alerts in Azure Monitor](https://docs.microsoft.com/azure/azure-monitor/platform/alerts-activity-log)
 
-## Next Steps
+## Next steps
 
 - See the next Security Control: [Logging and Monitoring](security-control-logging-monitoring.md)

articles/security/benchmarks/security-control-penetration-tests-red-team-exercises.md

@@ -14,19 +14,19 @@ ms.custom: security-benchmark
 
 Test the overall strength of an organization's defense (the technology, the processes, and the people) by simulating the objectives and actions of an attacker.
 
-## 11.1: Conduct regular penetration testing of your Azure resources and ensure remediation of allcritical security findings
+## 11.1: Conduct regular penetration testing of your Azure resources and ensure remediation of all critical security findings
 
 | Azure ID | CIS IDs | Responsibility |
 |--|--|--|
 | 11.1 | 20.1, 20.2, 20.3, 20.4, 20.5, 20.6, 20.7, 20.8 | Shared |
 
-Follow the Microsoft Rules of Engagement to ensure your Penetration Tests are not in violation of Microsoft policies. Use Microsoft’s strategy and execution of Red Teaming and live site penetration testing against Microsoft-managed cloud infrastructure, services, and applications.
+Follow the Microsoft Rules of Engagement to ensure your Penetration Tests are not in violation of Microsoft policies. Use Microsoft's strategy and execution of Red Teaming and live site penetration testing against Microsoft-managed cloud infrastructure, services, and applications.
 
 - [Penetration Testing Rules of Engagement](https://www.microsoft.com/msrc/pentest-rules-of-engagement?rtc=1)
 
 - [Microsoft Cloud Red Teaming](https://gallery.technet.microsoft.com/Cloud-Red-Teaming-b837392e)
 
 
-## Next Steps
+## Next steps
 
 - Return to the [Azure Security Benchmark overview](overview.md)

articles/security/benchmarks/security-control-secure-configuration.md

@@ -22,7 +22,7 @@ Establish, implement, and actively manage (track, report on, correct) the securi
 
 Use Azure Policy aliases to create custom policies to audit or enforce the configuration of your Azure resources. You may also use built-in Azure Policy definitions.
 
-Also, Azure Resource Manager has the ability to export the template in Java Script Object Notation (JSON), which should be reviewed to ensure that the configurations meet / exceed the security requirements for your organization.
+Also, Azure Resource Manager has the ability to export the template in JavaScript Object Notation (JSON), which should be reviewed to ensure that the configurations meet / exceed the security requirements for your organization.
 
 You may also use recommendations from Azure Security Center as a secure configuration baseline for your Azure resources.
 
@@ -193,6 +193,6 @@ Implement Credential Scanner to identify credentials within code. Credential Sca
 - [How to setup Credential Scanner](https://secdevtools.azurewebsites.net/helpcredscan.html)
 
 
-## Next Steps
+## Next steps
 
 - See the next Security Control:  [Malware Defense](security-control-malware-defense.md)