fix xrefs

Author: Shereen-Bhar

articles/defender-for-iot/organizations/api/sensor-vulnerability-apis.md

@@ -559,7 +559,7 @@ JSON object that represents recommended mitigation steps.
 |--|--|--|
 | **content** | String | Not nullable | Recommended mitigation steps for detected vulnerabilities  |
 | **scoreImprovement** | Integer | Nullable | Expected percentage of security improvement after mitigation steps are taken.  |
-| **details** | Table | Nullable | A table listing mitigation recommendations, such as would be generated in the **Risk assessment** report. Each recommendation includes details about possible security impact if the action is performed and more. For more information, see [Risk mitigation](../how-to-create-risk-assessment-reports.md#risk-assessment-reporting). |
+| **details** | Table | Nullable | A table listing mitigation recommendations, such as would be generated in the **Risk assessment** report. Each recommendation includes details about possible security impact if the action is performed and more. For more information, see [Risk mitigation](../how-to-create-risk-assessment-reports.md#create-risk-assessment-reports). |
 
 > [!NOTE]
 > You might have multiple mitigation steps, with some returned in the `notifications` field, and others returned in the `mitigation` field. Items with `scoreImprovement` and `details` data is returned only in the `mitigation` field. Items without `scoreImprovement` and `details` data is returned only in the `notifications` field.

articles/defender-for-iot/organizations/how-to-activate-and-set-up-your-sensor.md

@@ -241,7 +241,7 @@ You can access console tools from the side menu.  Tools help you:
 | Event timeline | View a timeline with information about alerts, network events, and user operations. For more information, see [Track sensor activity](how-to-track-sensor-activity.md).|
 | Data mining | Generate comprehensive and granular information about your network's devices at various layers. For more information, see [Sensor data mining queries](how-to-create-data-mining-queries.md).|
 | Trends and Statistics |  View trends and statistics about an extensive range of network traffic and activity.  As a small example, display charts and graphs showing top traffic by port, connectivity drops by hours, S7 traffic by control function, number of devices per VLAN, SRTP errors by day, or Modbus traffic by function. For more information, see [Sensor trends and statistics reports](how-to-create-trends-and-statistics-reports.md).
-| Risk Assessment | Proactively address vulnerabilities,  identify risks such as missing patches or unauthorized applications. Detect changes to device configurations, controller logic, and firmware. Prioritize fixes based on risk scoring and automated threat modeling.  For more information, see [Risk assessment reporting](how-to-create-risk-assessment-reports.md#risk-assessment-reporting).|
+| Risk Assessment | Proactively address vulnerabilities,  identify risks such as missing patches or unauthorized applications. Detect changes to device configurations, controller logic, and firmware. Prioritize fixes based on risk scoring and automated threat modeling.  For more information, see [Risk assessment reporting](how-to-create-risk-assessment-reports.md#create-risk-assessment-reports).|
 | Attack Vector |  Display a graphical representation of a vulnerability chain of exploitable devices. These vulnerabilities can give an attacker access to key network devices. The Attack Vector Simulator calculates attack vectors in real time and analyzes all attack vectors for a specific target. For more information, see [Attack vector reporting](how-to-create-attack-vector-reports.md#attack-vector-reporting).|
 
 ### Manage