Update respond-machine-alerts.md

updated added note and link under contain user

Author: diannegali

defender-endpoint/respond-machine-alerts.md

@@ -316,12 +316,7 @@ When an identity in your network might be compromised, you must prevent that ide
 > Blocking incoming communication with a "contained" user is supported on onboarded Microsoft Defender for Endpoint Windows 10 and 11 devices (Sense version 8740 and higher), Windows Server 2019+ devices, and Windows Servers 2012R2 and 2016 with the modern agent.
 
 > [!IMPORTANT]
->Once a Contain User action is enforced on a Domain Controller, it will trigger a GPO update on the Default Domain Controller policy. A change of a GPO will trigger a sync across the Domain Controllers in your environment.  The above is expected behavior, and if you monitor your environment for AD GPO changes, you may be notified of such changes. Undoing the Contain User action will also revert the GPO changes to their previous state which will once more trigger AD GPO synchronization in your environment. 
-
-More information on merging of Security Policies can be found at 
-https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj966251(v=ws.11)#merging-of-security-policies-on-domain-controllers
-
-
+> Once a **Contain user** action is enforced on a domain controller, it starts a GPO update on the Default Domain Controller policy. A change of a GPO starts a sync across the domain controllers in your environment.  This is expected behavior, and if you monitor your environment for AD GPO changes, you may be notified of such changes. Undoing the **Contain user** action reverts the GPO changes to their previous state, which will then start another AD GPO synchronization in your environment. Learn more about [merging of security policies on domain controllers](/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj966251(v=ws.11)#merging-of-security-policies-on-domain-controllers).
 
 ### How to contain a user