Merge pull request #981 from MicrosoftDocs/chrisda

Removed extra asterisk

Author: chrisda

defender-office-365/anti-spam-policies-configure.md

@@ -120,7 +120,7 @@ You can configure anti-spam policies in the Microsoft Defender portal or in Powe
 
      - **Contains specific languages**: Select **On** or **Off** from the dropdown list. If you turn it on, a box appears. Start typing the name of a language in the box. A filtered list of supported languages appears. When you find the language that you're looking for, select it. Repeat this step as many times as necessary. To remove an existing value, select :::image type="icon" source="media/m365-cc-sc-remove-selection-icon.png" border="false"::: next to the value.
 
-     - **From these countries***: Select **On** or **Off** from the dropdown list. If you turn it on, a box appears. Start typing the name of a country/region in the box. A filtered list of supported countries/regions appears. When you find the country/region that you're looking for, select it. Repeat this step as many times as necessary. To remove an existing value, select :::image type="icon" source="media/m365-cc-sc-remove-selection-icon.png" border="false"::: next to the value.
+     - **From these countries**: Select **On** or **Off** from the dropdown list. If you turn it on, a box appears. Start typing the name of a country/region in the box. A filtered list of supported countries/regions appears. When you find the country/region that you're looking for, select it. Repeat this step as many times as necessary. To remove an existing value, select :::image type="icon" source="media/m365-cc-sc-remove-selection-icon.png" border="false"::: next to the value.
 
      When you're finished on the **Bulk email threshold & spam properties** page, select **Next**.
 

defender-office-365/anti-spam-protection-about.md

@@ -121,7 +121,7 @@ For complete information about ASF settings, see [Advanced Spam Filter (ASF) set
 The other settings that are available in this category are:
 
 - **Contains specific languages**: Messages in the specified languages are automatically identified as spam.
-- **From these countries***: Messages from the specified countries are automatically identified as spam.
+- **From these countries**: Messages from the specified countries are automatically identified as spam.
 
 These settings aren't configured in the default anti-spam policy by default, or in the Standard or Strict [preset security policies](preset-security-policies.md).
 

defender-office-365/create-safe-sender-lists-in-office-365.md

@@ -70,7 +70,7 @@ The following example assumes you need email from contoso.com to skip spam filte
 1. **Apply this rule if** (condition): **The sender** \> **domain is** \> contoso.com.
 
 2. Configure either of the following settings:
-   - ***Apply this rule if** (additional condition): **The message headers** \> **includes any of these words**:
+   - **Apply this rule if** (additional condition): **The message headers** \> **includes any of these words**:
      - **Enter text** (header name): `Authentication-Results`
      - **Enter words** (header value): `dmarc=pass` or `dmarc=bestguesspass` (add both values).
 

defender-office-365/detect-and-remediate-illicit-consent-grants.md

@@ -86,7 +86,7 @@ You have the following options to inventory apps for your users:
 
 You can look up the applications to which any individual user has granted permissions by using the Microsoft Entra admin center:
 
-  1. Open the Microsoft Entra admin center at <https://entra.microsoft.com>, and then go to **Identity** \> **Users** \> ***All users**. Or, to go directly to **Users** \> **All users**, use <https://entra.microsoft.com/#view/Microsoft_AAD_UsersAndTenants/UserManagementMenuBlade/~/AllUsers/menuId/>.
+  1. Open the Microsoft Entra admin center at <https://entra.microsoft.com>, and then go to **Identity** \> **Users** \> **All users**. Or, to go directly to **Users** \> **All users**, use <https://entra.microsoft.com/#view/Microsoft_AAD_UsersAndTenants/UserManagementMenuBlade/~/AllUsers/menuId/>.
   2. Find and select the user that you want to review by clicking on the **Display name** value.
   3. On the user details page that opens, select **Applications**.
 
@@ -149,7 +149,7 @@ After you finished inventorying application access, review the **audit log** to
 After you identified the application with illicit permissions, you have several ways to remove that access:
 
 - You can revoke the application's permission in the Microsoft Entra admin center by doing the following steps:
-  1. Open the Microsoft Entra admin center at <https://entra.microsoft.com>, and then go to **Identity** \> **Users** \> ***All users**. Or, to go directly to **Users** \> **All users**, use <https://entra.microsoft.com/#view/Microsoft_AAD_UsersAndTenants/UserManagementMenuBlade/~/AllUsers/menuId/>.
+  1. Open the Microsoft Entra admin center at <https://entra.microsoft.com>, and then go to **Identity** \> **Users** \> **All users**. Or, to go directly to **Users** \> **All users**, use <https://entra.microsoft.com/#view/Microsoft_AAD_UsersAndTenants/UserManagementMenuBlade/~/AllUsers/menuId/>.
   2. Find and select the affected user by clicking on the **Display name** value.
   3. On the user details page that opens, select **Applications**.
   4. On the **Applications** page, select the illicit application by clicking on the **Name** value.

defender-office-365/outbound-spam-restore-restricted-users.md

@@ -123,7 +123,7 @@ The default alert policy named **User restricted from sending email** automatica
 
      - On the **Review your settings** page, select **Submit**, and then select **Done**.
 
-4. Back in the ***User restricted from sending email** flyout, select :::image type="icon" source="media/m365-cc-sc-close-icon.png" border="false"::: at the top of the flyout.
+4. Back in the **User restricted from sending email** flyout, select :::image type="icon" source="media/m365-cc-sc-close-icon.png" border="false"::: at the top of the flyout.
 
 ## Use Exchange Online PowerShell to view and remove users from the Restricted entities page
 

defender-office-365/quarantine-quarantine-notifications.md

@@ -84,7 +84,7 @@ The actions that are available for messages in the quarantine notification depen
 
   Selecting the action opens an informational web page that acknowledges the request to release the message from quarantine (**The message release request has been initiated. The tenant admin will determine if the request should be approved or denied.**). The **Release status** value of the message on the **Email** tab of the **Quarantine** page is **Release requested**.
 
-- **Block Sender**: Available for messages that were quarantined by features using a custom quarantine policy with the ***Block sender** (_PermissionToBlockSender_) permission.
+- **Block Sender**: Available for messages that were quarantined by features using a custom quarantine policy with the **Block sender** (_PermissionToBlockSender_) permission.
 
   This action opens an informational web page to acknowledge that the message was added to the Blocked Senders list in the user's mailbox (for example, **Spam message sender was blocked in quarantine**).
 

defender-office-365/reports-email-security.md

@@ -167,7 +167,7 @@ On the **Type** tab, select **Choose a category for more details** to see more i
 - **Malware in email**: This selection takes you to [View data by Email \> Malware and Chart breakdown by Detection Technology](#view-data-by-email--malware-and-chart-breakdown-by-detection-technology) in the Threat protection status report.
 - **Spam detections**: This selection takes you to [View data by Email \> Spam and Chart breakdown by Detection Technology](#view-data-by-email--spam-and-chart-breakdown-by-detection-technology) in the Threat protection status report.
 
-On the ***Type** tab, the :::image type="icon" source="media/m365-cc-sc-create-icon.png" border="false"::: **[Create schedule](#schedule-recurring-reports)** and :::image type="icon" source="media/m365-cc-sc-download-icon.png" border="false"::: **[Export](#export-report-data)** actions are available.
+On the **Type** tab, the :::image type="icon" source="media/m365-cc-sc-create-icon.png" border="false"::: **[Create schedule](#schedule-recurring-reports)** and :::image type="icon" source="media/m365-cc-sc-download-icon.png" border="false"::: **[Export](#export-report-data)** actions are available.
 
 ### Direction view for the Mailflow status report
 

defender-office-365/submissions-user-reported-messages-custom-mailbox.md

@@ -369,7 +369,7 @@ This example creates the report submission policy with the default settings:
 Other settings:
 
 - **Outlook** section \> **Select an Outlook report button configuration** section:
-  - ***When the user reports an email** section:
+  - **When the user reports an email** section:
     - **Ask the user to confirm before reporting**:
       - When you go to the **User reported settings** page in the Defender portal for the first time (which creates the report submission policy), this setting is not selected (equivalent to `-PreSubmitMessageEnabled -$false`).
       - When you use PowerShell to create the policy, the default value is `-PreSubmitMessageEnabled $true`.
@@ -565,7 +565,7 @@ For detailed syntax and parameter information, see [Set-ReportSubmissionPolicy](
 
 The following examples show how to change the user reporting experience without concern for the existing settings or values:
 
-- Turn on reporting in Outlook if necessary, select **Use the built-in Report button in Outlook**, and change **Send reported messages to** to **Microsoft and my reporting mailbox*** with [email protected] as the reporting mailbox:
+- Turn on reporting in Outlook if necessary, select **Use the built-in Report button in Outlook**, and change **Send reported messages to** to **Microsoft and my reporting mailbox** with `[email protected]` as the reporting mailbox:
 
   ```powershell
   $usersub = "[email protected]"

defender-office-365/threat-explorer-real-time-detections-about.md

@@ -1495,7 +1495,7 @@ Multiple conditions use the following syntax:
 \<Condition1> \<AND | OR\> \<Condition2>  \<AND | OR\> \<Condition3>... \<AND | OR\> \<ConditionN>
 
 > [!TIP]
-> Wildcard searches (**\*** or **?**) aren't supported in text or integer values. The **Subject** property uses partial text matching, and yields results similar to a wildcard search.
+> Wildcard searches (**\** or **?**) aren't supported in text or integer values. The **Subject** property uses partial text matching, and yields results similar to a wildcard search.
 
 The steps to create property filter/query conditions are the same in all views in Threat Explorer and Real-time detections:
 

defender-office-365/trial-user-guide-defender-for-office-365.md

@@ -246,7 +246,7 @@ Equip your users with the right knowledge to identify threats and report suspici
 ## Additional resources
 
 - **Interactive guide**: Unfamiliar with Defender for Office 365? Review the [interactive guide](https://mslearn.cloudguides.com/guides/Safeguard%20your%20organization%20with%20Microsoft%20Defender%20for%20Office%20365) to understand how to get started.
-- **Fast Track Get Started Guide***: [Microsoft Defender for Office 365](https://go.microsoft.com/fwlink/p/?linkid=2197415)
+- **Fast Track Get Started Guide**: [Microsoft Defender for Office 365](https://go.microsoft.com/fwlink/p/?linkid=2197415)
 - **Microsoft Defender for Office 365 documentation**: Get detailed information on how Defender for Office 365 works and how to best implement it for your organization. Visit the [Microsoft Defender for Office 365 documentation](mdo-about.md).
 - **What's included**: For a full list of Office 365 email security features listed by product tier, view the [Feature Matrix](/office365/servicedescriptions/office-365-advanced-threat-protection-service-description#feature-availability).
 - **Why Defender for Office 365**: The [Defender for Office 365 Datasheet](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE4FCiy) shows the top 10 reasons customers choose Microsoft.