changed files by pdets auto publish service, publishid[7e7debfa-ee9e-40c9-9435-c7ab424fb8e6] and do [publish].

wwlpublish · web-flow · commit 26c483250f11 · 2023-04-18T04:52:01.000+08:00
diff --git a/learn-pr/wwl-azure/host-security/includes/11-microsoft-cloud-security-benchmark.md b/learn-pr/wwl-azure/host-security/includes/11-microsoft-cloud-security-benchmark.md
@@ -1,5 +1,5 @@
 
-The **Microsoft cloud security benchmark (MCSB)** provides prescriptive best practices and recommendations to help **improve the security of workloads**, **data**, and **services** on **Azure** and your **multi-cloud environment**. This benchmark focuses on **cloud-centric control areas** with input from a set of **holistic Microsoft** and **industry security guidance** that includes:
+The **Microsoft cloud security benchmark (MCSB)** provides prescriptive best practices and recommendations to help **improve the security of workloads**, **data**, and **services** on **Azure** and your **multicloud environment**. This benchmark focuses on **cloud-centric control areas** with input from a set of **holistic Microsoft** and **industry security guidance** that includes:
 
  -  Cloud Adoption Framework: Guidance on **security**, including **strategy**, **roles** and **responsibilities**, **Azure Top 10 Security Best Practices**, and **reference implementation**.
  -  Azure Well-Architected Framework: Guidance on securing your workloads on Azure.
@@ -8,10 +8,10 @@ The **Microsoft cloud security benchmark (MCSB)** provides prescriptive best pra
 
 ## Microsoft cloud security benchmark features
 
-**Comprehensive multi-cloud security framework**: Organizations often have to build an internal security standard to reconcile security controls across multiple cloud platforms to meet security and compliance requirements on each of them. This often requires security teams to repeat the same implementation, monitoring, and assessment across the different cloud environments (**often for different compliance standards**). This creates unnecessary overhead, cost, and effort. To address this concern, we enhanced the **Azure Security Benchmark (ASB)** to the **Microsoft cloud security benchmark (MCSB)** to help you quickly work with different clouds by:
+**Comprehensive multicloud security framework**: Organizations often have to build an internal security standard to reconcile security controls across multiple cloud platforms to meet security and compliance requirements on each of them. This often requires security teams to repeat the same implementation, monitoring, and assessment across the different cloud environments (**often for different compliance standards**). This creates unnecessary overhead, cost, and effort. To address this concern, we enhanced the **Azure Security Benchmark (ASB)** to the **Microsoft cloud security benchmark (MCSB)** to help you quickly work with different clouds by:
 
  -  Providing a single control framework to easily meet the security controls across clouds
- -  Providing consistent user experience for monitoring and enforcing the multi-cloud security benchmark in Defender for Cloud
+ -  Providing consistent user experience for monitoring and enforcing the multicloud security benchmark in Defender for Cloud
  -  Staying aligned with Industry Standards (e.g., Center for Internet Security, National Institute of Standards and Technology, Payment Card Industry)
 
 :::image type="content" source="../media/mcsb-vs-other-frameworks-7167558f.png" alt-text="Screenshot showing the Microsoft cloud security benchmark versus other Cloud for Internet Security framework.":::
diff --git a/learn-pr/wwl-azure/host-security/includes/13-demonstration.md b/learn-pr/wwl-azure/host-security/includes/13-demonstration.md
@@ -1,5 +1,5 @@
 
-Use these Try-This exercises to get some hands-on experience with Azure.
+Use this Try-This exercises to get some hands-on experience with Azure.
 
 In this demonstration, we'll configure the Bastion service, virtual machine updates, virtual machine extensions, and disk encryption. Optionally, we'll use RDP to connect to a Windows virtual machine and SSH to connect to a Linux machine.
 
diff --git a/learn-pr/wwl-azure/host-security/includes/3-privileged-access-device.md b/learn-pr/wwl-azure/host-security/includes/3-privileged-access-device.md
@@ -1,9 +1,9 @@
 
-This is a relatively new guidance from Microsoft. To ensure the most secure conditions for your company to you need to ensure security from the time of purchase of a new device, to its first usage, and beyond. Zero Trust, means that you don't purchase from generic retailers but only supply hardware from an authorized OEM that support Autopilot.
+To ensure the most secure conditions for your company to you need to ensure security from the time of purchase of a new device, to its first usage, and beyond. Zero Trust, means that you don't purchase from generic retailers but only supply hardware from an authorized OEM that support Autopilot.
 
 For this solution, root of trust will be deployed using Windows Autopilot technology with hardware that meets the modern technical requirements. To secure a workstation, Autopilot lets you leverage Microsoft OEM-optimized Windows 10 devices. These devices come in a known good state from the manufacturer. Instead of reimaging a potentially insecure device, Autopilot can transform a Windows 10 device into a “business-ready” state. It applies settings and policies, installs apps, and even changes the edition of Windows 10.
 
-:::image type="content" source="../media/secure-workstation-deployment-flow-f33ffd59.png" alt-text="Process flow diagram that shows that hardware is most secure, when purchased from a trusted OEM that uses Autopilot to provision the device before delivery, then stong security policies are enforced throughout its usage." lightbox="../media/secure-workstation-deployment-flow-f33ffd59.png":::
+:::image type="content" source="../media/secure-workstation-deployment-flow-f33ffd59.png" alt-text="Process flow diagram that shows that hardware is most secure, when purchased from a trusted OEM that uses Autopilot to provision the device before delivery, then strong security policies are enforced throughout its usage.":::
 
 
 ## Hardware root-of-trust
@@ -36,7 +36,7 @@ This chart shows the level of device security controls based on how the device w
 
 ## Device security controls
 
-A secure workstation requires it be part of an end-to-end approach including device security, account security, and security policies applied to the device at all times. Here are some common security measures you should consider implementing based on the users needs. Using a device with security measures directly aligned to the security needs of it users is the more secure solution.
+A secure workstation requires it be part of an end-to-end approach including device security, account security, and security policies applied to the device at all times. Here are some common security measures you should consider implementing based on the users' needs. Using a device with security measures directly aligned to the security needs of it users is the more secure solution.
 
 | **Security Control**                      | **Enterprise Device** | **Specialized Device**          | **Privileged Device** |
 | ----------------------------------------- | --------------------- | ------------------------------- | --------------------- |

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,5 @@`
`1`	`1`
`2`		`-Use these Try-This exercises to get some hands-on experience with Azure.`
	`2`	`+Use this Try-This exercises to get some hands-on experience with Azure.`
`3`	`3`
`4`	`4`	`In this demonstration, we'll configure the Bastion service, virtual machine updates, virtual machine extensions, and disk encryption. Optionally, we'll use RDP to connect to a Windows virtual machine and SSH to connect to a Linux machine.`
`5`	`5`