Line edits2

Author: lootle1

learn-pr/azure-networking/introduction-azure-web-application-firewall/5-knowledge-check.yml

@@ -40,10 +40,10 @@ quiz:
     choices:
     - content: "Your web app includes user accounts and stores sensitive or proprietary data."
       isCorrect: false
-      explanation: "Incorrect. User credentials, sensitive personal information, and proprietary company data are coveted by malicious users. Azure Web Application Firewall is a good choice for protecting that data."
+      explanation: "Incorrect. Malicious users covet user credentials, sensitive personal information, and proprietary company data. Azure Web Application Firewall is a good choice for protecting that data."
     - content: "Your web app is made available to employees, customers, and vendors using a private network connection."
       isCorrect: true
-      explanation: "Correct. Private access to the virtual network where the web app resides means that app traffic never goes over the public internet. There is no need to protect the app against common web exploits."
+      explanation: "Correct. Private access to the virtual network where the web app resides means that app traffic never goes over the public internet. There's no need to protect the app against common web exploits."
     - content: "Your web app development team lacks security expertise, time, and money."
       isCorrect: false
       explanation: "Incorrect. A lack of expertise, time, and money can prevent your team from covering all possible exploits, which can leave your app vulnerable. Azure Web Application Firewall protects against all OWASP exploits and can be deployed quickly and cost-effectively."

learn-pr/azure-networking/introduction-azure-web-application-firewall/includes/1-introduction.md

@@ -1,4 +1,4 @@
-Azure Web Application Firewall is an Azure service that protects web applications from common attacks such as SQL injection and cross-site scripting. The protection extends beyond OWASP (Open Worldwide Application Security Project) top 10 attacks.  It can also detect malicious bot attacks, API attacks, and application layer DDoS attacks.
+Azure Web Application Firewall is an Azure service that protects web applications from common attacks such as SQL injection and cross-site scripting. The protection extends beyond OWASP (Open Worldwide Application Security Project) top 10 attacks. It can also detect malicious bot attacks, API attacks, and application layer DDoS attacks.
 
 Suppose you work for Contoso, Ltd., a financial-services company in Seattle with major offices located throughout the world. Contoso's compute environment runs as Azure virtual network resources. These resources include several existing and planned web applications that serve customers, vendors, and employees.
 

learn-pr/azure-networking/introduction-azure-web-application-firewall/includes/2-what-is-azure-web-application-firewall.md

@@ -26,7 +26,7 @@ You can deploy Azure Web Application Firewall in minutes. Your web apps immediat
 
 To help you evaluate Azure Web Application Firewall, here are some of its important features:
 
-- **Managed rules**: The rules that Azure Web Application Firewall uses to detect and prevent common exploits are created, maintained, and updated by Microsoft's security team. If a rule changes, or a rule set (refer to the following description) is modified, Microsoft updates Azure Web Application Firewall automatically and seamlessly.
+- **Managed rules**: Microsoft's security team creates, maintains, and updates the rules that Azure Web Application Firewall uses to detect and prevent common exploits. If a rule changes, or a rule set (refer to the following description) is modified, Microsoft updates Azure Web Application Firewall automatically and seamlessly.
 
     > [!NOTE]
     > You can't modify or delete the managed rules offered by Azure Web Application Firewall. However, if a particular rule is problematic for your environment (for example, it blocks legitimate traffic to your web app) you can create exclusions or disable the rule or rule set. You can also create custom rules to overwrite the default behavior.

learn-pr/azure-networking/introduction-azure-web-application-firewall/includes/3-how-azure-web-application-firewall-works.md

@@ -15,7 +15,7 @@ Azure Web Application Firewall thwarts known exploits by applying rules to an ap
 
 The rules that Azure Web Application Firewall uses to detect and block common vulnerabilities are mostly managed rules that belong to various rule groups. Each rule group is a collection of rules and a managed rule set is collection of rule groups. Managed rule sets include Microsoft Threat Intelligence based rule groups, CVE (Common Vulnerabilities and Exposures) rule groups, and core rule groups (CRS).
 
-The CRS rules are defined by the Open Web Application Security Project (OWASP). Microsoft's team of security experts codes, maintains, and updates managed rules. The rules are modified or added to as needed. When a managed rule changes, Microsoft updates Azure Web Application Firewall automatically and without app downtime.
+Open Web Application Security Project (OWASP) defines the CRS rules. Microsoft's team of security experts codes, maintains, and updates managed rules. The rules are modified or added to as needed. When a managed rule changes, Microsoft updates Azure Web Application Firewall automatically and without app downtime.
 
 The following screenshot shows some of the rules and rule groups in Microsoft Default Rule set 2.1 (DRS2.1). This should give you a sense of the depth of protection offered by Azure Web Application Firewall.
 
@@ -57,7 +57,7 @@ By default, your web application is accessible from the Internet. However, somet
 
 Azure Web Application Firewall custom rules support rate limiting to control access based on matching conditions and the rates of incoming requests.
 
-This custom rule enables you to detect abnormally high levels of traffic and block some types of application layer denial of service attacks. Rate limiting also protects you against clients that have accidentally been misconfigured to send large volumes of requests in a short time period. The custom rule is defined by the rate limit counting duration (either one minute or five-minute intervals) and the rate limit threshold (the maximum number of requests allowed in the rate limit duration).
+This custom rule enables you to detect abnormally high levels of traffic and block some types of application layer denial of service attacks. Rate limiting also protects you against clients that have accidentally been misconfigured to send large volumes of requests in a short time period. Rate limit counting duration (either one minute or five-minute intervals) defines the custom rule and the rate limit threshold (the maximum number of requests allowed in the rate limit duration).
 
 ## Detection mode vs prevention mode
 
@@ -75,7 +75,7 @@ Once the app is ready to be deployed, you switch to prevention mode.
 
 ## Using Microsoft Sentinel with Azure WAF
 
-Azure WAF combined with Microsoft Sentinel can provide security information event management for WAF resources.  Using Microsoft Sentinel, you can access the WAF data connector to Sentinel using Log Analytics.  The WAF workbooks show analytics for WAF on Azure Front Door and WAF on Application Gateway. The WAF analytic rules detect SQLi and XSS attacks from AFD and Application Gateway logs. The WAF Notebook allows investigation of SQL injection incidents on Azure Front Door.
+Azure WAF combined with Microsoft Sentinel can provide security information event management for WAF resources. Using Microsoft Sentinel, you can access the WAF data connector to Sentinel using Log Analytics. The WAF workbooks show analytics for WAF on Azure Front Door and WAF on Application Gateway. The WAF analytic rules detect SQL and XSS attacks from AFD and Application Gateway logs. The WAF Notebook allows investigation of SQL injection incidents on Azure Front Door.
 
 :::image type="content" source="../media/3-waf-sentinel-1.png" alt-text="Screenshot showing Sentinel WAF settings.":::
 

learn-pr/azure-networking/introduction-azure-web-application-firewall/includes/4-when-to-use-azure-web-application-firewall.md

@@ -13,7 +13,7 @@ As part of your Azure Web Application Firewall evaluation, you know that Contoso
 
 ## You have web apps that contain sensitive or proprietary data
 
-Some web attackers are motivated only by the challenge of breaking into a system. However, most malicious hackers use injection, protocol attacks, and similar exploits with payoff in mind. That payoff might be any of the following items:
+The challenge of breaking into a system is some web attackers only motivation. However, most malicious hackers use injection, protocol attacks, and similar exploits with payoff in mind. That payoff might be any of the following items:
 
 - Customer credit card numbers
 - Sensitive personal information, such as driver's license numbers or passport numbers
@@ -49,7 +49,7 @@ Coding against the full range of potential web app exploits requires significant
 - Front-end web technologies, such as HTML, CSS, and JavaScript
 - Server-side web technologies, such as SQL, PHP, and user sessions
 
-What if your company's web-development team lacks knowledge in one or more of these concepts? In that case, your web apps are vulnerable to multiple exploits. By contrast, Azure Web Application Firewall is maintained and updated by a team of Microsoft security experts.
+What if your company's web-development team lacks knowledge in one or more of these concepts? In that case, your web apps are vulnerable to multiple exploits. By contrast, a team of Microsoft security experts maintain and update Azure Web Application Firewall.
 
 ## Your web-app developers have other priorities