changed files by pdets auto publish service, publishid[71b3fbe8-da97-4c6f-a673-9da992a45d2f] and do [publish].

wwlpublish · web-flow · commit 978949097cb9 · 2025-06-18T14:23:39.000+08:00
diff --git a/learn-pr/wwl-azure/harden-windows-server/7-knowledge-check.yml b/learn-pr/wwl-azure/harden-windows-server/7-knowledge-check.yml
@@ -34,7 +34,7 @@ quiz:
       explanation: "Incorrect. You should enable BitLocker on a PAW but using an Enterprise Root Certificate Authority with Encrypting File System doesn't increase the PAWs' security."
     - content: "Enable Windows Defender Credential Guard."
       isCorrect: true
-      explanation: "Correct. Windows Defender Credential Guard prevents malware from harvesting stored credentialsYou should block domain controllers from connecting to hosts on the internet, including those in Azure unless there is a specific reason to allow this communication.."
+      explanation: "Correct. Windows Defender Credential Guard prevents malware from harvesting stored credentials. You should block domain controllers from connecting to hosts on the internet, including those in Azure unless there is a specific reason to allow this communication."
     - content: "Ensure that all domain users can sign in to the PAW."
       isCorrect: false
       explanation: "Incorrect. Only users who need to perform administrative tasks should be able to sign into the PAW."
diff --git a/learn-pr/wwl-azure/harden-windows-server/includes/2-describe-local-administrator-password-solution.md b/learn-pr/wwl-azure/harden-windows-server/includes/2-describe-local-administrator-password-solution.md
@@ -1,6 +1,6 @@
 Each computer that is member of a domain keeps a local Administrator account. This is the account that you configure when you first deploy the computer manually. The local Administrator account allows IT staff to sign in to the computer if they cannot establish connectivity to the domain.
 
-Managing local Administrator passwords across an organization is complex. In a 5,000-device environment, that means 5,000 unique accounts. To simplify, many organizations use a single shared password—but this often gets discovered by non-IT staff, leading to unauthorized admin access.
+Managing local Administrator passwords across an organization is complex. In a 5,000-device environment that means 5,000 unique accounts. To simplify, many organizations use a single shared password—but this often gets discovered by non-IT staff, leading to unauthorized admin access.
 
 ## What is Windows LAPS?
 
@@ -49,7 +49,7 @@ The Windows LAPS runs a built-in background task (by default, every hour) to eva
 
 1. A new random password is generated based on policy settings.
 1. The password and its expiration timestamp are securely backed up to either:
-    - Active Directory (on-prem), or
+    - Active Directory (on-premises), or
     - Microsoft Entra ID (cloud), depending on configuration.
 1. The expiration timestamp is stored locally and used to determine when the next rotation is needed.
 
