Line edits

Author: lootle1

learn-pr/azure-networking/introduction-azure-web-application-firewall/5-knowledge-check.yml

@@ -40,7 +40,7 @@ quiz:
     choices:
     - content: "Your web app includes user accounts and stores sensitive or proprietary data."
       isCorrect: false
-      explanation: "Incorrect. User credentials, sensitive personal information, and proprietary company data are coveted by malicious users, so Azure Web Application Firewall is a good choice for protecting that data."
+      explanation: "Incorrect. User credentials, sensitive personal information, and proprietary company data are coveted by malicious users. Azure Web Application Firewall is a good choice for protecting that data."
     - content: "Your web app is made available to employees, customers, and vendors using a private network connection."
       isCorrect: true
       explanation: "Correct. Private access to the virtual network where the web app resides means that app traffic never goes over the public internet. There is no need to protect the app against common web exploits."

learn-pr/azure-networking/introduction-azure-web-application-firewall/includes/1-introduction.md

@@ -6,7 +6,7 @@ The Contoso IT staff is concerned that their web applications are the target of
 
 Suppose you're a senior Contoso web developer. You're responsible for researching and recommending a way to protect Contoso's web applications. You've been asked to evaluate whether Azure Web Application Firewall can protect your web apps from attacks that use common exploits.
 
-In this module, you learn the basics of Azure Web Application Firewall. Those basics consist of what it is, how it works, and when you should use it. By the end of this module, you'll have the knowledge needed evaluate whether Azure Web Application Firewall can protect Contoso's web apps from common attacks.
+In this module, you learn the basics of Azure Web Application Firewall. Those basics consist of what it is, how it works, and when you should use it. By the end of this module, you'll have the knowledge needed to evaluate whether Azure Web Application Firewall can protect Contoso's web apps from common attacks.
 
 ## Learning objectives
 

learn-pr/azure-networking/introduction-azure-web-application-firewall/includes/2-what-is-azure-web-application-firewall.md

@@ -29,16 +29,15 @@ To help you evaluate Azure Web Application Firewall, here are some of its import
 - **Managed rules**: The rules that Azure Web Application Firewall uses to detect and prevent common exploits are created, maintained, and updated by Microsoft's security team. If a rule changes, or a rule set (refer to the following description) is modified, Microsoft updates Azure Web Application Firewall automatically and seamlessly.
 
     > [!NOTE]
-    > You can't modify or delete the managed rules offered by Azure Web Application Firewall. However, if a particular rule is problematic for your environment (for example, it blocks legitimate traffic to your web app) you can create exclusions or disable the rule, or rule set. You can also create custom rules to overwrite the default behavior.
+    > You can't modify or delete the managed rules offered by Azure Web Application Firewall. However, if a particular rule is problematic for your environment (for example, it blocks legitimate traffic to your web app) you can create exclusions or disable the rule or rule set. You can also create custom rules to overwrite the default behavior.
 
 - **Bot rules**: The bot rules identify good bots and protect from bad bots. Bad bots are detected based on Microsoft Threat Intelligence.
-
 - **Custom rules**: If the managed rules offered by Azure Web Application Firewall don't cover a specific threat to your web application, you can create a custom rule.
-- **Modes**: Azure Web Application Firewall can operate in one of two modes: detection mode only logs requests that violate a rule, while prevention mode both logs and blocks requests that violate a rule.
+- **Modes**: Azure Web Application Firewall can operate in one of two modes. Detection mode only logs requests that violate a rule, while prevention mode both logs and blocks requests that violate a rule.
 - **Exclusion lists**: You can configure Azure Web Application Firewall to ignore specific attributes when it checks requests.
 - **Policies**: You can combine a set of managed rules, custom rules, exclusions, and other Azure Web Application Firewall settings into a single element called an Azure Web Application Firewall policy. You can then apply that policy to multiple web apps for easy management and maintenance.
 - **Request size limits**: You can configure Azure Web Application Firewall to flag requests that are either too small or too large.
-- **Alerts**: Azure Web Application Firewall integrates with Azure Monitor. This integration gives you near-real-time alerts when the WAF detects a threat.
+- **Alerts**: Azure Web Application Firewall integrates with Azure Monitor. This integration gives you near-real-time alerts when the WAF (Web Application Firewall) detects a threat.
 
 ## Common attacks prevented by Azure Web Application Firewall
 

learn-pr/azure-networking/introduction-azure-web-application-firewall/includes/3-how-azure-web-application-firewall-works.md

@@ -15,8 +15,7 @@ Azure Web Application Firewall thwarts known exploits by applying rules to an ap
 
 The rules that Azure Web Application Firewall uses to detect and block common vulnerabilities are mostly managed rules that belong to various rule groups. Each rule group is a collection of rules and a managed rule set is collection of rule groups. Managed rule sets include Microsoft Threat Intelligence based rule groups, CVE (Common Vulnerabilities and Exposures) rule groups, and core rule groups (CRS).
 
-The CRS rules are defined by the Open Web Application Security Project (OWASP).
-Microsoft's team of security experts codes, maintains, and updates managed rules. The rules are modified or added to as needed. When a managed rule changes, Microsoft updates Azure Web Application Firewall automatically and without app downtime.
+The CRS rules are defined by the Open Web Application Security Project (OWASP). Microsoft's team of security experts codes, maintains, and updates managed rules. The rules are modified or added to as needed. When a managed rule changes, Microsoft updates Azure Web Application Firewall automatically and without app downtime.
 
 The following screenshot shows some of the rules and rule groups in Microsoft Default Rule set 2.1 (DRS2.1). This should give you a sense of the depth of protection offered by Azure Web Application Firewall.
 
@@ -35,7 +34,7 @@ The managed rules Azure Web Application Firewall offers might not cover a specif
 - Match type such as geo location, IP address, size, string
 - Match variables such as RequestHeader, QueryString, RequestUri, RequestBody, Cookies, or PostArgs
 - HTTP/HTTPS request methods such as POST or PUT
-- Operators such as **Equal** **Contains**, **Regex**, **Begins with**, **Any**, **Ends with**
+- Operators such as **Equal**, **Contains**, **Regex**, **Begins with**, **Any**, **Ends with**
 - An action such as **Allow**, **Block**, **Log or Redirect**
 
 ## Geo-filtering
@@ -52,7 +51,7 @@ Azure Web Application Firewall custom rules control access to web applications b
 
 The IP restriction custom rule lets you control access to your web applications. It does this by specifying an IP address or an IP address range in Classless Inter-Domain Routing(CIDR) format.
 
-By default, your web application is accessible from the Internet. However sometimes, you want to limit access to clients from a list of known IP address or IP address ranges. You can achieve this by creating an IP matching rule that blocks access to your web app from IP addresses s not listed in the custom rule.
+By default, your web application is accessible from the Internet. However, sometimes you want to limit access to clients from a list of known IP address or IP address ranges. You can achieve this by creating an IP matching rule that blocks access to your web app from IP addresses not listed in the custom rule.
 
 ## Rate limiting
 

learn-pr/azure-networking/introduction-azure-web-application-firewall/includes/4-when-to-use-azure-web-application-firewall.md

@@ -1,13 +1,13 @@
 You know what Azure Web Application Firewall is and how it works. Now you need some criteria to help you evaluate whether Azure Web Application Firewall is a suitable choice for your company. To help you decide, let's consider the following scenarios:
 
-- You have web apps that contain sensitive or proprietary data
-- You have web apps that require users to sign in
-- Your web app developers lack security expertise
-- Your web app developers have other priorities
-- You have web app development budget constraints
-- You have web app development time constraints
-- Your web app must be built and deployed quickly
-- Your web app launch will be high-profile
+- You have web apps that contain sensitive or proprietary data.
+- You have web apps that require users to sign in.
+- Your web app developers lack security expertise.
+- Your web app developers have other priorities.
+- You have web app development budget constraints.
+- You have web app development time constraints.
+- Your web app must be built and deployed quickly.
+- Your web app launch will be high-profile.
 
 As part of your Azure Web Application Firewall evaluation, you know that Contoso fits several of these scenarios. Read the corresponding sections for more details.
 
@@ -59,16 +59,15 @@ Chances are you'd prefer that your web-development team focus on fulfilling thes
 
 ## You have web-app development budget constraints
 
-Coding in-house against all the OWASP exploits is an expensive proposition:
+Coding in-house against all the OWASP exploits is an expensive proposition. Web developers with the necessary security expertise are relatively rare. These developers can command higher salaries than colleagues who lack such expertise.
 
-- Web developers with the necessary security expertise are relatively rare. These developers can command higher salaries than colleagues who lack such expertise.
-- Coding against the full range of web app exploits isn't a one-time-only proposition. As new or modified exploits become known, your team must constantly maintain and update its security code. Your security experts must become permanent members of your web-development team, and permanent line items in your budget.
+Also, coding against the full range of web app exploits isn't a one-time-only proposition. As new or modified exploits become known, your team must constantly maintain and update its security code. Your security experts must become permanent members of your web-development team, and permanent line items in your budget.
 
 Azure Web Application Firewall isn't free. However, you might find that it's a more cost-effective solution than hiring a team of full-time web security experts.
 
 ## You have web-app development time constraints
 
-Many web-development teams code in-house against all the OWASP exploits. However, most of these teams soon realize that creating and maintaining this code is laborious and time-consuming. If you're trying to meet a tight deadline to launch a new web app, the thousands of person-hours required to protect the app against all the OWASP exploits is a major hurdle,
+Many web-development teams code in-house against all the OWASP exploits. However, most of these teams soon realize that creating and maintaining this code is laborious and time-consuming. If you're trying to meet a tight deadline to launch a new web app, the thousands of person-hours required to protect the app against all the OWASP exploits is a major hurdle.
 
 You can configure an Azure Application Gateway instance or Azure Front Door profile with Azure Web Application Firewall in minutes.
 

learn-pr/azure-networking/introduction-azure-web-application-firewall/includes/6-summary.md

@@ -12,6 +12,6 @@ To learn more about Azure Web Application Firewall, refer to the following artic
 
 - [Azure Web Application Firewall](https://azure.microsoft.com/services/web-application-firewall/)
 - [Tutorial: Create an application gateway with a Web Application Firewall using the Azure portal](/azure/web-application-firewall/ag/application-gateway-web-application-firewall-portal)
-- [Tutorial: Create a Web Application Firewall policy on Azure Front Door using the Azure portal](/azure/web-application-firewall/afds/waf-front-door-create-portal)
+- [Tutorial: Create a WAF policy on Azure Front Door using the Azure portal](/azure/web-application-firewall/afds/waf-front-door-create-portal)
 - [Web Application Firewall pricing](https://azure.microsoft.com/pricing/details/web-application-firewall)
-- [Web Application Firewall CRS rule groups and rules](/azure/web-application-firewall/ag/application-gateway-crs-rulegroups-rules?tabs=owasp31)
+- [Web Application Firewall DRS and CRS rule groups and rules](/azure/web-application-firewall/ag/application-gateway-crs-rulegroups-rules?tabs=owasp31)