fix blocking issues

ceperezb · ceperezb · commit b90ca2e633f7 · 2025-05-16T17:08:06.000-04:00
diff --git a/learn-pr/wwl-sci/security-copilot-exercises/includes/2-first-run-experience.md b/learn-pr/wwl-sci/security-copilot-exercises/includes/2-first-run-experience.md
@@ -101,7 +101,7 @@ In the previous task, you provisioned capacity and some initial settings. Now th
         1. Select **Microsoft Security Copilot** from breadcrumb (next to the menu icon).
         1. From the prompt bar, select the **sources icon** ![sources icon](../media/sources-icon.png).
         1. Select **Show 13 more** for the Microsoft plugins.
-        1. Scroll down until to view the Microsoft Purview plugin. Note how the plugin is greyed out. Select the **information icon**.
+        1. Scroll down to view the Microsoft Purview plugin. Note how the plugin is grayed out. Select the **information icon**.
         1. Select the **X** to close the plugins window.
         1. Now repeat the steps to access the plugin settings from the home menu and enable the toggle for Accessing data from Microsoft 365 services.
         1. Return to the landing page and select the sources icon to view the status of the Microsoft Purview plugin.
diff --git a/learn-pr/wwl-sci/security-copilot-exercises/includes/3-explore-standalone-experience.md b/learn-pr/wwl-sci/security-copilot-exercises/includes/3-explore-standalone-experience.md
@@ -100,11 +100,11 @@ In this task, you start your exploration in the home menu.
 
 #### Task: Explore Prompts to try
 
-In this task, you start exploration in the center portion of the on landing page, where it says Prompts to try.
+In this task, you start exploration in the center portion of the landing page, where it says Prompts to try.
 
 1. If you previously closed the browser tab, reopen the simulated environment by selecting this link: **[Microsoft Security Copilot](https://app.highlights.guide/start/7608581a-ee3a-4fe0-be03-309a58b78c60?token=045faae1-1078-4eac-bf56-e12472eddaf9&azure-portal=true)**.
 
-1. Note the options available beneath where it says Prompts to try. Here you can search for prompts or promptbooks, and based on the option you select you can filter for a specific role and/or plugin. Note: in this simulation, you can filter for role or plugin. Filtering for both role and plugin is limited to the SOC Analyst role and the Microsoft Sentinel Plugin. Also, running a prompt or promptbook is not enabled. You will run prompts and promptbooks is subsequent exercises.
+1. Note the options available beneath where it says Prompts to try. Here you can search for prompts or promptbooks, and based on the option you select you can filter for a specific role and/or plugin. In this simulation, you can filter for role or plugin. Filtering for both role and plugin is limited to the SOC Analyst role and the Microsoft Sentinel Plugin. Also, running a prompt or promptbook is not enabled. You will run prompts and promptbooks is subsequent exercises.
 1. Select **Prompts** to view available prompts. Selecting a prompt automatically updates the information displayed in the prompt bar. Select X to cancel. 
 1. Select the title or Get started button on promptbook to view the prompts included in that promptbook. To exit out of that promptbook, select Microsoft Security Copilot from the breadcrumb.
 1. Keep the browser tab open for the next task.
diff --git a/learn-pr/wwl-sci/security-copilot-exercises/includes/5-enable-custom-plugin.md b/learn-pr/wwl-sci/security-copilot-exercises/includes/5-enable-custom-plugin.md
@@ -25,7 +25,7 @@ For this exercise, you are using a sample .yaml file, 'KQL_DefenderExample.yaml.
 
 1. Select the **Download raw file ![download raw file icon](../media/raw-file-download-icon-v2.png)** icon. Save the file on your local computer, as you'll need it later. 
 
-   Alternatively, because this is a simulation, you can create the file named 'KQL_DefenderExample.yaml.' Because this is a simulation, the contents of the file you create doesn't matter. The system capabilities and prompt responses shown in the simulation, however, are based on the actual file.
+   Alternatively, because this is a simulation, you can create the file named 'KQL_DefenderExample.yaml.' Because this is a simulation, the contents of the file you create don't matter. The system capabilities and prompt responses shown in the simulation, however, are based on the actual file.
 
 
 #### Task: Update owner settings for custom plugins
diff --git a/learn-pr/wwl-sci/security-copilot-exercises/includes/8-explore-embedded-defender-xdr.md b/learn-pr/wwl-sci/security-copilot-exercises/includes/8-explore-embedded-defender-xdr.md
@@ -44,7 +44,7 @@ This exercise should take approximately **30** minutes to complete.
 
 1. There's much information on the page, so to get a better view of this alert, select **Open alert page**. It's on the third panel on the alert page, next to the incident graph and below the alert title.
 
-1. On the top of the page, is card for the device **parkcity-win10v**. Select the ellipses and note the options. Select **Summarize**. Copilot generates a **Device summary**. It's worth nothing that there are many ways you can access device summary and this way is just one convenient method. The summary shows the device is a VM, identifies the owner of the device, it shows its compliance status against Intune policies, and more.
+1. On the top of the page, is card for the device **parkcity-win10v**. Select the ellipses and note the options. Select **Summarize**. Copilot generates a **Device summary**. It's worth noting that there are many ways you can access device summary and this way is just one convenient method. The summary shows the device is a VM, identifies the owner of the device, it shows its compliance status against Intune policies, and more.
 
 1. Next to the device card is a card for the owner of the device. Select **parkcity\jonaw**. The third panel on the page updates from showing details of the alert to providing information about the user. In this case, *Jonathan Wolcott*, an account executive, whose Insider risk severity is classified as *High*. These details aren't surprising given what you learned from the Copilot incident and alert summaries. Select **Summarize** to obtain an identity summary generated by Copilot.
 
@@ -73,7 +73,7 @@ This exercise should take approximately **30** minutes to complete.
 1. You're back at the incident page. In the alert summary, Copilot identified the file mimikatz.exe, which is associated with the 'Mimikatz' malware. You can use the file analysis capability in Defender XDR to see what other insights you can get. There are several ways to access files. From the top of the page, select the **Evidence and Response** tab.
 
 1. From the left side of the screen select **Files**.
-1. Select the first item from the list with the entity named **mimkatz.exe**.
+1. Select the first item from the list with the entity named **mimikatz.exe**.
 1. From the window that opens, select **Open file page**.
 1. Select the Copilot icon (if File analysis doesn’t automatically open), and Copilot generates a File analysis.
 1. Review the detailed file analysis that Copilot generates.
