[Area 1] Added tooltips (#11821)

* added glossary data

* added glossary page

* added area1 to other glossarys

* added area1 glossary

* changed yml name

* changed yml name

* added phishing

* added phish tooltip

* added saml tooltip

* added smtp tolltip

* added enter to correct render problems

* added 2fa tooltip

* added siem tooltip

* added disposition tooltip

* added dispositions tooltip

* added layout

* refined def

* Apply suggestions from code review

Co-authored-by: jason-cf <[email protected]>

---------

Co-authored-by: jason-cf <[email protected]>

Author: marciocloudflare

content/email-security/_index.md

@@ -8,7 +8,7 @@ weight: 1
 # Area 1 Email Security
 
 {{<description>}}
-Stop phishing attacks with Area 1 cloud-native email security service.
+Stop {{<glossary-tooltip term_id="phishing">}}phishing{{</glossary-tooltip>}} attacks with Area 1 cloud-native email security service.
 {{</description>}}
 
 {{<plan id="email.email_security.properties.availability.summary">}}
@@ -24,7 +24,7 @@ Area 1 provides two architectures to protect your organization: inline or API se
 {{</feature>}}
 
 {{<feature header="SSO integration" href="/email-security/account-setup/sso/">}}
-In addition to standard logins, Area 1 offers support for SAML based single sign-on (SSO) logins to your dashboard.
+In addition to standard logins, Area 1 offers support for {{<glossary-tooltip term_id="SAML">}}SAML{{</glossary-tooltip>}} based single sign-on (SSO) logins to your dashboard.
 {{</feature>}}
 
 {{<feature header="Business email compromise" href="/email-security/email-configuration/enhanced-detections/business-email-compromise/">}}

content/email-security/_partials/_auto-retraction.md

@@ -6,7 +6,7 @@ _build:
 inputParameters: hardRetract
 ---
 
-You can set up auto-retraction to automatically move messages matching certain dispositions to specific folders within a user's mailbox.
+You can set up auto-retraction to automatically move messages matching certain {{<glossary-tooltip term_id="disposition">}}dispositions{{</glossary-tooltip>}} to specific folders within a user's mailbox.
 
 To set up automatic retraction:
 
@@ -26,7 +26,7 @@ To set up automatic retraction:
 
 ### Post delivery retractions for new threats
 
-Area 1 is continuously gathering new information about phishing campaigns. Users might have email messages in their inboxes that were scanned by Area 1 but not retracted initially because, at the time of scan, these email messages had not been identified as a threat. To mitigate risk, Area 1 offers you tools to re-evaluate email messages at a fixed time interval based on knowledge Cloudflare may have acquired since initial delivery. Any email messages that fit this new threat knowledge will be retracted.
+Area 1 is continuously gathering new information about {{<glossary-tooltip term_id="phishing">}}phishing{{</glossary-tooltip>}} campaigns. Users might have email messages in their inboxes that were scanned by Area 1 but not retracted initially because, at the time of scan, these email messages had not been identified as a threat. To mitigate risk, Area 1 offers you tools to re-evaluate email messages at a fixed time interval based on knowledge Cloudflare may have acquired since initial delivery. Any email messages that fit this new threat knowledge will be retracted.
 
 You can enable two options: 
 

content/email-security/_partials/_email-security-description.md

@@ -5,6 +5,6 @@ _build:
   list: never
 ---
 
-Phishing is the root cause of upwards of 90% of breaches that lead to financial loss and brand damage. Cloudflare Area 1 email security is a cloud-native service that stops phishing attacks across all threat vectors either at the [edge](https://www.cloudflare.com/learning/serverless/glossary/what-is-edge-computing/) or in the cloud.
+{{<glossary-tooltip term_id="phishing">}}Phishing{{</glossary-tooltip>}} is the root cause of upwards of 90% of breaches that lead to financial loss and brand damage. Cloudflare Area 1 email security is a cloud-native service that stops phishing attacks across all threat vectors either at the [edge](https://www.cloudflare.com/learning/serverless/glossary/what-is-edge-computing/) or in the cloud.
 
 With globally distributed sensors and comprehensive attack analytics, Area 1 proactively identifies phishing campaigns, attacker infrastructure, and attack delivery mechanisms during the earliest stages of a phishing attack cycle. Using flexible enforcement platforms, the Area 1 solution allows customers to take preemptive action against targeted phishing, including malware, spoofing attacks, payload-less Business Email Compromise attacks, supply chain phishing, and other advanced threats.

content/email-security/_partials/_o365-use-case-transport-rules.md

@@ -6,7 +6,7 @@ _build:
 inputParameters: ruleName;;ruleWords;;doFollowing;;img;;ruleName2;;ruleWords2;;doFollowing2;;img2
 ---
 
-To create the transport rules that will send emails with certain dispositions to Area 1:
+To create the transport rules that will send emails with certain {{<glossary-tooltip term_id="disposition">}}dispositions{{</glossary-tooltip>}} to Area 1:
 
 1. Open the new [Exchange admin center](https://admin.exchange.microsoft.com/#/homepage).
 2. Go to **Mail flow** > **Rules**.

content/email-security/_partials/_reference-detect-phish.md

@@ -5,7 +5,7 @@ _build:
   list: never
 ---
 
-Area 1 uses a variety of factors to determine whether a given email message, a web domain or URL, or specific network traffic is part of a phishing campaign (marked with a `Malicious` [disposition](/email-security/reference/dispositions-and-attributes/)) or other common campaigns (for example, `Spam`).
+Area 1 uses a variety of factors to determine whether a given email message, a web domain or URL, or specific network traffic is part of a {{<glossary-tooltip term_id="phishing">}}phishing{{</glossary-tooltip>}} campaign (marked with a `Malicious` {{<glossary-tooltip term_id="disposition" link="/email-security/reference/dispositions-and-attributes/">}}disposition{{</glossary-tooltip>}}) or other common campaigns (for example, `Spam`).
 
 These small pattern assessments are dynamic in nature and — in many cases — no single one in and of itself will determine the final verdict. Instead, our automated systems use a combination of factors and non-factors to clearly distinguish between a valid phishing campaign and benign traffic.
 

content/email-security/_partials/_search.md

@@ -5,7 +5,7 @@ _build:
   list: never
 ---
 
-4. **Detections only** is enabled by default. This means that the system will only search through and display emails that Area 1 has marked with a [detection disposition](/email-security/reference/dispositions-and-attributes/). If you prefer to search through and view all emails that have been processed by Area 1, whether they are marked with a detection disposition or not, disable this option.
+4. **Detections only** is enabled by default. This means that the system will only search through and display emails that Area 1 has marked with a detection {{<glossary-tooltip term_id="disposition" link="/email-security/reference/dispositions-and-attributes/">}}disposition{{</glossary-tooltip>}}. If you prefer to search through and view all emails that have been processed by Area 1, whether they are marked with a detection disposition or not, disable this option.
 5. The **All detections** drop-down menu allows you to refine your search by detection disposition. This menu will be disabled if **Detections only** is not selected.
 6. By default, the search results are limited to the previous 30 days. Select **Last 30 days** to change this setting.
 7. (Optional) You can download the results from your search in CSV format. The CSV file is capped at 1,000 rows.

content/email-security/_partials/_setup-inline-overview.md

@@ -7,7 +7,7 @@ _build:
 
 With an **Inline deployment** for your [Area 1 setup](/email-security/deployment/), Area 1 evaluates email messages before they reach a user's inbox.
 
-More technically, Area 1 becomes a hop in the SMTP processing chain and physically interacts with incoming email messages. Based on your policies, various messages are blocked before reaching the inbox.
+More technically, Area 1 becomes a hop in the {{<glossary-tooltip term_id="SMTP">}}SMTP{{</glossary-tooltip>}} processing chain and physically interacts with incoming email messages. Based on your policies, various messages are blocked before reaching the inbox.
 
 ![With inline deployment, messages travel through Area 1's email filter before reaching your users.](/images/email-security/deployment/inline-setup/inline-deployment-diagram.png)
 

content/email-security/_partials/_sso-enforcement.md

@@ -5,6 +5,6 @@ _build:
   list: never
 ---
 
-- **None**: This setting allows each user to choose SSO, or username and password plus 2FA (this is the recommended setting while testing SSO).
+- **None**: This setting allows each user to choose SSO, or username and password plus {{<glossary-tooltip term_id="two-factor authentication (2FA)">}}2FA{{</glossary-tooltip>}} (this is the recommended setting while testing SSO).
 - **Admin**: This setting will force only the administrator account to use SSO. The user that enables this setting will still be able to log in using username and password plus 2FA. This is a backup, so that your organization does not get locked out of the portal in emergencies.
 - **Non-Admin Only**: This option will require that all `Read only` and `Read & Write` users use SSO to access the portal. Admins will still have the option to use either SSO or username and password plus 2FA.

content/email-security/account-setup/escalation-contacts.md

@@ -6,7 +6,7 @@ weight: 2
 
 # Escalation contacts
 
-Whenever Area 1 finds an exceptional phishing threat or Email Service irregularity behavior (compromised email servers at a partner or vendor, wire fraud tactics, and more), we try to reach out to our customers.
+Whenever Area 1 finds an exceptional {{<glossary-tooltip term_id="phishing">}}phishing{{</glossary-tooltip>}} threat or Email Service irregularity behavior (compromised email servers at a partner or vendor, wire fraud tactics, and more), we try to reach out to our customers.
 
 There are four types of contacts available to configure, each with a priority type:
 - **SOC Contact**: P1 priority.

content/email-security/account-setup/manage-account-members.md

@@ -6,7 +6,7 @@ weight: 1
 
 # Manage account members
 
-If your account is a **Super Admin**, you have the ability to add, edit, and delete users and - if those users lose their two-factor authentication (2FA) device - reset their 2FA.
+If your account is a **Super Admin**, you have the ability to add, edit, and delete users and - if those users lose their {{<glossary-tooltip term_id="two-factor authentication (2FA)">}}two-factor authentication (2FA){{</glossary-tooltip>}} device - reset their 2FA.
 
 ## Add user