Apply suggestions from code review

v-regandowner · duongau · web-flow · commit 33f2aa464541 · 2026-04-15T11:40:22.000-04:00
Co-authored-by: Duong Au &lt;28365324+duongau@users.noreply.github.com&gt;
diff --git a/articles/firewall/firewall-faq.yml b/articles/firewall/firewall-faq.yml
@@ -333,9 +333,9 @@ sections:
           TCP ping is a unique use case where if there's no allowed rule, the Firewall itself responds to the client's TCP ping request even though the TCP ping doesn't reach the target IP address/FQDN. In this case, the event isn't logged. If there's a network rule that allows access to the target IP address/FQDN, then the ping request reaches the target server and its response is relayed back to the client. This event is logged in the Network rules log.
 
 
-      - question: Why the TCP ping and similar tools successfully connect to a target FQDN/IP address on ports 80, 443, and 1433 but are not observed in the logs of the Azure Firewall?
+      - question: Why do TCP ping and similar tools successfully connect to a target FQDN/IP address on ports 80, 443, and 1433 but aren't observed in the Azure Firewall logs?
         answer: |
-          The Azure Firewall acts as a passive listener for the ports 80, 443, and 1433. The TCP SYN packets on these ports are not logged unless there is application traffic. The HTTP GET request and TLS client hello will be logged in Azure Firewall.
+          Azure Firewall acts as a passive listener for ports 80, 443, and 1433. Azure Firewall doesn't log TCP SYN packets on these ports unless there's application traffic. The HTTP GET request and TLS client hello are logged in Azure Firewall.
 
       - question: Are there limits for the number of IP addresses supported by IP Groups?
         answer: |
