fix links

Author: v-thepet

articles/application-gateway/application-gateway-faq.yml

@@ -526,7 +526,7 @@ sections:
           | routingRule               | To associate a layer 4 listener with a layer 4 backend setting |
           | backendSettingsCollection | For TLS or TCP based backend settings |
 
-          - [REST API](/rest/api/application-gateway/application-gateways/create-or-update)
+          - [REST API](/rest/api/application-gateway)
           - [CLI](/cli/azure/network/application-gateway?view=azure-cli-latest)
 
           > [!NOTE]

articles/azure-resource-manager/management/lock-resources.md

@@ -96,7 +96,7 @@ Applying locks can lead to unexpected results. Some operations that don't seem t
 
 - A read-only lock on a **subscription** prevents **Azure Advisor** from working correctly. Advisor can't store the results of its queries.
 
-- A read-only lock on an **Application Gateway** prevents you from getting the backend health of the application gateway. That [operation uses a POST method](/rest/api/application-gateway/application-gateways/backend-health), which a read-only lock blocks.
+- A read-only lock on an **Application Gateway** prevents you from getting the backend health of the application gateway. That [operation uses a POST method](/azure/application-gateway/application-gateway-backend-health), which a read-only lock blocks.
 
 - A read-only lock on an Azure Kubernetes Service (AKS) cluster limits how you can access cluster resources through the portal. A read-only lock prevents you from using the AKS cluster's Kubernetes resources section in the Azure portal to choose a cluster resource. These operations require a POST method request for authentication.
 

articles/security/fundamentals/encryption-atrest.md

@@ -40,7 +40,7 @@ Encryption at rest protects stored data (at rest). Attacks against data at rest
 
 Encryption at rest is designed to prevent the attacker from accessing the unencrypted data by ensuring the data is encrypted when on disk. If an attacker obtains a hard drive with encrypted data but not the encryption keys, the attacker must defeat the encryption to read the data. This attack is much more complex and resource consuming than accessing unencrypted data on a hard drive. For this reason, encryption at rest is highly recommended and is a high priority requirement for many organizations.
 
-An organization's need for data governance and compliance efforts might also require encryption at rest. Industry and government regulations such as HIPAA, PCI, and FedRAMP, lay out specific safeguards regarding data protection and encryption requirements. Encryption at rest is a mandatory measure required for compliance with some of those regulations. For more information on Microsoft's approach to FIPS 140 validation, see [Federal Information Processing Standard (FIPS) 140](/azure/compliance/offering-fips-140-3).
+An organization's need for data governance and compliance efforts might also require encryption at rest. Industry and government regulations such as HIPAA, PCI, and FedRAMP, lay out specific safeguards regarding data protection and encryption requirements. Encryption at rest is a mandatory measure required for compliance with some of those regulations. For more information on Microsoft's approach to FIPS 140 validation, see [Federal Information Processing Standard (FIPS) 140](/azure/compliance/offerings/offering-fips-140-2).
 
 In addition to satisfying compliance and regulatory requirements, encryption at rest provides defense-in-depth protection. Microsoft Azure provides a compliant platform for services, applications, and data. It also provides comprehensive facility and physical security, data access control, and auditing. However, it's important to provide additional "overlapping" security measures in case one of the other security measures fails. Encryption at rest provides such a security measure.