tweaking edit

Author: Brenduns

memdocs/intune/protect/endpoint-security-policy.md

@@ -30,11 +30,13 @@ ms.reviewer: mattcall
 
 # Manage device security with endpoint security policies in Microsoft Intune
 
-Use Intune endpoint security policies to manage security settings on devices. Each endpoint security policy supports one or more profiles. These profiles are similar in concept to a device configuration policy template, a logical group of related settings. 
+Use Intune endpoint security policies to manage security settings on devices. Each endpoint security policy supports one or more profiles. These profiles are similar in concept to a device configuration policy template, a logical group of related settings.
 
-As a security admin concerned with device security, you can use these security-focused profiles to avoid the overhead of device configuration profiles or security baselines. Where device configuration profiles and baselines include a large body of diverse settings outside the scope of securing endpoints, each endpoint security profile focuses on a specific subset of device settings intended to configure one aspect of device security.
+As a security admin concerned with device security, you can use these security-focused profiles to avoid the overhead of device configuration profiles or security baselines. Device configuration profiles and baselines include a large body of diverse settings outside the scope of securing endpoints. In contrast, each endpoint security profile focuses on a specific subset of device settings intended to configure one aspect of device security.
 
-When using endpoint security policies along side other policy types like security baselines or endpoint protection templates from device configuration policies, it’s important to develop a plan for using multiple policy types to minimize the risk of settings conflict. This is because security baselines, device configuration policies, and endpoint security policies are all treated as equal sources of device configuration settings. A settings conflict occurs when a device receives two different configurations for a setting from multiple sources. Multiple sources can include separate policy types and multiple instances of the same policy. When Intune evaluates policy for a device and identifies conflicting configurations, that policy and setting can be flagged for an error or conflict and fail to apply. Each type of configuration policy supports identifying and resolving conflicts should they arise:
+When using endpoint security policies along side other policy types like security baselines or endpoint protection templates from device configuration policies, it’s important to develop a plan for using multiple policy types to minimize the risk of conflicting settings. Security baselines, device configuration policies, and endpoint security policies are all treated as equal sources of device configuration settings by Intune. A settings conflict occurs when a device receives two different configurations for a setting from multiple sources. Multiple sources can include separate policy types and multiple instances of the same policy.
+
+When Intune evaluates policy for a device and identifies conflicting configurations for a setting, the setting that's involved can be flagged for an error or conflict and fail to apply. Each type of configuration policy supports identifying and resolving conflicts should they arise:
 
 - [Device configuration profiles](../configuration/device-profile-monitor.md#view-conflicts)
 - [Endpoint security profiles](#manage-conflicts)