fix broken links

Author: aevesdocker

desktop/hardened-desktop/enhanced-container-isolation/faq.md

@@ -28,7 +28,7 @@ Yes, you can use the `--privileged` flag in containers but unlike privileged
 containers without Enhanced Container Isolation, the container can only use it's elevated privileges to
 access resources assigned to the container. It can't access global kernel
 resources in the Docker Desktop Linux VM. This allows you to run privileged
-containers securely. For more information, so [How it works](how-eci-works.md#privileged-containers-are-also-secured).
+containers securely. For more information, see [Key features and benefits](features-benefits.md#privileged-containers-are-also-secured).
 
 #### Will all privileged container workloads run with Enhanced Container Isolation?
 
@@ -78,7 +78,7 @@ administrative configurations for Docker Desktop, for example.
 
 #### How is ECI different from Docker Engine's userns-remap mode?
 
-See [How does it work](how-eci-works.md#enhanced-container-isolation-vs-docker-userns--remap-mode).
+See [How does it work](how-eci-works.md#enhanced-container-isolation-vs-docker-userns-remap-mode).
 
 #### How is ECI different from Rootless Docker?
 

desktop/hardened-desktop/enhanced-container-isolation/how-eci-works.md

@@ -11,7 +11,7 @@ keywords: set up, enhanced container isolation, rootless, security
 Enhanced Container Isolation hardens container isolation using the [Sysbox
 container runtime](https://github.com/nestybox/sysbox). Sysbox is a fork of the
 standard OCI runc runtime that was modified to enhance container isolation and
-workloads. For more details see [Under the covers](under-the-covers).
+workloads. For more details see [Under the covers](#under-the-hood).
 
 Starting with version 4.13, Docker Desktop includes a customized version of
 Sysbox.
@@ -68,7 +68,7 @@ container isolation by leveraging the Linux user-namespace.
 
 However, Enhanced Container Isolation is much more advanced since it assigns
 exclusive user-namespace mappings per container automatically and add several
-other [container isolation features](#under-the-covers) meant to secure Docker
+other [container isolation features](#under-the-hood) meant to secure Docker
 Desktop in organizations with stringent security requirements.
 
 ### Enhanced Container Isolation vs Rootless Docker

desktop/hardened-desktop/settings-management/configure.md

@@ -106,7 +106,7 @@ The following `admin-settings.json` code and table provides an example of the re
 | `configurationFileVersion`        |   |Specifies the version of the configuration file format.    |
 | `exposeDockerAPIOnTCP2375` | <span class="badge badge-info">Windows only</span>| Exposes the Docker API on a specified port. If `value` is set to true, the Docker API is exposed on port 2375. Note: This is unauthenticated and should only be enabled if protected by suitable firewall rules.| 
 | `proxy` |   |If `mode` is set to `system` instead of `manual`, Docker Desktop gets the proxy values from the system and ignores and values set for `http`, `https` and `exclude`. Change `mode` to `manual` to manually configure proxy servers. If the proxy port is custom, specify it in the `http` or `https` property, for example `"https": "http://myotherproxy.com:4321"`. The `exclude` property specifies a comma-separated list of hosts and domains to bypass the proxy. |
-| `enhancedContainerIsolation`  |  | If `value` is set to true, Docker Desktop runs all containers as unprivileged, via the Linux user-namespace, prevents them from modifying sensitive configurations inside the Docker Desktop VM, and uses other advanced techniques to isolate them. For more information, see [Enhanced Container Isolation](../enhanced-container-isolation/index.md). Note: Enhanced Container Isolation is currently [incompatible with WSL](../enhanced-container-isolation/faq.md#incompatibility-with-wsl). | 
+| `enhancedContainerIsolation`  |  | If `value` is set to true, Docker Desktop runs all containers as unprivileged, via the Linux user-namespace, prevents them from modifying sensitive configurations inside the Docker Desktop VM, and uses other advanced techniques to isolate them. For more information, see [Enhanced Container Isolation](../enhanced-container-isolation/index.md). Note: Enhanced Container Isolation is currently [incompatible with WSL](../enhanced-container-isolation/faq.md#incompatibility-with-windows-subsystem-for-linux-wsl). | 
 | `linuxVM` |   |Parameters and settings related to Linux VM options - grouped together here for convenience. |
 | &nbsp; &nbsp; &nbsp; &nbsp;`wslEngineEnabled`  | <span class="badge badge-info">Windows only</span> | If `value` is set to true, Docker Desktop uses the WSL 2 based engine. This overrides anything that may have been set at installation using the `--backend=<backend name>` flag. It is also incompatible with Enhanced Container Isolation. See [Known issues](../enhanced-container-isolation/faq.md) for more information.| 
 | &nbsp;&nbsp; &nbsp; &nbsp;`dockerDaemonOptions`|  |If `value` is set to true, it overrides the options in the Docker Engine config file. See the [Docker Engine reference](/engine/reference/commandline/dockerd/#daemon-configuration-file). Note that for added security, a few of the config attributes may be overridden when Enhanced Container Isolation is enabled. |