Merge branch 'master' of https://github.com/MicrosoftDocs/azure-docs-pr into asc-melvyn-containerwork

Author: memildin

articles/firewall/firewall-faq.md

@@ -5,7 +5,7 @@ services: firewall
 author: vhorne
 ms.service: firewall
 ms.topic: conceptual
-ms.date: 03/25/2020
+ms.date: 03/31/2020
 ms.author: victorh
 ---
 
@@ -203,4 +203,8 @@ $fw.ThreatIntelWhitelist.FQDNs = @("fqdn1", "fqdn2", …)
 $fw.ThreatIntelWhitelist.IpAddress = @("ip1", "ip2", …)
 
 Set-AzFirewall -AzureFirewall $fw
-```
+```
+
+## Why can a TCP ping and similar tools successfully connect to a target FQDN even when no rule on Azure Firewall allows that traffic?
+
+A TCP ping is not actually connecting  to the target FQDN. This happens because Azure Firewall's transparent proxy listens on port 80/443 for outbound traffic. The TCP ping establishes a connection with the firewall, which then drops the packet and logs the connection. This behavior doesn't have any security impact. However, to avoid confusion we're investigating potential changes to this behavior. 

articles/machine-learning/how-to-machine-learning-interpretability-automl.md

@@ -9,7 +9,7 @@ ms.topic: conceptual
 ms.author: mesameki
 author: mesameki
 ms.reviewer: trbye
-ms.date: 10/25/2019
+ms.date: 03/11/2020
 ---
 
 # Model interpretability in automated machine learning

articles/security-center/faq-azure-monitor-logs.md

@@ -1,6 +1,6 @@
 ---
-title: Azure Security Center FAQ - questions about existing MMAs
-description: This FAQ answers questions for customers already using the Microsoft Monitoring Agent and considering Azure Security Center, a product that helps you prevent, detect, and respond to threats.
+title: Azure Security Center FAQ - questions about existing Log Analytics agents
+description: This FAQ answers questions for customers already using the Log Analytics agent and considering Azure Security Center, a product that helps you prevent, detect, and respond to threats.
 services: security-center
 documentationcenter: na
 author: memildin
@@ -20,12 +20,12 @@ ms.author: memildin
 
 ## Does Security Center override any existing connections between VMs and workspaces?
 
-If a VM already has the Microsoft Monitoring Agent installed as an Azure extension, Security Center does not override the existing workspace connection. Instead, Security Center uses the existing workspace. The VM will be protected provided that the "Security" or "SecurityCenterFree" solution has been installed on the workspace to which it is reporting. 
+If a VM already has the Log Analytics agent installed as an Azure extension, Security Center does not override the existing workspace connection. Instead, Security Center uses the existing workspace. The VM will be protected provided that the "Security" or "SecurityCenterFree" solution has been installed on the workspace to which it is reporting. 
 
 A Security Center solution is installed on the workspace selected in the Data Collection screen if not present already, and the solution is applied only to the relevant VMs. When you add a solution, it's automatically deployed by default to all Windows and Linux agents connected to your Log Analytics workspace. [Solution Targeting](../operations-management-suite/operations-management-suite-solution-targeting.md) allows you to apply a scope to your solutions.
 
 > [!TIP]
-> If the Microsoft Monitoring Agent is installed directly on the VM (not as an Azure extension), Security Center does not install the Microsoft Monitoring Agent, and security monitoring is limited.
+> If the Log Analytics agent is installed directly on the VM (not as an Azure extension), Security Center does not install the Log Analytics agent, and security monitoring is limited.
 
 ## Does Security Center install solutions on my existing Log Analytics workspaces? What are the billing implications?
 When Security Center identifies that a VM is already connected to a workspace you created, Security Center enables solutions on this workspace according to your pricing tier. The solutions are applied only to the relevant Azure VMs, via [solution targeting](../operations-management-suite/operations-management-suite-solution-targeting.md), so the billing remains the same.
@@ -36,9 +36,9 @@ When Security Center identifies that a VM is already connected to a workspace yo
    ![Solutions on default workspace](./media/security-center-platform-migration-faq/solutions.png)
 
 ## I already have workspaces in my environment, can I use them to collect security data?
-If a VM already has the Microsoft Monitoring Agent installed as an Azure extension, Security Center uses the existing connected workspace. A Security Center solution is installed on the workspace if not present already, and the solution is applied only to the relevant VMs via [solution targeting](../operations-management-suite/operations-management-suite-solution-targeting.md).
+If a VM already has the Log Analytics agent installed as an Azure extension, Security Center uses the existing connected workspace. A Security Center solution is installed on the workspace if not present already, and the solution is applied only to the relevant VMs via [solution targeting](../operations-management-suite/operations-management-suite-solution-targeting.md).
 
-When Security Center installs the Microsoft Monitoring Agent on VMs, it uses the default workspace(s) created by Security Center.
+When Security Center installs the Log Analytics agent on VMs, it uses the default workspace(s) created by Security Center.
 
 ## I already have security solution on my workspaces. What are the billing implications?
 The Security & Audit solution is used to enable Security Center standard tier features for Azure VMs. If the Security & Audit solution is already installed on a workspace, Security Center uses the existing solution. There is no change in billing.