Merge pull request #104598 from memildin/asc-melvyn-vmva

PRMerger17 · web-flow · commit 584feeae62e8 · 2020-02-17T01:44:12.000-08:00
Addition to FAQ
diff --git a/articles/security-center/built-in-vulnerability-assessment.md b/articles/security-center/built-in-vulnerability-assessment.md
@@ -51,9 +51,6 @@ To deploy the vulnerability scanner extension:
     
     Scanning begins automatically as soon as the extension is successfully deployed.
 
-    > [!TIP]
-    > For a list of your VMs that already have the Azure Security Center Vulnerability Assessment extension (powered by Qualys) deployed, select the "Healthy Resources" tab. 
-
 ## Viewing and remediating discovered vulnerabilities
 
 When Security Center identifies vulnerabilities, it presents findings and related information (remediation steps, related CVEs, CVSS scores, and more) as recommendations. You can view the identified vulnerabilities for one or more subscriptions, or for a specific virtual machine.
@@ -138,6 +135,12 @@ Some updates to the vulnerability scanner extension may require manual deploymen
     
     1. When the VM's status is "Running", deploy the extension as described above in [Deploying the Qualys built-in vulnerability scanner](#deploying-the-qualys-built-in-vulnerability-scanner-standard-tier-only).
 
+### Why does my VM show as "not applicable" in the recommendation?
+When you open the recommendation, you'll see your VMs in one or more of the following groups:
+
+- **Healthy resources** – the vulnerability scanner extension has been deployed to these VMs.
+- **Unhealthy resources** – the vulnerability scanner extension can be deployed to these VMs. 
+- **Not applicable resources** – These VMs can’t have the vulnerability scanner extension deployed. Your VM might be in this tab because it's on the free pricing tier, or it's not running one of the supported OSes (RHEL 6.7/7.6, Ubuntu 14.04/18.04, Centos 6.10/7/7.6, Oracle Linux 6.8/7.6, SUSE 12/15, and Debian 7/8). The scanner is running on your virtual machine and looking for vulnerabilities of the VM itself. From the virtual machine, it cannot scan your network.
 
 ### What is scanned by the built-in vulnerability scanner?
 The scanner is running on your virtual machine and looking for vulnerabilities of the VM itself. From the virtual machine, it cannot scan your network.
