Revisions

Author: msmbaldwin

articles/azure-resource-manager/azure-resource-manager-security-attributes.md

@@ -22,7 +22,7 @@ Security is integrated into every aspect of an Azure service. This article docum
 |---|---|--|
 | Encryption at rest:<ul><li>Server-side encryption</li><li>Server-side encryption with customer-managed keys</li><li>Other encryption features (such as client-side, always encrypted, etc.)</ul>| Yes |  |
 | Encryption in transit:<ul><li>Express route encryption</li><li>In Vnet encryption</li><li>VNet-VNet encryption</ul>| Yes | HTTPS/SSL. |
-| Encryption key handling (CMK, BYOK, etc.)| N/A |  |
+| Encryption key handling (CMK, BYOK, etc.)| N/A | ARM stores no customer content, only control data. |
 | Column level encryption (Azure Data Services)| Yes | |
 | API calls encrypted| Yes | |
 
@@ -53,7 +53,7 @@ Security is integrated into every aspect of an Azure service. This article docum
 
 | Security Attribute | Yes/No | Notes|
 |---|---|--|
-| Control and management plane logging and audit| Yes | Activity logs  exposes all non-GET operations. |
+| Control and management plane logging and audit| Yes | Activity logs expose all write operations (PUT, POST, DELETE) performed on your resources; see [View activity logs to audit actions on resources](resource-group-audit.md). |
 | Data plane logging and audit| N/A | |
 
 ## Configuration management