acrolinx check

Author: diannegali

defender-xdr/activate-defender-rbac.md

@@ -32,12 +32,12 @@ search.appverid: met150
 - [Microsoft Defender for Cloud Apps](/defender-cloud-apps/)
 - [Microsoft Security Exposure Management](/security-exposure-management/)
 
-For the Microsoft Defender XDR security portal to start enforcing the permissions and assignments configured in your new [custom roles](create-custom-rbac-roles.md) or [imported roles](import-rbac-roles.md), you must activate the Microsoft Defender XDR Unified RBAC model for some or all of your workloads.
+This article lists the steps to activate Defender workloads available in your environment to use the Microsoft Defender XDR Unified role-based access control (RBAC). Activate the Unified RBAC model for some or all of your workloads for the Microsoft Defender portal to start enforcing the permissions and assignments configured in your new [custom roles](create-custom-rbac-roles.md) or [imported roles](import-rbac-roles.md).
 
 > [!IMPORTANT]
-> From February 16, 2025, the Microsoft Defender XDR Unified RBAC model will be the default permissions model for new Microsoft Defender Endpoint tenants that have not created roles and permissions. The activation of the Microsoft Defender XDR Unified RBAC model won't be available for these new tenants. In addition, these new tenants won't have the ability to export roles and permissions from the current model.
+> From February 16, 2025, the Microsoft Defender XDR Unified RBAC model will be the default permissions model for new Microsoft Defender Endpoint tenants where there are no roles or permissions created yet. As a result, activating the Unified RBAC model won't be available for these new tenants. In addition, these new tenants won't have the ability to export roles and permissions from the current model.
 >
-> All Defender for Endpoint tenants who assigned roles and permissions before this date can continue to use their current roles and permissions.
+> All Defender for Endpoint tenants with previously assigned/exported roles and permissions before this date can continue to use their current roles and permissions.
 
 <a name='activate-microsoft-365-defender-unified-rbac'></a>
 
@@ -49,7 +49,7 @@ The following steps guide you on how to activate the Microsoft Defender XDR Unif
 2. [Activate in Microsoft Defender XDR settings](#activate-in-microsoft-365-defender-settings)
 
 > [!IMPORTANT]
-> You must be a Global Administrator or Security Administrator in Microsoft Entra ID to perform this task. For more information on permissions, see [Permission pre-requisites](manage-rbac.md#permissions-prerequisites).
+> You must be a Global Administrator or Security Administrator in Microsoft Entra ID to perform this task. For more information on permissions, see [Permission prerequisites](manage-rbac.md#permissions-prerequisites).
 > Microsoft recommends that you use roles with the fewest permissions. This helps improve security for your organization. Global Administrator is a highly privileged role that should be limited to emergency scenarios when you can't use an existing role.
 
 ### Activate from the Permissions and roles page
@@ -65,12 +65,12 @@ You can activate your workloads in two ways from the Permissions and roles page:
 - Select **Activate workloads** on the banner above the list of roles to go directly to the **Activate workloads** screen.
 - You must activate each workload one by one. Once you select the individual toggle, you activate (or deactivate) that workload.
 
-:::image type="content" source="/defender/media/defender/defender-activate-workloads.png" alt-text="Screenshot of the choose workloads to activate screen.":::
+:::image type="content" source="/defender/media/defender/defender-activate-workloads.png" alt-text="Screenshot of the page where you can choose workloads to activate.":::
 
    > [!NOTE]
-   > The **Activate workloads** button is only available when there is it at least one workload that's not active for Microsoft Defender XDR Unified RBAC.
+   > The **Activate workloads** button is only available when there's it at least one workload that's not active for Microsoft Defender XDR Unified RBAC.
    > Microsoft Defender for Cloud is active by default with Microsoft Defender XDR Unified RBAC.
-   > Defender XDR Unified RBAC is automatically active for Exposure Management access. Once a custom role with one of the Exposure Management permissions is created, it has an immediate impact on assigned users. There is no need to activate it.
+   > Defender XDR Unified RBAC is automatically active for Exposure Management access. Once a custom role with one of the Exposure Management permissions is created, it has an immediate impact on assigned users. There's no need to activate it.
    > 
    > To activate Exchange Online permissions in Microsoft Defender XDR Unified RBAC, Defender for Office 365 permissions must be active. 
    
@@ -103,15 +103,15 @@ Follow these steps to activate your workloads directly in Microsoft Defender XDR
 You have now successfully activated (or deactivated) that workload.
 
 > [!NOTE]
-> The Microsoft Defender XDR Unified RBAC model only impacts the Microsoft Defender XDR security portal. It does not impact the [Microsoft Purview Compliance center](https://compliance.microsoft.com) or the [Exchange Admin Center](https://admin.exchange.microsoft.com).
+> The Microsoft Defender XDR Unified RBAC model only impacts the Microsoft Defender portal. It doesn't impact the [Microsoft Purview portal](https://purview.microsoft.com) or the [Exchange Admin Center](https://admin.exchange.microsoft.com).
 
 <a name='deactivate-microsoft-365-defender-unified-rbac'></a>
 
 ## Deactivate Microsoft Defender XDR Unified RBAC
 
 You can deactivate Microsoft Defender XDR Unified RBAC and revert to the individual RBAC models from Microsoft Defender for Endpoint, Microsoft Defender for Identity, and Microsoft Defender for Office 365 (Exchange Online Protection).
 
-To Deactivate the workloads, repeat the steps above and select the workloads you want to deactivate. The status is set to **Not Active**.
+To deactivate the workloads, repeat the steps in the previous section and select the workloads you want to deactivate. The status is set to **Not Active**.
 
 If you deactivate a workload, the roles created and edited within Microsoft Defender XDR Unified RBAC are no longer in effect, and the previous permissions model is used instead.