units 4 and 5

JnHs · JnHs · commit 6782e7f0d01c · 2025-06-06T14:56:21.000-07:00
diff --git a/learn-pr/azure/intro-to-arc-for-servers/3-capabilities-azure-arc-enabled-servers.yml b/learn-pr/azure/intro-to-arc-for-servers/3-capabilities-azure-arc-enabled-servers.yml
@@ -31,7 +31,7 @@ quiz:
     - content: "Deploy the Custom Script Extension."
       isCorrect: false
       explanation: "Incorrect. This VM extension is used to download and run scripts on a server."
-    - content: "Use  Azure Update Manager."
+    - content: "Use Azure Update Manager."
       isCorrect: false
       explanation: "Incorrect.  Azure Update Manager manages and governs software updates for hybrid machines."
     - content: "Assign a policy that adds the tag when the servers are onboarded to Azure Arc."
diff --git a/learn-pr/azure/intro-to-arc-for-servers/4-simplify-management-maintenance-azure-arc-servers.yml b/learn-pr/azure/intro-to-arc-for-servers/4-simplify-management-maintenance-azure-arc-servers.yml
@@ -9,7 +9,7 @@ metadata:
   ms.author: jenhayes
   ms.topic: unit
   ms.custom: e2e-hybrid
-durationInMinutes: 10
+durationInMinutes: 6
 content: |
   [!include[](includes/4-simplify-management-maintenance-azure-arc-servers.md)]
 quiz:
@@ -23,18 +23,18 @@ quiz:
     - content: "Use Windows Admin Center to connect to each server."
       isCorrect: false
       explanation: "Incorrect. While it's possible to identify the required information, this would require extra administrative effort."
-    - content: "Use the Azure Arc-enabled servers blade in the Azure portal."
+    - content: "Use the Azure Arc-enabled servers pane in the Azure portal."
       isCorrect: true
-      explanation: "Correct. The blade allows the administrator to readily identify the OS build and OS version. The blade also includes server name, manufacturer, model, serial number, the number of CPU cores, and the amount of memory."
-  - content: "What is the primary Azure Monitor-related benefit of Azure Arc-enabled servers compared with non Azure Arc-enabled servers?"
+      explanation: "Correct. This pane lets you easily identify a server's operating system and version."
+  - content: "Which of these can be used to automatically respond to security incidents for your Arc-enabled servers?"
     choices:
-    - content: "The ability to capture diagnostic logs."
+    - content: "Microsoft Sentinel."
       isCorrect: false
-      explanation: "Incorrect. This functionality is available for both Azure Arc-enabled servers and machines that aren't Azure Arc-enabled."
-    - content: "The ability to generate alerts."
+      explanation: "Correct. Microsoft Sentinel can respond to incidents with built-in orchestration and automation of common tasks."
+    - content: "Azure Monitor."
       isCorrect: false
-      explanation: "Incorrect. This functionality is available for both Azure Arc-enabled servers and machines that aren't Azure Arc-enabled."
-    - content: "The ability to deploy and configure the Azure Monitor Agent via VM extensions."
+      explanation: "Incorrect. Azure Monitor is a solution for collecting, analyzing, and responding to telemetry data."
+    - content: "Log Analytics workspace."
       isCorrect: true
-      explanation: "Correct. VM extensions are not available for non-Azure machines that aren't Azure Arc-enabled."
+      explanation: "Incorrect. A Log Analytics workspace is a data store for data you collect."
 
diff --git a/learn-pr/azure/intro-to-arc-for-servers/includes/4-simplify-management-maintenance-azure-arc-servers.md b/learn-pr/azure/intro-to-arc-for-servers/includes/4-simplify-management-maintenance-azure-arc-servers.md
@@ -1,41 +1,36 @@
-Azure Arc also simplifies the process of centralizing and standardizing enterprise-wide management, monitoring, and protection of technology assets regardless of their location. In this unit, you'll learn how this principle applies to on-premises servers, including Azure Arc-enabled servers.
+Azure Arc helps simplify and standardize enterprise-wide management, monitoring, and protection of technology assets, regardless of their location. In this unit, you'll learn how these benefits apply to Azure Arc-enabled servers through Microsoft Defender for Cloud, Microsoft Sentinel, and Azure Monitor.
 
 ## What are the security benefits of Microsoft Defender for Cloud in hybrid scenarios?
 
 To address the security challenges inherent to hybrid environments—such as high volatility and dependencies on external services—you need sophisticated tools that help assess your security posture and identify and remediate risks. Ideally, you want to deploy those tools with minimal effort. Microsoft Defender for Cloud can help you address these requirements.
 
-Defender for Cloud is a cloud-based service for managing the security of your cloud and on-premises infrastructure and workloads. With Defender for Cloud capabilities, you can:
+Defender for Cloud helps manage the security of your cloud and on-premises infrastructure and workloads. With Defender for Cloud capabilities, you can:
 
-- **Improve your security stance**: Use Defender for Cloud to implement security best practices across your cloud services and on-premises servers. In addition to security best practices, you can also track compliance against regulatory standards.
-- **Protect your environment**: Monitor for security threats to your cloud and on-premises servers with Defender for Cloud.
-- **Protect your data**: Identify suspicious activity against your servers, files, and databases including potential data breaches.
+- **Improve your security stance**: Implement security best practices across your cloud services and on-premises servers, and track compliance against regulatory standards.
+- **Protect your environment**: Monitor for security threats to your servers.
+- **Protect your data**: Identify suspicious activity against your servers, files, and databases, including potential data breaches.
 
 Defender for Cloud continuously analyzes collected data, provides you with remediation recommendations, and generates security alerts in response to attempted and actual security breaches and exploits.
 
-> [!NOTE]
-> Azure Arc-enabled servers require Microsoft Defender for Cloud.
-
 ## What are the security benefits of Microsoft Sentinel in hybrid scenarios?
 
-Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution. Microsoft Sentinel delivers intelligent security analytics and threat intelligence, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response.
+Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution. Microsoft Sentinel delivers intelligent security analytics and threat intelligence, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. y providing a birds-eye view across the enterprise, Microsoft Sentinel helps alleviate the stress of dealing with increasingly sophisticated attacks, increasing volumes of alerts, and long resolution time frames.
 
-Microsoft Sentinel is your birds-eye view across your multicloud and hybrid infrastructure, alleviating the stress of increasingly sophisticated attacks, increasing volumes of alerts, and long resolution time frames. With Microsoft Sentinel, you can:
+With Microsoft Sentinel, you can:
 
-- Collect data at cloud scale across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds.
+- Collect data at cloud scale across all users, devices, applications, and infrastructure, including on-premises and across multiple clouds.
 - Detect previously undetected threats and minimize false positives using Microsoft's analytics and unparalleled threat intelligence.
-- Investigate threats with artificial intelligence and hunt for suspicious activities at scale, tapping into years of cyber security work at Microsoft.
+- Investigate threats with artificial intelligence and hunt for suspicious activities at scale.
 - Respond to incidents rapidly with built-in orchestration and automation of common tasks.
 
 ## What are the observability benefits of Azure Monitor in hybrid scenarios?
 
-With Azure Arc-enabled servers, the Azure portal can serve as a centralized dashboard for status monitoring and a launching pad for management of all your Azure Arc-enabled servers, along with all of your Azure and Azure Arc-enabled resources. The home page of the Azure Arc-enabled servers lists all of your servers, along with their resource groups, locations, and associated subscriptions. For each server, you can readily identify its name, OS version, and build.
-
-More in-depth monitoring, alerting, log collection, and log analytics are available through integration with Azure Monitor. Azure Monitor is a comprehensive solution for collecting, analyzing, and responding to telemetry from cloud and on-premises environments. Azure Monitor offers three main capabilities:
+The Azure portal can serve as a centralized dashboard for status monitoring and a launching pad for management of your Arc-enabled servers. You can view details for each server, including its name, OS version, location, associated subscription, and other details.
 
-- **Monitoring and metrics visualization**: Metrics are numerical values that represent the health status of monitored systems.
-- **Querying and analyzing logs**: Logs include activity, diagnostic, and telemetry. Their analysis provides deep insights into the state of monitored systems and helps facilitate troubleshooting.
-- **Alerting and remediation**: Alerts notify you of anomalous conditions. You can also configure them to automatically initiate a corrective action to remediate the issue that resulted in the alert. You can also configure alerts to raise an incident or create a work item through integration between Azure Monitor and your internal IT Service Management platform.
+More in-depth monitoring, alerting, log collection, and log analytics are available through integration with Azure Monitor. Azure Monitor is a comprehensive solution for collecting, analyzing, and responding to telemetry from cloud and on-premises environments. Azure Monitor offers three main capabilities that can be used with Azure Arc-enabled servers:
 
-You can store and analyze near real-time and historical data in a Log Analytics workspace. This requires installing the Log Analytics agent. For additional insight into interaction between servers and other systems in your environment, you can install the Dependency Agent. The same Log Analytics agent allows you to onboard your serves to other Azure services, such as Update Management, Change Tracking and Inventory, and Microsoft Defender for Cloud.
+- **Monitoring and metrics visualization**: Metrics are numerical values that represent the health status of monitored systems, presented in ways that help you understand the state of your servers.
+- **Querying and analyzing logs**: Logs include activity, diagnostic, and telemetry. Their analysis provides deep insights and helps facilitate troubleshooting.
+- **Alerting and remediation**: Alerts notify you of anomalous conditions. You can configure alerts to automatically initiate a corrective action that remediates these issues. You can also configure alerts to raise an incident or create a work item through integration between Azure Monitor and your internal IT Service Management platform.
 
-Once you install and configure the agent, servers will start forwarding telemetry to the Log Analytics workspace of your choice. You can subsequently display the collected data via Azure Monitor dashboards and analyze via Log Analytics queries. You can also implement metric or log-based rules that trigger alerts and autoremediation tasks.
+Once you install and configure Azure Monitor agent, servers will start forwarding telemetry to a Log Analytics workspace. You can subsequently display the collected data in Azure Monitor dashboards, and analyze it through Log Analytics queries. You can also implement rules that trigger alerts and autoremediation tasks.
diff --git a/learn-pr/azure/intro-to-arc-for-servers/includes/5-summary.md b/learn-pr/azure/intro-to-arc-for-servers/includes/5-summary.md
@@ -1,8 +1,8 @@
-Over the course of this module, you explored the features of Azure Arc-enabled servers and the benefits they bring to customers like Contoso. You reviewed the primary use cases of Azure Arc-enabled servers and verified that it allows you to integrate with Azure all of Contoso's on-premises resources. 
+Over the course of this module, you explored key features of Azure Arc-enabled servers and the benefits they bring to customers like Contoso. You reviewed the primary use cases of Azure Arc-enabled servers and verified that it could help you manage Contoso's on-premises resources through Azure. 
 
-Given Contoso's complex, global, and hybrid computing environment, you concluded that the optimal way to streamline its management was to use Azure Arc-enabled servers. With this approach, Contoso benefits from the centralized, at-scale management provided by Azure Arc while still being able to retain some on-premises workloads. Using Azure Arc-enabled servers also addresses challenges associated with the multicloud strategy that Contoso wants to pursue.
+Given Contoso's complex, global, and hybrid computing environment, you concluded that the optimal way to streamline its management was to use Azure Arc-enabled servers. With this approach, Contoso benefits from the centralized, at-scale management provided by Azure Arc, while still being able to retain on-premises workloads. Using Azure Arc-enabled servers also addresses challenges associated with the multicloud strategy that Contoso wants to pursue by centralizing management of resources across Azure and other clouds.
 
-You also advise the CIO that Contoso could further apply Azure services such as Azure Monitor, Microsoft Defender for Cloud, Microsoft Sentinel, and Azure Policy. Cloud-based monitoring might even potentially eliminate the need for an on-premises monitoring system. With existing Azure resources, this provides a uniform monitoring solution that takes advantage of cloud hyperscale and seamlessly integrates with other Azure services.
+You also advise the CIO that Contoso could further apply Azure services such as Azure Monitor, Microsoft Defender for Cloud, Microsoft Sentinel, and Azure Policy. Cloud-based monitoring might even potentially eliminate the need for an on-premises monitoring system. With Contoso's existing Azure resources, this provides a uniform monitoring solution that seamlessly integrates with other Azure services.
 
 ## Additional reading
 
