pull base content,head:MicrosoftDocs:main,into:wwlpublishsync

Author: wwlpublish

learn-pr/wwl-azure/administer-manage-windows-server-iaas-virtual-machine-remotely/1-introduction.yml

@@ -4,7 +4,7 @@ title: Introduction
 metadata:
   title: Introduction
   description: "Introduction"
-  ms.date: 07/03/2023
+  ms.date: 01/20/2025
   author: wwlpublish
   ms.author: tonyj
   ms.topic: unit

learn-pr/wwl-azure/administer-manage-windows-server-iaas-virtual-machine-remotely/2-select-appropriate-remote-administration-tools.yml

@@ -4,7 +4,7 @@ title: Select the appropriate remote administration tool
 metadata:
   title: Select the appropriate remote administration tool
   description: "Select the appropriate remote administration tool"
-  ms.date: 07/03/2023
+  ms.date: 01/20/2025
   author: wwlpublish
   ms.author: tonyj
   ms.topic: unit

learn-pr/wwl-azure/administer-manage-windows-server-iaas-virtual-machine-remotely/3-manage-windows-virtual-machines-bastion.yml

@@ -4,7 +4,7 @@ title: Manage Windows Virtual Machines with Azure Bastion
 metadata:
   title: Manage Windows Virtual Machines with Azure Bastion
   description: "Manage Windows Virtual Machines with Azure Bastion"
-  ms.date: 07/03/2023
+  ms.date: 01/20/2025
   author: wwlpublish
   ms.author: tonyj
   ms.topic: unit

learn-pr/wwl-azure/administer-manage-windows-server-iaas-virtual-machine-remotely/4-create-azure-bastion-host.yml

@@ -4,7 +4,7 @@ title: Create an Azure Bastion host
 metadata:
   title: Create an Azure Bastion host
   description: "Create an Azure Bastion host"
-  ms.date: 07/03/2023
+  ms.date: 01/20/2025
   author: wwlpublish
   ms.author: tonyj
   ms.topic: unit

learn-pr/wwl-azure/administer-manage-windows-server-iaas-virtual-machine-remotely/5-configure-just-time-administration.yml

@@ -4,7 +4,7 @@ title: Configure just-in-time administration
 metadata:
   title: Configure just-in-time administration
   description: "Configure just-in-time administration"
-  ms.date: 07/03/2023
+  ms.date: 01/20/2025
   author: wwlpublish
   ms.author: tonyj
   ms.topic: unit

learn-pr/wwl-azure/administer-manage-windows-server-iaas-virtual-machine-remotely/6-knowledge-check.yml

@@ -4,7 +4,7 @@ title: Knowledge check
 metadata:
   title: Knowledge check
   description: "Knowledge check"
-  ms.date: 07/03/2023
+  ms.date: 01/20/2025
   author: wwlpublish
   ms.author: tonyj
   ms.topic: unit
@@ -20,32 +20,32 @@ quiz:
     choices:
     - content: "RDP."
       isCorrect: true
-      explanation: "That's correct. RDP is secured by Azure Bastion as a means for communicating with your IaaS VMs."
+      explanation: "Correct. RDP is secured by Azure Bastion as a means for communicating with your IaaS VMs."
     - content: "TLS."
       isCorrect: false
-      explanation: "That's incorrect. Although TLS is used to secure network traffic, it's not able to facilitate management of a VM."
+      explanation: "Incorrect. Although TLS is used to secure network traffic, it's not able to facilitate management of a VM."
     - content: "SSL."
       isCorrect: false
-      explanation: "That's incorrect. Although SSL is used to secure network traffic, it's not able to facilitate management of a VM."
+      explanation: "Incorrect. Although SSL is used to secure network traffic, it's not able to facilitate management of a VM."
   - content: "Which of the following statements about implementing Azure Bastion is true?"
     choices:
     - content: "An administrator must install the bastion host in its own VNet. VMs must be in a separate VNet"
       isCorrect: false
-      explanation: "That's incorrect. The bastion host and the protected VMs must be in the same VNet."
+      explanation: "Incorrect. The bastion host and the protected VMs must be in the same VNet."
     - content: "An administrator must configure an NSG for the bastion host."
       isCorrect: false
-      explanation: "That's incorrect. Although an administrator can configure an NSG, there's no requirement to do so."
+      explanation: "Incorrect. Although an administrator can configure an NSG, there's no requirement to do so."
     - content: "An administrator must connect Azure Bastion to a subnet with the name AzureBastionSubnet."
       isCorrect: true
-      explanation: "That's correct. The subnet that contains the bastion host must be called AzureBastionSubnet."
+      explanation: "Correct. The subnet that contains the bastion host must be called AzureBastionSubnet."
   - content: "Which of the following statements about JIT access in Azure is correct?"
     choices:
     - content: "JIT is enabled on VMs by default providing those VMs are protected by Azure Bastion."
       isCorrect: false
-      explanation: "That's incorrect. Azure Bastion isn't a prerequisite for JIT protection."
+      explanation: "Incorrect. Azure Bastion isn't a prerequisite for JIT protection."
     - content: "It's necessary to manually add commonly used management ports to the JIT VM access configuration in order to properly configure JIT."
       isCorrect: false
-      explanation: "That's incorrect. Commonly used management ports, including RDP/SSH are automatically configured."
+      explanation: "Incorrect. Commonly used management ports, including RDP/SSH are automatically configured."
     - content: "You can enable JIT access for a VM when you attempt to connect to the VM from the VM's **Connect** blade."
       isCorrect: true
-      explanation: "That's correct. In addition to using Security Center to enable JIT, you can select the link, **To improve security, enable just-in-time access on this VM**."
+      explanation: "Correct. In addition to using Security Center to enable JIT, you can select the link, **To improve security, enable just-in-time access on this VM**."

learn-pr/wwl-azure/administer-manage-windows-server-iaas-virtual-machine-remotely/7-summary.yml

@@ -4,7 +4,7 @@ title: Summary
 metadata:
   title: Summary
   description: "Summary"
-  ms.date: 07/03/2023
+  ms.date: 01/20/2025
   author: wwlpublish
   ms.author: tonyj
   ms.topic: unit

learn-pr/wwl-azure/administer-manage-windows-server-iaas-virtual-machine-remotely/includes/1-introduction.md

@@ -1,25 +1,25 @@
-Tools and techniques such as Cloud Shell, Azure Bastion, and the just-in-time (JIT) feature of Azure Security Center allow you to remotely administer and manage Windows Server virtual machines (VMs).
+Tools and techniques such as Cloud Shell, Azure Bastion, and the just-in-time (JIT) feature of Microsoft Defender for Cloud allows you to remotely administer and manage Windows Server virtual machines (VMs).
 
 ## Scenario
 
-Contoso is a medium-size financial services company in London with a branch office in New York. Most of its compute environment runs on-premises on Windows Server. This includes virtualized workloads on Windows Server 2012 R2 hosts. Contoso IT staff are in the process of migrating Contoso servers to Windows Server 2019.
+Contoso is a medium-size financial services company in London with a branch office in New York. Most of its compute environment runs on-premises on Windows Server. This includes virtualized workloads on Windows Server 2012 R2 hosts. Contoso's IT staff are in the process of migrating Contoso servers to Windows Server 2025.
 
 Contoso’s IT director realizes that Contoso has an outdated operational model with limited automation and reliance on dated technology. The Contoso IT Engineering team has started exploring Azure capabilities. They want to determine whether Microsoft Azure services might assist with modernizing the current operational model through automation and virtualization.
 
 As part of the initial design, the Contoso IT team asked you, their lead system engineer and server administrator, to set up a proof of concept environment. This environment must verify whether Azure services can help to modernize the IT infrastructure and meet business goals.
 
-The IT operations staff at Contoso need to know how they can remotely manage Windows infrastructure as a service (IaaS) VMs. They also want to be sure that it's possible to restrict administrative connections to those Windows Azure IaaS VMs.
+The IT operations staff at Contoso need to know how they can remotely manage Windows infrastructure as a service (IaaS) VMs. They also want to be sure that it's possible to restrict administrative connections to those Windows Server IaaS VMs.
 
-This module describes available remote administration tools and how to select the appropriate tools. You'll also learn to use Azure Bastion to secure management connections to Windows Azure IaaS VMs. Finally, you'll learn to configure JIT VM access to restrict connections.
+This module describes available remote administration tools and how to select the appropriate tools. You'll also learn to use Azure Bastion to secure management connections to Windows Server IaaS VMs. Finally, you learn to configure JIT VM access to restrict connections.
 
-By the end of this module you’ll be able to select and use suitable tools and techniques to remotely manage Windows IaaS VMs, and restrict administrative connections to those VMs.
+By the end of this module you're able to select and use suitable tools and techniques to remotely manage Windows Server IaaS VMs, and restrict administrative connections to those VMs.
 
 ## Learning objectives
 
 After completing this module, you'll be able to:
 
 - Select appropriate remote administration tools.
-- Secure management connections to Windows Azure IaaS VMs with Azure Bastion.
+- Secure management connections to Windows Server IaaS VMs with Azure Bastion.
 - Configure JIT VM access.
 
 ## Prerequisites
@@ -32,6 +32,6 @@ In order to get the best learning experience from this module, you should have k
 - On-premises resiliency Windows Server-based compute and storage technologies
 - Implementing and managing IaaS services in Azure
 - Microsoft Entra ID
-- Security-related technologies (firewalls, encryption, multi-factor authentication)
+- Security-related technologies (firewalls, encryption, multifactor authentication)
 - Windows PowerShell scripting
 - Automation and monitoring

learn-pr/wwl-azure/administer-manage-windows-server-iaas-virtual-machine-remotely/includes/2-select-appropriate-remote-administration-tools.md

@@ -1,5 +1,3 @@
-
-
 At Contoso, the server operations team is used to performing remote management of their on-premises servers. They understand that it's more efficient to remotely administer and maintain servers than it is to interactively administer them using locally installed tools. They realize that for the Windows IaaS VMs being deployed in Azure, they must rely solely on remote management to administer and maintain cloud-based resources. As lead engineer, you've set up a short presentation on the available management tools for the new hybrid environment that exists at Contoso.
 
 ## What is the Azure portal?
@@ -32,7 +30,7 @@ The Azure hybrid services tool in Windows Admin Center consolidates all the inte
 [![A screenshot of Windows Admin Center. The administrator has selected the Azure hybrid services node.](../media/m23-windows-admin-center.png)](../media/m23-windows-admin-center.png#lightbox)
 
 > [!IMPORTANT]
-> Windows Admin Center requires connectivity to your Azure VMs. you'll need to either assign a public IP address to a VM, set up a gateway, or establish a virtual private network (VPN) connection from the Windows Admin Center computer to Azure.
+> Windows Admin Center requires connectivity to your Azure VMs. You'll need to either assign a public IP address to a VM, set up a gateway, or establish a virtual private network (VPN) connection from the Windows Admin Center computer to Azure.
 
 ## What is Azure PowerShell?
 

learn-pr/wwl-azure/administer-manage-windows-server-iaas-virtual-machine-remotely/includes/3-manage-windows-virtual-machines-bastion.md

@@ -1,6 +1,4 @@
-
-
-Contoso IT staff want the ability to connect to their IaaS VMs in Azure from the Azure portal directly and securely. You suggest Azure Bastion, a platform as a service (PaaS) service that provides direct RDP and SSH connectivity to VMs in the Azure portal over TLS. Contoso can provision Azure Bastion inside their VNet.
+Contoso's IT staff want the ability to connect to their IaaS VMs in Azure from the Azure portal directly and securely. You suggest Azure Bastion, a platform as a service (PaaS) service that provides direct RDP and SSH connectivity to VMs in the Azure portal over TLS. Contoso can provision Azure Bastion inside their VNet.
 
 > [!TIP]
 > When you connect to your VMs via Azure Bastion, the VMs don't need a public IP address.