pull base content,head:MicrosoftDocs:main,into:wwlpublishsync

Author: wwlpublish

learn-pr/wwl-sci/monitor-maintain-azure-active-directory/1-introduction.yml

@@ -2,9 +2,11 @@
 uid: learn.wwl.monitor-maintain-azure-active-directory.introduction
 title: Introduction
 metadata:
+  adobe-target: true
+  prefetch-feature-rollout: true
   title: Introduction
   description: "Introduction"
-  ms.date: 12/23/2024
+  ms.date: 04/22/2025
   author: wwlpublish
   ms.author: roberts
   ms.topic: unit

learn-pr/wwl-sci/monitor-maintain-azure-active-directory/2-analyze-investigate-sign-logs-to-troubleshoot-access-issues.yml

@@ -2,9 +2,11 @@
 uid: learn.wwl.monitor-maintain-azure-active-directory.analyze-investigate-sign-logs-to-troubleshoot-access-issues
 title: Analyze and investigate sign-in logs to troubleshoot access issues
 metadata:
+  adobe-target: true
+  prefetch-feature-rollout: true
   title: Analyze and investigate sign-in logs to troubleshoot access issues
   description: "Analyze and investigate sign-in logs to troubleshoot access issues"
-  ms.date: 12/23/2024
+  ms.date: 04/22/2025
   author: wwlpublish
   ms.author: roberts
   ms.topic: unit

learn-pr/wwl-sci/monitor-maintain-azure-active-directory/3-review-monitor-azure-active-directory-audit-logs.yml

@@ -2,9 +2,11 @@
 uid: learn.wwl.monitor-maintain-azure-active-directory.review-monitory-azure-ad-audit-logs
 title: Review and monitor Microsoft Entra audit logs
 metadata:
+  adobe-target: true
+  prefetch-feature-rollout: true
   title: Review and monitor Microsoft Entra audit logs
   description: "Review and monitor Microsoft Entra audit logs"
-  ms.date: 12/23/2024
+  ms.date: 04/22/2025
   author: wwlpublish
   ms.author: roberts
   ms.topic: unit

learn-pr/wwl-sci/monitor-maintain-azure-active-directory/4-connect-data-from-azure-active-directory-to-azure-sentinel.yml

@@ -2,9 +2,11 @@
 uid: learn.wwl.monitor-maintain-azure-active-directory.connect-data-from-azure-ad-to-azure-sentinel
 title: 'Exercise connect data from Microsoft Entra ID to Microsoft Sentinel '
 metadata:
+  adobe-target: true
+  prefetch-feature-rollout: true
   title: Exercise connect data from Microsoft Entra ID to Microsoft Sentinel
   description: "Exercise connect data from Microsoft Entra ID to Microsoft Sentinel"
-  ms.date: 12/23/2024
+  ms.date: 04/22/2025
   author: wwlpublish
   ms.author: roberts
   ms.topic: unit

learn-pr/wwl-sci/monitor-maintain-azure-active-directory/5-export-logs-to-third-party-security-information.yml

@@ -2,9 +2,11 @@
 uid: learn.wwl.monitor-maintain-azure-active-directory.export-sign-audit-logs-to-third-party-siem
 title: Export logs to third-party security information and event management system
 metadata:
+  adobe-target: true
+  prefetch-feature-rollout: true
   title: Export logs to third-party security information and event management system
   description: "Export logs to third-party security information and event management system"
-  ms.date: 12/23/2024
+  ms.date: 04/22/2025
   author: wwlpublish
   ms.author: roberts
   ms.topic: unit

learn-pr/wwl-sci/monitor-maintain-azure-active-directory/6-analyze-azure-active-directory-workbooks-reporting.yml

@@ -2,9 +2,11 @@
 uid: learn.wwl.monitor-maintain-azure-active-directory.analyze-azure-ad-workbooks-reporting
 title: Analyze Microsoft Entra workbooks and reporting
 metadata:
+  adobe-target: true
+  prefetch-feature-rollout: true
   title: Analyze Microsoft Entra workbooks and reporting
   description: "Analyze Microsoft Entra workbooks and reporting"
-  ms.date: 12/23/2024
+  ms.date: 04/22/2025
   author: wwlpublish
   ms.author: roberts
   ms.topic: unit

learn-pr/wwl-sci/monitor-maintain-azure-active-directory/7-monitor-security-posture-identity-secure-score.yml

@@ -2,9 +2,11 @@
 uid: learn.wwl.monitor-maintain-azure-active-directory.monitor-security-posture-identity-secure-score
 title: Monitor security posture with Identity Secure Score
 metadata:
+  adobe-target: true
+  prefetch-feature-rollout: true
   title: Monitor security posture with Identity Secure Score
   description: "Monitor security posture with Identity Secure Score"
-  ms.date: 12/23/2024
+  ms.date: 04/22/2025
   author: wwlpublish
   ms.author: roberts
   ms.topic: unit

learn-pr/wwl-sci/monitor-maintain-azure-active-directory/8-knowledge-check.yml

@@ -2,9 +2,11 @@
 uid: learn.wwl.monitor-maintain-azure-active-directory.knowledge-check
 title: Module assessment
 metadata:
+  adobe-target: true
+  prefetch-feature-rollout: true
   title: Module assessment
   description: "Knowledge check"
-  ms.date: 12/23/2024
+  ms.date: 04/22/2025
   author: wwlpublish
   ms.author: roberts
   ms.topic: unit
@@ -20,13 +22,13 @@ quiz:
     choices:
     - content: "Microsoft Entra audit logs provide a comparison of budgeted Azure usage compared to actual."
       isCorrect: false
-      explanation: "Incorrect. Audit logs provide traceability through logs for all changes made by various features within Microsoft Entra ID. Examples of audit logs include changes made to any resources within Microsoft Entra ID. You'll see things like adding or removing users, apps, groups, roles, and policies."
+      explanation: "Incorrect. Audit logs provide traceability through logs for all changes made by various features within Microsoft Entra ID. Examples of audit logs include changes made to any resources within Microsoft Entra ID. You see things like adding or removing users, apps, groups, roles, and policies."
     - content: "Microsoft Entra audit logs provide records of system activities for compliance reporting."
       isCorrect: true
       explanation: "Correct. An audit log has a default list view that shows data like the date and time of the occurrence. Additional information includes the service that logged the occurrence, and the category of the activity. Finally, the name of the activity (what), the status of the activity (success or failure), the target, and the initiator/actor (who) of an activity."
     - content: "Microsoft Entra audit logs allow customer to monitor activity when provisioning new services within Azure."
       isCorrect: false
-      explanation: "Incorrect. Audit logs provide traceability through logs for all changes made by various features within Microsoft Entra ID. Examples of audit logs include changes made to any resources within Microsoft Entra ID. You'll see things like adding or removing users, apps, groups, roles, and policies."
+      explanation: "Incorrect. Audit logs provide traceability through logs for all changes made by various features within Microsoft Entra ID. Examples of audit logs include changes made to any resources within Microsoft Entra ID. You see things like adding or removing users, apps, groups, roles, and policies."
   - content: "Can Azure export logging data to third-party SIEM (security information and event management) tools?"
     choices:
     - content: "Yes, Azure supports exporting log data to several common third-party SIEM tools."
@@ -37,7 +39,7 @@ quiz:
       explanation: "Incorrect. Azure Sentinel is a Microsoft first-party SIEM tool, but we do support using other tools, such as Splunk, IBM QRadar, and ArcSight."
     - content: "Yes, Splunk is the third party SIEM Azure can export to."
       isCorrect: false
-      explanation: "Incorrect. While Splunk is one of the third-party SIEM tools we can export data to, it is not the only one. We also support other third-party SIEM tools, such as IBM QRadar and ArcSight."
+      explanation: "Incorrect. While Splunk is one of the third-party SIEM tools we can export data to, it isn't the only one. We also support other third-party SIEM tools, such as IBM QRadar and ArcSight."
   - content: "John wants to configure email notifications to be sent from Microsoft Entra Domain Services (AD DS) when issues are detected. In Azure, where would notifications be configured?"
     choices:
     - content: "Azure Microsoft Portal - Microsoft Entra ID - Monitoring - Notifications - Add email recipient."
@@ -48,4 +50,4 @@ quiz:
       explanation: "Correct. The health of a Microsoft Entra Domain Services (MEDS) managed domain is monitored by the Azure platform. The health status page in the Azure Microsoft Portal shows any alerts for the managed domain. To make sure issues are responded to in a timely manner, email notifications can be configured to report on health alerts as soon as they're detected in the Microsoft Entra Domain Services managed domain."
     - content: "Azure Microsoft Portal - Notification Hubs - Microsoft Entra ID - Add email recipient."
       isCorrect: false
-      explanation: "Incorrect. Azure Notification Hubs are to provide push notification to any platform (iOS, Android, Windows, and so on.) to share breaking news, promotional content, or other Azure App information to users."
+      explanation: "Incorrect. Azure Notification Hubs are to provide push notification to any platform to share breaking news, promotional content, or other Azure App information to users."

learn-pr/wwl-sci/monitor-maintain-azure-active-directory/9-summary-resources.yml

@@ -2,9 +2,11 @@
 uid: learn.wwl.monitor-maintain-azure-active-directory.summary-resources
 title: Summary and resources
 metadata:
+  adobe-target: true
+  prefetch-feature-rollout: true
   title: Summary and resources
   description: "Summary and resources"
-  ms.date: 12/23/2024
+  ms.date: 04/22/2025
   author: wwlpublish
   ms.author: roberts
   ms.topic: unit

learn-pr/wwl-sci/monitor-maintain-azure-active-directory/includes/1-introduction.md

@@ -2,23 +2,23 @@ Microsoft Entra ID audit and diagnostic logs provide a rich view into how users
 
 In this module, you will:
 
- -  Learn about sign-in, audit, and diagnostic logs.
- -  Learn about managing sign-in through a third-party security information and event management (SIEM) tool.
- -  Learn about reporting.
- -  Explore the identity secure score.
+ - Learn about sign-in, audit, and diagnostic logs.
+ - Learn about managing sign-in through a third-party security information and event management (SIEM) tool.
+ - Learn about reporting.
+ - Explore the identity secure score.
 
 ## Learning objectives
 
 By the end of this module you should be able to:
 
- -  Analyze and investigate sign-in logs to troubleshoot access issues.
- -  Review and monitor Microsoft Entra audit logs.
- -  Enable and integrate Microsoft Entra diagnostic logs with Log Analytics / Microsoft Sentinel.
- -  Export sign-in and audit logs to a third-party SIEM tool.
- -  Review Microsoft Entra activity by using Log Analytics / Microsoft Sentinel, excluding KQL use.
- -  Analyze Microsoft Entra workbooks/reporting.
- -  Monitor security posture with identity secure score.
- -  Configure notifications.
+ - Analyze and investigate sign-in logs to troubleshoot access issues.
+ - Review and monitor Microsoft Entra audit logs.
+ - Enable and integrate Microsoft Entra diagnostic logs with Log Analytics / Microsoft Sentinel.
+ - Export sign-in and audit logs to a third-party SIEM tool.
+ - Review Microsoft Entra activity by using Log Analytics / Microsoft Sentinel, excluding KQL use.
+ - Analyze Microsoft Entra workbooks/reporting.
+ - Monitor security posture with identity secure score.
+ - Configure notifications.
 
 ## Prerequisites