Merge pull request #49269 from jmart1428/update-caf-secure

Quality check: CAF Secure Module refresh

Author: AnnaMHuff

.openpublishing.redirection.json

@@ -27183,6 +27183,34 @@
       "source_path_from_root": "/learn-pr/wwl-azure/monitor-troubleshoot-adt/8-summary.md",
       "redirect_url": "/training/browse/?products=azure&terms=iot"
     },
+    {
+      "source_path_from_root": "/learn-pr/azure/cloud-adoption-framework-security/4-security-roles-responsibilities.yml",
+      "redirect_url": "/training/modules/cloud-adoption-framework-security/1-introduction"
+    },
+    {
+      "source_path_from_root": "/learn-pr/azure/cloud-adoption-framework-security/5-simplify-compliance-security.yml",
+      "redirect_url": "/training/modules/cloud-adoption-framework-security/1-introduction"
+    },
+    {
+      "source_path_from_root": "/learn-pr/azure/cloud-adoption-framework-security/6-simplify-security-implementation.yml",
+      "redirect_url": "/training/modules/cloud-adoption-framework-security/1-introduction"
+    },
+    {
+      "source_path_from_root": "/learn-pr/azure/cloud-adoption-framework-security/8-security-tools-policies.yml",
+      "redirect_url": "/training/modules/cloud-adoption-framework-security/1-introduction"
+    },
+    {
+      "source_path_from_root": "/learn-pr/azure/cloud-adoption-framework-security/9-summary.yml",
+      "redirect_url": "/training/modules/cloud-adoption-framework-security/1-introduction"
+    },
+    {
+      "source_path_from_root": "/learn-pr/azure/cloud-adoption-framework-security/2-customer-narrative.yml",
+      "redirect_url": "/training/modules/cloud-adoption-framework-security/1-introduction"
+    },
+    {
+      "source_path_from_root": "/learn-pr/azure/cloud-adoption-framework-security/3-methodology.yml",
+      "redirect_url": "/training/modules/cloud-adoption-framework-security/1-introduction"
+    },
     {
       "source_path_from_root": "/learn-pr/wwl-azure/monitor-troubleshoot-adt/index.md",
       "redirect_url": "/training/browse/?products=azure&terms=iot"

learn-pr/azure/cloud-adoption-framework-security/1-introduction.yml

@@ -4,11 +4,11 @@ title: Introduction
 metadata:
   unitType: introduction
   title: Introduction
-  description: Introduction to the Microsoft Cloud Adoption Framework for Azure security module.
-  ms.date: 11/01/2023
+  description: Learn how the Secure methodology in the Cloud Adoption Framework provides a structured approach to secure your Azure cloud estate.
+  ms.date: 02/27/2025
   author: Zimmergren
   ms.author: tozimmergren
   ms.topic: unit
 durationInMinutes: 2
 content: |
-  [!include[](includes/1-introduction.md)]
+  [!include[](includes/1-introduction.md)]

learn-pr/azure/cloud-adoption-framework-security/10-summary.yml

@@ -0,0 +1,14 @@
+### YamlMime:ModuleUnit
+uid: learn.azure.cloud-adoption-framework-security.summary
+title: Summary
+metadata:
+  unitType: summary
+  title: Summary
+  description: Summary of the Secure methodology module for the Cloud Adoption Framework. This module includes guidance about security recommendations for all methodologies and guidance about teams and roles.
+  ms.date: 02/27/2025
+  author: Zimmergren
+  ms.author: tozimmergren
+  ms.topic: unit
+durationInMinutes: 2
+content: |
+  [!include[](includes/10-summary.md)]

learn-pr/azure/cloud-adoption-framework-security/2-customer-narrative.yml

@@ -0,0 +1,31 @@
+### YamlMime:ModuleUnit
+uid: learn.azure.cloud-adoption-framework-security.methodology
+title: The Secure methodology
+metadata:
+  unitType: learning-content
+  title: The Secure Methodology
+  description: Learn about the foundational guidance of the Microsoft Cloud Adoption Framework Secure methodology and how it can improve your Azure cloud estate.
+  ms.date: 02/27/2025
+  author: Zimmergren
+  ms.author: tozimmergren
+  ms.topic: unit
+durationInMinutes: 10
+content: |
+  [!include[](includes/2-methodology.md)]
+quiz:
+ title: Check your knowledge
+ questions:
+ - content: What is the primary goal of the Secure methodology?
+   choices:
+   - content: To provide financial guidance for cloud adoption
+     isCorrect: false
+     explanation: Incorrect. The Secure methodology includes some financial guidance, but it's typically covered by other frameworks or business strategies.
+   - content: To provide a structured approach that you can use to enhance workload security and compliance
+     isCorrect: true
+     explanation: Correct. The primary goal of the Secure methodology is to ensure that workloads are highly secure and compliant.
+   - content: To provide a cloud-based environment that enables you to build, deploy, and manage applications
+     isCorrect: false
+     explanation: Incorrect. Providing a cloud-based environment isn't the primary goal of the Secure methodology. 
+   - content: To standardize the process for requesting, deploying, and governing subscriptions so that you can deploy your workloads faster
+     isCorrect: false
+     explanation: Incorrect. Standardizing processes for subscriptions isn't the focus of the Secure methodology.

learn-pr/azure/cloud-adoption-framework-security/2-methodology.yml

@@ -0,0 +1,31 @@
+### YamlMime:ModuleUnit
+uid: learn.azure.cloud-adoption-framework-security.security-roles-responsibilities
+title: Teams, roles, and functions
+metadata:
+  unitType: learning-content
+  title: Teams, Roles, and Functions
+  description: Learn about the security roles required for cloud security and the functions that they perform related to cloud infrastructure and platforms. 
+  ms.date: 02/27/2025
+  author: Zimmergren
+  ms.author: tozimmergren
+  ms.topic: unit
+durationInMinutes: 10
+content: |
+  [!include[](includes/3-teams-roles-functions.md)]
+quiz:
+ title: Check your knowledge
+ questions:
+ - content: Which teams are responsible for translating security strategy, policy, and standards into actionable solutions?
+   choices:
+   - content: Infrastructure or platform teams
+     isCorrect: false
+     explanation: Incorrect. While infrastructure or platform teams implement and integrate security controls, they don't primarily translate security strategy, policy, and standards into actionable solutions.
+   - content: Security architecture, engineering, and posture management teams
+     isCorrect: true
+     explanation: Correct. These teams translate security strategy, policy, and standards into actionable solutions. They ensure that security measures are effectively implemented.
+   - content: Security governance, risk, and compliance teams
+     isCorrect: false
+     explanation: Incorrect. These teams manage security policies, risk assessments, and compliance requirements but don't focus on translating security strategies into actionable solutions.
+   - content: Security training and awareness teams
+     isCorrect: false
+     explanation: Incorrect. These teams provide training and resources to ensure that stakeholders understand their security responsibilities but aren't involved in translating security strategies into actionable solutions.

learn-pr/azure/cloud-adoption-framework-security/3-methodology.yml

@@ -0,0 +1,31 @@
+### YamlMime:ModuleUnit
+uid: learn.azure.cloud-adoption-framework-security.strategy
+title: Integrate security into your cloud adoption strategy
+metadata:
+  unitType: learning-content
+  title: Integrate Security into Your Cloud Adoption Strategy
+  description: Learn how to integrate security into your cloud adoption strategy.
+  ms.date: 02/27/2025
+  author: Zimmergren
+  ms.author: tozimmergren
+  ms.topic: unit
+durationInMinutes: 10
+content: |
+  [!include[](includes/4-strategy.md)]
+quiz:
+ title: Check your knowledge
+ questions:
+ - content: Why is it important to align incident preparedness and response with business strategy?
+   choices:
+   - content: To ensure that security doesn't impede business goals
+     isCorrect: true
+     explanation: Correct. This practice helps ensure that security measures support and don't hinder business objectives. It maintains a balance between security and operational efficiency.
+   - content: To reduce the cost of cloud services
+     isCorrect: false
+     explanation: Incorrect. While cost management is important, the primary goal of aligning incident preparedness with business strategy is to ensure that security measures support business goals, not specifically to reduce costs.
+   - content: To increase the number of security incidents
+     isCorrect: false
+     explanation: Incorrect. The goal is to reduce and effectively manage security incidents, not to increase them.
+   - content: To eliminate the need for security training
+     isCorrect: false
+     explanation: Incorrect. Security training is essential to ensure that all stakeholders understand their roles and responsibilities in maintaining security. Aligning incident preparedness with business strategy doesn't eliminate this need.

learn-pr/azure/cloud-adoption-framework-security/3-teams-roles-functions.yml

@@ -0,0 +1,31 @@
+### YamlMime:ModuleUnit
+uid: learn.azure.cloud-adoption-framework-security.plan
+title: Plan for a secure cloud adoption
+metadata:
+  unitType: learning-content
+  title: Plan for a Secure Cloud Adoption
+  description: Learn how to plan for a secure cloud adoption.
+  ms.date: 02/27/2025
+  author: Zimmergren
+  ms.author: tozimmergren
+  ms.topic: unit
+durationInMinutes: 10
+content: |
+  [!include[](includes/5-plan.md)]
+quiz:
+ title: Check your knowledge
+ questions:
+ - content: What is the purpose of landing zones in cloud adoption?
+   choices:
+   - content: To build a robust incident response plan
+     isCorrect: false
+     explanation: Incorrect. While important, building an incident response plan isn't the primary purpose of landing zones. 
+   - content: To incorporate templates for infrastructure as code (IaC) deployments
+     isCorrect: false
+     explanation: Incorrect. Although landing zones might use IaC templates, their main purpose isn't to incorporate these templates but to provide a secure and scalable foundation.
+   - content: To enhance data analytics capabilities
+     isCorrect: false
+     explanation: Incorrect. Enhancing data analytics capabilities isn't the primary goal of landing zones. 
+   - content: To provide a highly secure and scalable foundation for cloud environments
+     isCorrect: true
+     explanation: Correct. The primary purpose of landing zones is to provide a highly secure and scalable foundation for cloud environments, which helps ensure consistency and compliance with security policies.