Fixes Module 11

pablorodMS · web-flow · commit 0ac40fa95d49 · 2026-02-19T12:33:01.000-06:00
diff --git a/learn-pr/wwl/design-responsible-ai-security-governance-risk-management-compliance/includes/1-introduction.md b/learn-pr/wwl/design-responsible-ai-security-governance-risk-management-compliance/includes/1-introduction.md
@@ -1,7 +1,11 @@
-Modern AI agents operate across complex cloud environments where security, compliance, and responsible design are essential. This module introduces the foundational concepts solution architects must apply when designing safe and trustworthy agentbased systems. It focuses on building AI experiences that protect data, respect organizational policies, and uphold responsible AI expectations throughout the solution lifecycle.
+## Overview
+
+Modern AI agents operate across complex cloud environments where security, compliance, and responsible design are essential. This module introduces the foundational concepts solution architects must apply when designing safe and trustworthy agentbased systems.
+
+It focuses on building AI experiences that protect data, respect organizational policies, and uphold responsible AI expectations throughout the solution lifecycle.
 
 You will explore how identity, access control, data governance, model security, and observability work together to create a defenseindepth posture for autonomous and semiautonomous agents. The module highlights how to translate business and compliance requirements into practical technical controls that regulate what agents can access, how they behave, and how their actions are monitored.
 
 Architects will also learn how to identify vulnerabilities across prompts, models, data flows, and agent workflows. The content emphasizes proactive risk mitigation, layered safeguards, and structured evaluation practices to ensure solutions remain secure, predictable, and aligned with organizational standards.
 
-By the end of the module, you will understand how to design AI systems that balance innovation with accountability. You will gain the skills to build secure, governed, and compliant agent solutions that scale responsibly across the enterprise.
+By the end of the module, you will understand how to design AI systems that balance innovation with accountability. You will gain the skills to build secure, governed, and compliant agent solutions that scale responsibly across the enterprise.
diff --git a/learn-pr/wwl/design-responsible-ai-security-governance-risk-management-compliance/includes/2-design-security-agents.md b/learn-pr/wwl/design-responsible-ai-security-governance-risk-management-compliance/includes/2-design-security-agents.md
@@ -182,25 +182,25 @@ Version artifacts, enforce approvals, and use automated checks for security post
 
 ## Design checklist (use in reviews)
 
-- [ ] Agent identities exist for each environment; owners recorded.
+- Agent identities exist for each environment; owners recorded.
 
-- [ ] Managed identities used; no embedded secrets.
+- Managed identities used; no embedded secrets.
 
-- [ ] Role assignments scoped minimally; access reviews scheduled.
+- Role assignments scoped minimally; access reviews scheduled.
 
-- [ ] DLP policies active; sensitivity labels applied to knowledge sources.
+- DLP policies active; sensitivity labels applied to knowledge sources.
 
-- [ ] Data residency and retention configured; purge jobs implemented.
+- Data residency and retention configured; purge jobs implemented.
 
-- [ ] Centralized logging, dashboards, and spend alerts in place.
+- Centralized logging, dashboards, and spend alerts in place.
 
-- [ ] AIspecific threat protection and output moderation enabled.
+- AIspecific threat protection and output moderation enabled.
 
-- [ ] Red team performed; open risks addressed.
+- Red team performed; open risks addressed.
 
-- [ ] MCP/A2A usage documented; allowed external endpoints approved.
+- MCP/A2A usage documented; allowed external endpoints approved.
 
-- [ ] Incident response runbook tested.
+- Incident response runbook tested.
 
 ## Practice (30-45 minutes)
 
@@ -222,10 +222,10 @@ Version artifacts, enforce approvals, and use automated checks for security post
 
 ## References
 
-[https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ai-agents/governance-security-across-organization](/azure/cloud-adoption-framework/ai-agents/governance-security-across-organization)
+- [https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ai-agents/governance-security-across-organization](/azure/cloud-adoption-framework/ai-agents/governance-security-across-organization)
 
-[https://learn.microsoft.com/en-us/training/modules/perform-admin-tasks-microsoft-365-copilot-agents/7-examine-agent-approval-governance](/training/modules/perform-admin-tasks-microsoft-365-copilot-agents/7-examine-agent-approval-governance)
+- [https://learn.microsoft.com/en-us/training/modules/perform-admin-tasks-microsoft-365-copilot-agents/7-examine-agent-approval-governance](/training/modules/perform-admin-tasks-microsoft-365-copilot-agents/7-examine-agent-approval-governance)
 
-[https://learn.microsoft.com/en-us/microsoft-copilot-studio/security-and-governance](/microsoft-copilot-studio/security-and-governance)
+- [https://learn.microsoft.com/en-us/microsoft-copilot-studio/security-and-governance](/microsoft-copilot-studio/security-and-governance)
 
-[https://learn.microsoft.com/en-us/training/paths/manage-iam-for-ai-workloads-on-azure/?sharingId=6F81B482FD5357F5](/training/paths/manage-iam-for-ai-workloads-on-azure/)
+- [https://learn.microsoft.com/en-us/training/paths/manage-iam-for-ai-workloads-on-azure/?sharingId=6F81B482FD5357F5](/training/paths/manage-iam-for-ai-workloads-on-azure/)
diff --git a/learn-pr/wwl/design-responsible-ai-security-governance-risk-management-compliance/includes/4-design-model-security.md b/learn-pr/wwl/design-responsible-ai-security-governance-risk-management-compliance/includes/4-design-model-security.md
@@ -88,7 +88,13 @@ Harden the environment where AI models operate to reduce attack surfaces.
 
 ### Model Hardening Blueprint
 
-:::image type="content" source="../media/model-blue-print.png" alt-text="Modeling hardhening blue print.":::
+| Step | Component | Description / Focus Area  |
+|------|---------|---------|
+| 1	| Secure Compute | Protect computation environments to ensure model safety and confidentiality.|
+| 2 |Private Endpoints | Use private network endpoints to limit exposure and control access.|
+| 3 | Threat Protection | Implement safeguards to detect and mitigate security threats. |
+| 4 | Validation Pipeline | Validate models and data to maintain quality and compliance. |
+| 5 | Monitoring and Drift Detection | Continuously monitor model performance and identify data or model drift. |
 
 ## 5. Threat detection and response
 
diff --git a/learn-pr/wwl/design-responsible-ai-security-governance-risk-management-compliance/includes/5-analyze-solution-ai-vulnerabilities-mitigations-prompt-manipulation.md b/learn-pr/wwl/design-responsible-ai-security-governance-risk-management-compliance/includes/5-analyze-solution-ai-vulnerabilities-mitigations-prompt-manipulation.md
@@ -112,10 +112,6 @@ Models may respond unpredictably when encountering ambiguous, adversarial, or se
 
 - Reviewing access logs for anomalous elevation attempts.
 
-#### RBAC Boundary Diagram
-
-:::image type="content" source="../media/rbac-boundary-diagram.png" alt-text="RBAC Boundary Diagram.":::
-
 ### 5. Agent and workflow-level vulnerabilities
 
 #### AI agents that automate tasks increase risk through:
diff --git a/learn-pr/wwl/design-responsible-ai-security-governance-risk-management-compliance/includes/9-design-audit-trails-changes-models-data.md b/learn-pr/wwl/design-responsible-ai-security-governance-risk-management-compliance/includes/9-design-audit-trails-changes-models-data.md
@@ -152,80 +152,6 @@ Define retention requirements with Legal, Compliance, and Information Security t
 
 - Indefinite retention for incidentrelated archives
 
-## 7. Professional Visual — Audit Trail Architecture
-
-             +-------------------------------+
-
-             |       User / Developer        |
-
-             +---------------+---------------+
-
-                             |
-
-                             v
-
-   +----------------------------------------------------+
-
-   |              AI Model and Data Systems             |
-
-   |  (Model Registry, Datasets, Pipelines, Agents)     |
-
-   +----------------------------------------------------+
-
-                             |
-
-                      Change Events
-
-                             |
-
-                             v
-
-              +-----------------------------+
-
-              |     Audit & Trace Layer     |
-
-              +-----------------------------+
-
-              | - Activity Logs             |
-
-              | - Model Event Logs          |
-
-              | - Data Change Records       |
-
-              | - Tracing (Spans)           |
-
-              +-----------------------------+
-
-                             |
-
-                       Export / Route
-
-                             |
-
-                             v
-
-       +-----------------------------------------------+
-
-       |  Monitoring & Compliance Platform             |
-
-       |  (Azure Monitor, Log Analytics, Sentinel)     |
-
-       +-----------------------------------------------+
-
-                             |
-
-                      Dashboards / Alerts
-
-                             |
-
-                             v
-
-       +-----------------------------------------------+
-
-       |   Governance, Compliance, and Review Teams    |
-
-       +-----------------------------------------------+
-
 ## References
 
 - [https://learn.microsoft.com/en-us/azure/ai-foundry/control-plane/overview?view=foundry](/azure/ai-foundry/control-plane/overview)
