fix blocking issues and minor edit on unit titles

Author: ceperezb

learn-pr/wwl-sci/.openpublishing.redirection.wwl-sci.json

@@ -729,23 +729,13 @@
 		"redirect_document_id": false
 		},
     {
-      "source_path_from_root": "/learn-pr/wwl-sci/design-solutions-security-operations/4-design-security-information-event-management-solutions.yml",
-      "redirect_url": "/training/modules/design-solutions-security-operations/design-centralized-logging-auditing",
+      "source_path_from_root": "/learn-pr/wwl-sci/design-solutions-security-operations/includes/4-design-security-information-event-management-solutions.yml",
+      "redirect_url": "/training/modules/design-solutions-security-operations/5-design-solutions-detection-response",
       "redirect_document_id": false
     },
     {
-      "source_path_from_root": "/learn-pr/wwl-sci/design-solutions-security-operations/includes/4-design-security-information-event-management-solutions.md",
-      "redirect_url": "/training/modules/design-solutions-security-operations/design-centralized-logging-auditing",
-      "redirect_document_id": false
-    },
-    {
-      "source_path_from_root": "/learn-pr/wwl-sci/design-solutions-security-posture-management-hybrid-multicloud-environments/5-evaluate-security-posture-secure-scores.yml",
-      "redirect_url": "/training/modules/design-solutions-security-posture-management-hybrid-multicloud-environments/evaluate-security-posture-microsoft-defender-cloud",
-      "redirect_document_id": false
-    },
-    {
-      "source_path_from_root": "/learn-pr/wwl-sci/design-solutions-security-posture-management-hybrid-multicloud-environments/includes/5-evaluate-security-posture-secure-scores.md",
-      "redirect_url": "/training/modules/design-solutions-security-posture-management-hybrid-multicloud-environments/evaluate-security-posture-microsoft-defender-cloud",
+      "source_path_from_root": "/learn-pr/wwl-sci/design-solutions-security-posture-management-hybrid-multicloud-environments/includes/5-evaluate-security-posture-secure-scores.yml",
+      "redirect_url": "/training/modules/design-solutions-security-posture-management-hybrid-multicloud-environments/4-evaluate-security-posture-microsoft-defender-cloud",
       "redirect_document_id": false
     }
     ]

learn-pr/wwl-sci/design-solutions-security-posture-management-hybrid-multicloud-environments/2-evaluate-security-posture-microsoft-cloud-security-benchmark.yml

@@ -1,13 +1,13 @@
 ### YamlMime:ModuleUnit
 uid: learn.wwl.design-solutions-security-posture-management-hybrid-multicloud-environments.evaluate-security-posture-microsoft-cloud-security-benchmark
-title: Evaluate security posture by using Microsoft Cloud Security Benchmark
+title: Use the Microsoft Cloud Security Benchmark to design and evaluate security posture
 metadata:
-  title: Evaluate security posture by using Microsoft Cloud Security Benchmark
-  description: "SC-100 preparatory unit on the topic: evaluate security posture by using Microsoft Cloud Security Benchmark."
+  title: Use the Microsoft Cloud Security Benchmark to design and evaluate security posture
+  description: "SC-100 preparatory unit on the topic: use the Microsoft Cloud Security Benchmark to design and evaluate security posture."
   ms.date: 02/05/2026
   author: ceperezb
   ms.author: ceperezb
   ms.topic: unit
-durationInMinutes: 4
+durationInMinutes: 5
 content: |
   [!include[](includes/2-evaluate-security-posture-microsoft-cloud-security-benchmark.md)]

learn-pr/wwl-sci/design-solutions-security-posture-management-hybrid-multicloud-environments/3-design-integrated-posture-management-workload-protection.yml

@@ -1,9 +1,9 @@
 ### YamlMime:ModuleUnit
 uid: learn.wwl.design-solutions-security-posture-management-hybrid-multicloud-environments.design-integrated-posture-management-workload-protection
-title: Design integrated posture management and workload protection with Microsoft Defender for Cloud
+title: Design integrated posture management solutions with Microsoft Defender for Cloud in hybrid and multicloud environments
 metadata:
-  title: Design integrated posture management and workload protection with Microsoft Defender for Cloud
-  description: "SC-100 preparatory unit on the topic: design integrated posture management and workload protection with Microsoft Defender for Cloud."
+  title: Design integrated posture management solutions with Microsoft Defender for Cloud in hybrid and multicloud environments
+  description: "SC-100 preparatory unit on the topic: design integrated posture management solutions with Microsoft Defender for Cloud in hybrid and multicloud environments."
   ms.date: 02/05/2026
   author: ceperezb
   ms.author: ceperezb

learn-pr/wwl-sci/design-solutions-security-posture-management-hybrid-multicloud-environments/4-evaluate-security-posture-microsoft-defender-cloud.yml

@@ -1,9 +1,9 @@
 ### YamlMime:ModuleUnit
 uid: learn.wwl.design-solutions-security-posture-management-hybrid-multicloud-environments.evaluate-security-posture-microsoft-defender-cloud
-title: Evaluate security posture by using Microsoft Defender for Cloud
+title: Evaluate security posture by using Microsoft Defender for Cloud, including Secure Score
 metadata:
-  title: Evaluate security posture by using Microsoft Defender for Cloud
-  description: "SC-100 preparatory unit on the topic: evaluate security posture by using Microsoft Defender for Cloud."
+  title: Evaluate security posture by using Microsoft Defender for Cloud, including Secure Score
+  description: "SC-100 preparatory unit on the topic: evaluate security posture by using Microsoft Defender for Cloud, including Secure Score."
   ms.date: 02/05/2026
   author: ceperezb
   ms.author: ceperezb

learn-pr/wwl-sci/design-solutions-security-posture-management-hybrid-multicloud-environments/7-integrate-hybrid-multi-cloud-environments-azure-arc.yml

@@ -1,9 +1,9 @@
 ### YamlMime:ModuleUnit
 uid: learn.wwl.design-solutions-security-posture-management-hybrid-multicloud-environments.integrate-hybrid-multi-cloud-environments-azure-arc
-title: Integrate hybrid and multicloud environments with Azure Arc
+title: Design a solution for integrating hybrid and multicloud environments by using Azure Arc
 metadata:
-  title: Integrate hybrid and multicloud environments with Azure Arc
-  description: "SC-100 preparatory unit on the topic: Integrate hybrid and multicloud environments with Azure Arc."
+  title: Design a solution for integrating hybrid and multicloud environments by using Azure Arc
+  description: "SC-100 preparatory unit on the topic: Design a solution for integrating hybrid and multicloud environments by using Azure Arc."
   ms.date: 02/05/2026
   author: ceperezb
   ms.author: ceperezb

learn-pr/wwl-sci/design-solutions-security-posture-management-hybrid-multicloud-environments/includes/2-evaluate-security-posture-microsoft-cloud-security-benchmark.md

@@ -1,29 +1,37 @@
-Evaluating your organization's security posture requires a consistent framework that can be applied across Azure, AWS, GCP, and on-premises environments. The Microsoft Cloud Security Benchmark (MCSB) v2 serves as this evaluation framework, providing defined security controls you can measure your environment against.
+Designing and evaluating the security posture of hybrid and multicloud environments starts with selecting the right security framework. The Microsoft Cloud Security Benchmark (MCSB) provides a foundation for both designing your security architecture and evaluating your current posture against industry best practices.
 
-## Using MCSB to evaluate security posture
+## Designing with MCSB as your security framework
 
-MCSB enables you to evaluate security posture by comparing your current configurations and practices against defined security controls. This evaluation process helps you:
+MCSB serves as more than an evaluation checklist—it's a design framework that guides your security architecture decisions. When designing your posture management solution, consider how MCSB fits into your overall approach.
 
-- **Identify gaps**: Compare your current security configurations against MCSB control requirements to find areas that need improvement.
-- **Prioritize improvements**: Use MCSB's risk-based guidance to focus on controls that address your highest risks.
-- **Measure progress**: Track compliance against MCSB controls over time to demonstrate security posture improvement.
-- **Benchmark across clouds**: Apply the same evaluation criteria across Azure, AWS, and GCP since MCSB provides implementation guidance for each platform.
+**When to use MCSB as your primary baseline**: MCSB is appropriate as your primary security standard when:
+- Your organization operates across Azure, AWS, and GCP (MCSB provides implementation guidance for all three)
+- You need a comprehensive framework covering network, identity, data, and application security
+- You want alignment with industry frameworks without maintaining separate mappings
 
-For security posture management specifically, MCSB provides the Posture and Vulnerability Management (PV) domain. These controls define what a mature security posture looks like and give you the criteria to evaluate against.
+**Mapping to regulatory requirements**: MCSB maps to common regulatory frameworks including PCI-DSS, ISO 27001, NIST SP 800-53, and CIS Controls. Design your compliance strategy by:
+- Using MCSB as the operational baseline
+- Mapping MCSB controls to your specific regulatory requirements
+- Identifying gaps where regulations require controls beyond MCSB
 
-## MCSB controls for security posture evaluation
+**Designing exception management**: Not all MCSB controls apply to every workload. Design an exception process that documents:
+- Which controls don't apply and why
+- Compensating controls in place
+- Review cadence for exceptions
 
-The PV domain contains seven controls that serve as evaluation criteria for your security posture. Use the following table to assess your environment's alignment with each control:
+## Evaluating posture against MCSB
 
-| Control | What to evaluate | Questions to ask |
-|---------|------------------|------------------|
-| PV-1: Define and establish secure configurations | Whether security configuration baselines exist for each resource type and are applied during deployment. | Do you have documented baselines? Are configurations enforced at deployment time? |
-| PV-2: Audit and enforce secure configurations | Whether you continuously monitor for configuration drift and can enforce compliance across environments. | Can you detect when configurations change? Do you have remediation policies in place? |
-| PV-3: Define secure configurations for compute | Whether VMs and containers are deployed from hardened images with defined security baselines. | Are you using hardened images? Are OS security baselines defined and documented? |
-| PV-4: Audit and enforce compute configurations | Whether compute resources are monitored for configuration deviations with automated remediation. | Do you have visibility into compute configuration drift across all cloud providers? |
-| PV-5: Perform vulnerability assessments | Whether regular vulnerability scans cover all resource types with tracked remediation. | Are scans scheduled regularly? Do you have a centralized view of findings across clouds? |
-| PV-6: Remediate vulnerabilities automatically | Whether patches and updates are deployed automatically using risk-based prioritization. | Is patching automated? Are critical vulnerabilities prioritized appropriately? |
-| PV-7: Conduct red team operations | Whether penetration testing and red team exercises validate your security controls. | Do you conduct regular security testing? Are findings tracked to remediation? |
+With your design in place, use MCSB to evaluate your current security posture. The Posture and Vulnerability Management (PV) domain defines what mature posture management looks like:
+
+| Control | Evaluation criteria | Design questions |
+|---------|---------------------|------------------|
+| PV-1: Define secure configurations | Security baselines exist for each resource type | Do you have documented baselines enforced at deployment? |
+| PV-2: Audit and enforce configurations | Continuous monitoring detects drift | Can you detect configuration changes with automated remediation? |
+| PV-3: Define compute configurations | VMs and containers deploy from hardened images | Are OS security baselines defined and documented? |
+| PV-4: Audit compute configurations | Compute resources monitored for deviations | Do you have visibility across all cloud providers? |
+| PV-5: Perform vulnerability assessments | Regular scans cover all resource types | Do you have centralized findings across clouds? |
+| PV-6: Remediate vulnerabilities | Patches deploy using risk-based prioritization | Is patching automated with critical vulnerabilities prioritized? |
+| PV-7: Conduct red team operations | Penetration testing validates controls | Are findings tracked to remediation? |
 
 ## Conducting an MCSB-based evaluation
 
@@ -35,4 +43,4 @@ To evaluate your security posture using MCSB:
 
 3. **Plan remediation**: Prioritize gaps based on risk and create a roadmap to address them, using MCSB's implementation guidance for your specific cloud platforms.
 
-For detailed control requirements and platform-specific guidance, see [Posture and vulnerability management](/security/benchmark/azure/mcsb-posture-vulnerability-management) in the official MCSB documentation.
+For detailed control requirements and platform-specific guidance, see [Posture and vulnerability management](/security/benchmark/azure/mcsb-posture-vulnerability-management) in the MCSB documentation.

learn-pr/wwl-sci/design-solutions-security-posture-management-hybrid-multicloud-environments/includes/4-evaluate-security-posture-microsoft-defender-cloud.md

@@ -34,7 +34,7 @@ Secure score is Defender for Cloud's primary metric for evaluating security post
 
 The Cloud Secure Score ranges from 0 to 100, with 100 indicating an optimal security posture. This model provides more accurate prioritization by factoring in contextual risk.
 
-:::image type="content" source="../media/cloud-secure-score.png" alt-text="Screenshot of a the Cloud Secure Score and the Defender CSPM plan." lightbox="../media/cloud-secure-score.png":::
+:::image type="content" source="../media/cloud-secure-score.png" alt-text="Screenshot of the Cloud Secure Score and the Defender CSPM plan." lightbox="../media/cloud-secure-score.png":::
 
 ### How Cloud Secure Score works
 

learn-pr/wwl-sci/design-solutions-security-posture-management-hybrid-multicloud-environments/includes/7-integrate-hybrid-multi-cloud-environments-azure-arc.md

@@ -81,7 +81,7 @@ Design your resource hierarchy to support security governance:
 
 ## Addressing common design challenges
 
-**Disconnected scenarios**: Arc-enabled servers require periodic connectivity to Azure (at least every 30 days by default). For occasionally-connected scenarios, plan for this requirement. Arc-enabled Kubernetes clusters support GitOps for configuration even during disconnection.
+**Disconnected scenarios**: Arc-enabled servers require periodic connectivity to Azure (at least every 30 days by default). For occasionally connected scenarios, plan for this requirement. Arc-enabled Kubernetes clusters support GitOps for configuration even during disconnection.
 
 **Network segmentation**: If Arc resources exist in restricted network segments, aggregate traffic through proxies or deploy Arc gateway to minimize firewall openings.