Merge pull request #53595 from ceperezb/CEPEREZB-sc100-design-mcra-mcsb

update module to reflect MCSB v2 instead of v1

Author: denrea

learn-pr/wwl-sci/design-solutions-microsoft-cybersecurity-cloud-security-benchmark/includes/1b-describe-microsoft-cloud-security-benchmark.md

@@ -43,19 +43,18 @@ The following table summarizes the security domains in MCSB:
 
 | Security Domains | Description |
 |---|---|
-| [Network security (NS)](/security/benchmark/azure/mcsb-network-security) | Network Security covers controls to secure and protect networks, including securing virtual networks, establishing private connections, preventing, and mitigating external attacks, and securing DNS. |
-| [Identity Management (IM)](/security/benchmark/azure/mcsb-identity-management) | Identity Management covers controls to establish a secure identity and access controls using identity and access management systems, including the use of single sign-on, strong authentications, managed identities (and service principals) for applications, conditional access, and account anomalies monitoring. |
-| [Privileged Access (PA)](/security/benchmark/azure/mcsb-privileged-access) | Privileged Access covers controls to protect privileged access to your tenant and resources, including a range of controls to protect your administrative model, administrative accounts, and privileged access workstations against deliberate and inadvertent risk. |
-| [Data Protection (DP)](/security/benchmark/azure/mcsb-data-protection) | Data Protection covers control of data protection at rest, in transit, and via authorized access mechanisms, including discover, classify, protect, and monitor sensitive data assets using access control, encryption, key management and certificate management. |
-| [Asset Management (AM)](/security/benchmark/azure/mcsb-asset-management) | Asset Management covers controls to ensure security visibility and governance over your resources. That includes recommendations on permissions for security personnel, security access to asset inventory, and managing approvals for services and resources (inventory, track, and correct). |
-| [Logging and Threat Detection (LT)](/security/benchmark/azure/mcsb-logging-threat-detection) | Logging and Threat Detection covers controls for detecting threats on cloud, and enabling, collecting, and storing audit logs for cloud services, including enabling detection, investigation, and remediation processes with controls to generate high-quality alerts with native threat detection in cloud services; it also includes collecting logs with a cloud monitoring service, centralizing security analysis with a SIEM, time synchronization, and log retention. |
-| [Incident Response (IR)](/security/benchmark/azure/mcsb-incident-response) | Incident Response covers controls in incident response life cycle - preparation, detection and analysis, containment, and post-incident activities, including using cloud services to automate the incident response process. |
-| [Posture and Vulnerability Management (PV)](/security/benchmark/azure/mcsb-posture-vulnerability-management) | Posture and Vulnerability Management focuses on controls for assessing and improving cloud security posture, including vulnerability scanning, penetration testing and remediation, as well as security configuration tracking, reporting, and correction in cloud resources. |
-| [Endpoint Security (ES)](/security/benchmark/azure/mcsb-endpoint-security) | Endpoint Security covers controls in endpoint detection and response, including use of endpoint detection and response (EDR) and anti-malware service for endpoints in cloud environments. |
-| [Backup and Recovery (BR)](/security/benchmark/azure/mcsb-backup-recovery) | Backup and Recovery cover controls to ensure that data and configuration backups at the different service tiers are performed, validated, and protected. |
-| [DevOps Security (DS)](/security/benchmark/azure/mcsb-devops-security) | DevOps Security covers the controls related to the security engineering and operations in the DevOps processes, including deployment of critical security checks (such as static application security testing, vulnerability management) prior to the deployment phase to ensure the security throughout the DevOps process; it also includes common topics such as threat modeling and software supply security. |
-| [Governance and Strategy (GS)](/security/benchmark/azure/mcsb-governance-strategy) | Governance and Strategy provide guidance for ensuring a coherent security strategy and documented governance approach to guide and sustain security assurance, including establishing roles and responsibilities for the different cloud security functions, unified technical strategy, and supporting policies and standards. |
-| [AI Security (AIS)](/security/benchmark/azure/mcsb-ai-security) | AI Security is a new control domain that addresses security considerations specific to AI workloads. It covers protecting AI systems throughout their lifecycle, including data preparation, model training, deployment, and inference operations. |
+| [Network security (NS)](/security/benchmark/azure/mcsb-v2-network-security) | Network Security covers controls to secure and protect networks, including securing virtual networks, establishing private connections, preventing, and mitigating external attacks, and securing DNS. |
+| [Identity Management (IM)](/security/benchmark/azure/mcsb-v2-identity-management) | Identity Management covers controls to establish a secure identity and access controls using identity and access management systems, including the use of single sign-on, strong authentications, managed identities (and service principals) for applications, conditional access, and account anomalies monitoring. |
+| [Privileged Access (PA)](/security/benchmark/azure/mcsb-v2-privileged-access) | Privileged Access covers controls to protect privileged access to your tenant and resources, including a range of controls to protect your administrative model, administrative accounts, and privileged access workstations against deliberate and inadvertent risk. |
+| [Data Protection (DP)](/security/benchmark/azure/mcsb-v2-data-protection) | Data Protection covers control of data protection at rest, in transit, and via authorized access mechanisms, including discover, classify, protect, and monitor sensitive data assets using access control, encryption, key management and certificate management. |
+| [Asset Management (AM)](/security/benchmark/azure/mcsb-v2-asset-management) | Asset Management covers controls to ensure security visibility and governance over your resources. That includes recommendations on permissions for security personnel, security access to asset inventory, and managing approvals for services and resources (inventory, track, and correct). |
+| [Logging and Threat Detection (LT)](/security/benchmark/azure/mcsb-v2-logging-threat-detection) | Logging and Threat Detection covers controls for detecting threats on cloud, and enabling, collecting, and storing audit logs for cloud services, including enabling detection, investigation, and remediation processes with controls to generate high-quality alerts with native threat detection in cloud services; it also includes collecting logs with a cloud monitoring service, centralizing security analysis with a SIEM, time synchronization, and log retention. |
+| [Incident Response (IR)](/security/benchmark/azure/mcsb-v2-incident-response) | Incident Response covers controls in incident response life cycle - preparation, detection and analysis, containment, and post-incident activities, including using cloud services to automate the incident response process. |
+| [Posture and Vulnerability Management (PV)](/security/benchmark/azure/mcsb-v2-posture-vulnerability-management) | Posture and Vulnerability Management focuses on controls for assessing and improving cloud security posture, including vulnerability scanning, penetration testing and remediation, as well as security configuration tracking, reporting, and correction in cloud resources. |
+| [Endpoint Security (ES)](/security/benchmark/azure/mcsb-v2-endpoint-security) | Endpoint Security covers controls in endpoint detection and response, including use of endpoint detection and response (EDR) and anti-malware service for endpoints in cloud environments. |
+| [Backup and Recovery (BR)](/security/benchmark/azure/mcsb-v2-backup-recovery) | Backup and Recovery cover controls to ensure that data and configuration backups at the different service tiers are performed, validated, and protected. |
+| [DevOps Security (DS)](/security/benchmark/azure/mcsb-v2-devop-security) | DevOps Security covers the controls related to the security engineering and operations in the DevOps processes, including deployment of critical security checks (such as static application security testing, vulnerability management) prior to the deployment phase to ensure the security throughout the DevOps process; it also includes common topics such as threat modeling and software supply security. |
+| [AI Security (AI)](/security/benchmark/azure/mcsb-v2-artificial-intelligence-security) | AI Security is a control domain that addresses security considerations specific to AI workloads. It covers protecting AI systems throughout their lifecycle, including data preparation, model training, deployment, and inference operations. |
 
 ### Security controls