MicrosoftDocs
diff --git a/‎docs/sql-server/azure-arc/assess.md‎
Lines changed: 28 additions & 27 deletions b/‎docs/sql-server/azure-arc/assess.md‎
Lines changed: 28 additions & 27 deletions
diff --git a/‎docs/sql-server/azure-arc/configure-advanced-data-security.md‎
Lines changed: 9 additions & 10 deletions b/‎docs/sql-server/azure-arc/configure-advanced-data-security.md‎
Lines changed: 9 additions & 10 deletions
@@ -4,7 +4,7 @@ description: Configure on-demand SQL Assessment on an SQL Server on Azure Arc-en
 author: anosov1960
 ms.author: sashan 
 ms.reviewer: mikeray
-ms.date: 04/06/2021
+ms.date: 07/30/2021
 ms.topic: conceptual
 ms.prod: sql
 ---
@@ -15,11 +15,11 @@ SQL Assessment provides a mechanism to evaluate your configuration of SQL Server
 ## Prerequisites
 
 * Your Windows-based SQL Server instance is connected to Azure Arc. Follow the instructions to [onboard your SQL Server instance to  Arc-enabled SQL Server](connect.md).
-   
+
    > [!NOTE]
    > On-demand SQL Assessment is currently limited to SQL Server running on Windows machines. This will not work for SQL on Linux machines.
 
-* The Microsoft Monitoring Agent (MMA) extension must be installed and configured on the machine. View the [Install MMA](configure-advanced-data-security.md#install-microsoft-monitoring-agent-mma) article for instructions. You can also get more information on the [Log Analytics Agent](/azure/azure-monitor/platform/log-analytics-agent) article.
+* The Microsoft Monitoring Agent (MMA) must be installed and configured on the machine. View the [Install MMA](configure-advanced-data-security.md#install-microsoft-monitoring-agent-mma) article for instructions. You can also get more information on the [Log Analytics Agent](/azure/azure-monitor/platform/log-analytics-agent) article.
 
 * Your SQL Server instance must have the [TCP/IP protocol enabled](../../database-engine/configure-windows/enable-or-disable-a-server-network-protocol.md).
 
@@ -34,43 +34,44 @@ SQL Assessment provides a mechanism to evaluate your configuration of SQL Server
    > [!div class="mx-imgBorder"]
    > [ ![Screenshot showing the Environment Health screen of a SQL Server - Azure Arc resource.](media/assess/sql-assessment-heading-sql-server-arc.png) ](media/assess/sql-assessment-heading-sql-server-arc.png#lightbox)
 
-> [!IMPORTANT]
-> If MMA extension is not installed, you will not be able to initiate the on-demand SQL Assessment.
+   > [!IMPORTANT]
+   > If the MMA extension is not installed, you can't initiate the on-demand SQL Assessment.
 
-2. Select the  account type. If you have a Managed service account, it will allow you to initiate SQL Assessment directly from the Portal. Specify the account name.
+2. Select the  account type. If you have a Managed service account, it will allow you to initiate SQL Assessment directly from the portal. Specify the account name.
 
-> [!NOTE]
-> Specifying a *Managed service account* will activate the **Configure SQL Assessment** button so you could initiate the assessment from the Portal by deploying a *CustomScriptExtension*. Because only one *CustomScriptExtension* can be deployed at a time, the script extension for SQL Assessment 
-will be automatically removed after execution. If you already have another *CustomScriptExtension* deployed to the hosting machine,  the **Configure SQL Assessment** button will not be activated.
+   > [!NOTE]
+   > Specifying a *Managed service account* activates the **Configure SQL Assessment** button so you can initiate the assessment from the portal by deploying a *CustomScriptExtension*. Because you can only deploy one *CustomScriptExtension* at a time, the script extension for SQL Assessment will be automatically removed after execution.
+   >
+   > If you already have another *CustomScriptExtension* deployed to the hosting machine,  the **Configure SQL Assessment** button will not be activated.
 
-3. Specify a working directory on the data collection machine if you want to change the default. By default, `C:\sql_assessment\work_dir` is used. During collection and analysis, data is temporarily stored in that folder. If the folder doesn't exist, it's created automatically.
+3. Specify a working directory on the data collection machine if you want to change the default. By default, `C:\sql_assessment\work_dir` is used. During collection and analysis, the assessment temporarily stores data in that folder. If the folder doesn't exist, the assessment creates it automatically.
 
-4. If you initiate SQL Assessment from the Portal by clicking **Configure SQL Assessment**, a standard deployment bubble will show up.
+4. If you initiate SQL Assessment from the portal by clicking **Configure SQL Assessment**, the portal presents a standard deployment bubble.
 
-> [!div class="mx-imgBorder"]
+   > [!div class="mx-imgBorder"]
    > [ ![Screenshot showing deploymentof the CustomScriptExtension.](media/assess/sql-assessment-custom-script-deployment.png) ](media/assess/sql-assessment-custom-script-deployment.png#lightbox)
 
-5. If you prefer initiating SQL Assessment from the target machine, click **Download configuration script**, copy the downloaded script to the target machine and and execute one of the following code blocks in a admin instance of **powershell.exe**:
+   Alternatively, you can initiate SQL Assessment from the target machine. Click **Download configuration script**, copy the downloaded script to the target machine and and execute one of the following code blocks in a admin instance of **powershell.exe**:
 
-   * _Domain account_:  You'll be prompted for the user account and password.
+      * _Domain account_:  You'll be prompted for the user account and password.
 
-      ```powershell
-      Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass -Force
-      & '.\AddSqlAssessment.ps1'
-      ```
+         ```powershell
+         Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass -Force
+         & '.\AddSqlAssessment.ps1'
+         ```
 
-   * _Managed Service Account (MSA)_
+      * _Managed Service Account (MSA)_
 
-      ```powershell
-      Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass -Force
-      & '.\AddSqlAssessment.ps1' -ManagedServiceAccountName <MSA account name>
-      ```
+         ```powershell
+         Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass -Force
+         & '.\AddSqlAssessment.ps1' -ManagedServiceAccountName <MSA account name>
+         ```
 
-> [!NOTE]
-> The script schedules a task named *SQLAssessment*, which triggers data collection. This task executes within an hour after you've run the script. It then repeats every seven days.
+   > [!NOTE]
+   > The script schedules a task named *SQLAssessment*, which triggers data collection. This task executes within an hour after you've run the script. It then repeats every seven days.
 
-> [!TIP]
-> You can modify the task to run on a different date and time or even force it to run immediately. In the the task scheduler library, find **Microsoft** > **Operations Management Suite** > **AOI\*\*\*** > **Assessments** > **SQLAssessment**.
+   > [!TIP]
+   > You can modify the task to run on a different date and time or even force it to run immediately. In the the task scheduler library, find **Microsoft** > **Operations Management Suite** > **AOI\*\*\*** > **Assessments** > **SQLAssessment**.
 
 ## View SQL Assessment results
 
 
@@ -5,24 +5,23 @@ description: Configure advanced data security for an instance of SQL Server on A
 author: anosov1960
 ms.author: sashan 
 ms.reviewer: mikeray
-ms.date: 04/06/2021
+ms.date: 07/30/2021
 ms.topic: conceptual
 ms.prod: sql
 ---
 # Configure advanced data security | SQL Server on Azure Arc-enabled servers
 
-You can enable advanced data security for your SQL Server instances on premises by following these steps.
+You can enable advanced data security for your SQL Server instances on-premises by following these steps.
 
 ## Prerequisites
 
 * Your Windows-based SQL Server instance is connected to Azure Arc. Follow the instructions to [onboard your SQL Server instance to  Arc-enabled SQL Server](connect.md).
 
    > [!NOTE]
-   > Azure Defender currently limited to SQL Server running on Windows machines. This will not work for SQL on Linux machines.
+   > Azure Defender is only supported for SQL Server instances on Windows machines. This will not work for SQL Server on Linux machines.
 
 * Your user account is assigned one of the [Security Center Roles (RBAC)](/azure/security-center/security-center-permissions)
 
-
 ## Create a Log Analytics workspace
 
 1. Search for __Log Analytics workspaces__ resource type and add a new one through the creation blade.
@@ -32,21 +31,21 @@ You can enable advanced data security for your SQL Server instances on premises
    > [!NOTE]
    > You can use a Log Analytics workspace in any region so if you already have one, you can use it. But we recommend creating it in the same region where your __Machine - Azure Arc__ resource is created.
 
-1. Go to the overview page of the Log Analytics workspace resource and select “Windows, Linux and other sources”. Copy the workspace ID and primary key for later use.
+1. Go to the overview page of the Log Analytics workspace resource and select **Windows, Linux, and other sources**. Copy the workspace ID and primary key for later use.
 
    ![Log analytics workspace blade](media/configure-advanced-data-security/log-analytics-workspace-blade.png)
 
 ## Install Microsoft Monitoring Agent (MMA)
 
-The next step is needed only if you have not yet configured the MMA agent on the remote machine yet.
+The next step is needed only if you have not yet configured MMA on the remote machine.
 
 1. Select the __Machine - Azure Arc__ resource for the virtual or physical server where the SQL Server instance is installed and add the extension __Microsoft Monitoring Agent - Azure Arc__ using the  **Extensions** feature. When asked to configure the Log Analytics workspace, use the workspace ID and primary you saved in the previous step.
 
    ![Install MMA](media/configure-advanced-data-security/install-mma-extension.png)
 
-1. After validation succeeds, click **Create** to start the MMA Arc Extension deployment workflow. When deployment completes the status will be updated to **Succeeded**.
+1. After validation succeeds, click **Create** to start the MMA Arc Extension deployment workflow. When the deployment completes, the status updates to **Succeeded**.
 
-1. For more details, see [Extension management with Azure Arc](/azure/azure-arc/servers/manage-vm-extensions)
+1. For more information, see [Extension management with Azure Arc](/azure/azure-arc/servers/manage-vm-extensions).
 
 ## Enable Azure Defender
 
@@ -61,7 +60,7 @@ Next, you need to enable Azure Defender for SQL Server instance.
    ![Upgrade workspace](media/configure-advanced-data-security/enable-azure-defender.png)
 
  > [!NOTE]
-   > The first scan to generate the vulnerability assessment will happen within 24 hours after enabling advanced data security. After that, auto scans will be performed every week on Sunday.
+   > The first scan to generate the vulnerability assessment happens within 24 hours after enabling advanced data security. After that, auto scans are be performed every week on Sunday.
 
 ## Explore
 
@@ -84,7 +83,7 @@ Explore security anomalies and threats in Azure Security Center.
    ![Alert mitigation](media/configure-advanced-data-security/brute-force-alert-mitigation.png)
 
 > [!NOTE]
-> The general __Security Center__ link at the top of the page does not use the Preview portal URL so your __SQL Server - Azure Arc__ resources will not be visible there. We recommend following the links for the individual recommendations or alerts.
+> The general __Security Center__ link at the top of the page does not use the preview portal URL so your __SQL Server - Azure Arc__ resources are not be visible there. Follow the links for the individual recommendations or alerts.
 
 ## Next steps