[SC-100] The purpose of Azure Subscriptions

August 13, 2023

Azure Subscriptions are (to me at least) an interesting concept/term. I've taken several Microsoft exams involving the topic but to date, I haven't necessarily found a succinct way to describe them. This description in SC-100 training documentation is one of the best I've seen:

Everything starts with a subscription, . . .

Posted in: azure cybersecurity sc-100

[SC-100] Defender for Cloud - Recommendations vs Alerts vs Vulnerability Assessment

August 13, 2023

Maybe it's just me, but I was starting to get a little confused on the differences in Azure workload security options. There's essentially three elements:

"Security Recommendations"
"Alerts"
"Vulnerability Assessment"

What's the difference though? Just for the heck . . .

Posted in: azure certification cybersecurity microsoft sc-100 workload security

[SC-100] CWPP vs CSPM

Gotta love acronyms and abbreviations, right?

August 12, 2023

While studying for the SC-100, there's a few terms that kept coming up:

"Cloud Workload Protection Platform" (CWPP)
"Cloud Security Posture Management" (CSPM)

I can infer some context based on the names but I was curious to know exactly what the difference was between them. Thankfully, . . .

Posted in: azure cpsm cwpp cybersecurity microsoft sc-100

[SC-100] MCSB Compliance Control Overview

August 12, 2023

Just a note and friendly reminder that summaries for the Microsoft Cloud Security Benchmark (MCSB) control domains are available here. The table on this page does a great job of summarizing what each of the domains do.

Posted in: certification cybersecurity mcsb microsoft sc-100

[SC-100] Security and agility

August 10, 2023

Another gem from SC-100 study material. Admittedly a little obvious but the thought is expressed very well.

Security needs to become more agile because businesses, government agencies, and other organizations today face a world where services are expected to be provided whenever and wherever people want them.

(Source: . . .

Posted in: azure cybersecurity

[SC-100] Compliance is not security

August 10, 2023

I came across this gem in sc-100 prep material:

While compliance provides a consistent required baseline of security best practices and controls, compliance with security standards is insufficient to make an organization "secure". Keeping an organization secure can change dynamically by the week, day, or hour as . . .

Posted in: cybersecurity microsoft sc-100

[SC-100] Conditional Access frameworks, policies, and naming conventions

August 09, 2023

OK, OK, so it may not necessarily be the most interesting topic...

Nevertheless, I think this article from Microsoft on Conditional Access framework and policies is an important one.

Of particular note, there's a section on naming conventions and how to develop/establish a system that scales well for designating . . .

Posted in: azure certification cybersecurity sc-100

All Categories: cybersecurity(26) sc-100(22) azure(16) microsoft(15) certification(11) productivity(6) linux(5) edgevolt labs(3) shell(3) marvel move(2) zero trust(2) marvel(2) training(2) fortinet(2) sendmail(2) the drive on 17(2) roku(2) iot(2) pfx(1) michael hyatt(1) budgie(1) key vault(1) security workflows(1) nist(1) microsoft graph(1) verified id(1) mcsb(1) workload security(1) azure blueprints(1) azure landing zone(1) stix(1) taxii(1) data residency(1) azure monitor(1) conditional access(1) cwpp(1) cpsm(1) fitness(1) movie reviews(1) monster hunter now(1) logitech(1) hack the box(1) fcp(1) guardians of the galaxy(1) java(1) miscellaneous(1) music(1) networking(1) cooking(1) metasploit(1) recipes(1) movies(1) soccer(1) authentication(1) playlist(1) ubuntu(1) traffic on 17(1) edgevolt radio(1) tcpdump(1) packet capture(1) jks(1) home

← Previous 1 2 3 4 5 6 7 8 9 Next →