All Categories: cybersecurity(29) sc-100(22) azure(16) microsoft(14) certification(11) kubernetes(7) productivity(6) linux(5) containers(4) fortinet(4) docker(4) shell(3) fortigate(3) edgevolt labs(3) python(3) terraform(3) sendmail(2) artificial intelligence(2) roku(2) networking(2) iot(2) marvel move(2) zero trust(2) marvel(2) the drive on 17(2) ubuntu(2) budgie(1) key vault(1) security workflows(1) nist(1) microsoft graph(1) verified id(1) mcsb(1) workload security(1) azure blueprints(1) azure landing zone(1) stix(1) taxii(1) data residency(1) azure monitor(1) conditional access(1) cwpp(1) cpsm(1) guardians of the galaxy(1) movie reviews(1) monster hunter now(1) logitech(1) fcp(1) owasp(1) appsec(1) routing(1) ecmp(1) deus ex(1) developer notes(1) listening(1) negative index(1) scripting(1) registry(1) debian(1) bookmarks(1) deepstash(1) micro-learning(1) aws(1) governance(1) fitness(1) java(1) miscellaneous(1) music(1) programming(1) training(1) storage(1) cooking(1) metasploit(1) recipes(1) videogames(1) ssh(1) movies(1) soccer(1) authentication(1) image(1) playlist(1) cli(1) traffic on 17(1) edgevolt radio(1) tcpdump(1) packet capture(1) jks(1) pfx(1) michael hyatt(1) home

[SC-100] MCSB Compliance Control Overview

August 12, 2023

Just a note and friendly reminder that summaries for the Microsoft Cloud Security Benchmark (MCSB) control domains are available here. The table on this page does a great job of summarizing what each of the domains do.

Posted in: certification cybersecurity mcsb microsoft sc-100

[SC-100] Security and agility

August 10, 2023

Another gem from SC-100 study material. Admittedly a little obvious but the thought is expressed very well.

Security needs to become more agile because businesses, government agencies, and other organizations today face a world where services are expected to be provided whenever and wherever people want them.

(Source: . . .

Posted in: azure cybersecurity

[SC-100] Compliance is not security

August 10, 2023

I came across this gem in sc-100 prep material:

While compliance provides a consistent required baseline of security best practices and controls, compliance with security standards is insufficient to make an organization "secure". Keeping an organization secure can change dynamically by the week, day, or hour as . . .

Posted in: cybersecurity microsoft sc-100

[SC-100] Conditional Access frameworks, policies, and naming conventions

August 09, 2023

OK, OK, so it may not necessarily be the most interesting topic...

Nevertheless, I think this article from Microsoft on Conditional Access framework and policies is an important one.

Of particular note, there's a section on naming conventions and how to develop/establish a system that scales well for designating . . .

Posted in: azure certification cybersecurity sc-100

[SC-100] The Seven Properties of Highly Secure Devices

August 07, 2023

Great read from Microsoft: The Seven Properties of Highly Secure Devices.

This doc delves into architectural considerations for designing IoT systems that have security baked in. Good stuff!

Posted in: azure cybersecurity iot sc-100

[SC-100] Microsoft Entra "Verified ID" Feature Explained

August 06, 2023

In case I'm not the only person who as a little unfamiliar with Microsoft's "Verified ID" feature, I came across a great video from Andy Malone that walks through a practical example of how it works.

Here's a high-level diagram as well:

Very interesting and compelling. I think remains to be . . .

Posted in: azure cybersecurity microsoft verified id zero trust

[SC-100] Identity is more than a username

August 06, 2023

While studying for the SC-100 exam, a concept really resonated with me: the definition of identity and its purpose in security.

I think for some folks (myself included), it's been all too easy to think of "identity" as a singular credential; a unique data element. Like an ID card. While understandable, I think that . . .

Posted in: cybersecurity microsoft sc-100

← Previous 1 2 3 4 5 Next →