All Categories: cybersecurity(26) sc-100(19) azure(15) microsoft(13) certification(9) productivity(6) fortinet(3) linux(3) edgevolt labs(3) marvel(2) iot(2) python(2) shell(2) artificial intelligence(2) ubuntu(2) roku(2) zero trust(2) the drive on 17(2) marvel move(2) fortigate(2) ssh(1) movies(1) soccer(1) listening(1) authentication(1) image(1) playlist(1) cli(1) negative index(1) programming(1) scripting(1) music(1) traffic on 17(1) edgevolt radio(1) jks(1) pfx(1) michael hyatt(1) budgie(1) key vault(1) security workflows(1) nist(1) microsoft graph(1) verified id(1) registry(1) mcsb(1) workload security(1) azure blueprints(1) azure landing zone(1) azure monitor(1) conditional access(1) debian(1) cwpp(1) cpsm(1) miscellaneous(1) guardians of the galaxy(1) movie reviews(1) bookmarks(1) monster hunter now(1) logitech(1) fcp(1) owasp(1) appsec(1) routing(1) ecmp(1) governance(1) java(1) deus ex(1) cooking(1) metasploit(1) developer notes(1) recipes(1) fitness(1) videogames(1) training(1) containers(1) home

[SC-100] Compliance is not security

August 10, 2023

I came across this gem in sc-100 prep material:

While compliance provides a consistent required baseline of security best practices and controls, compliance with security standards is insufficient to make an organization "secure". Keeping an organization secure can change dynamically by the week, day, or hour as . . .

Posted in: cybersecurity microsoft sc-100

[SC-100] Conditional Access frameworks, policies, and naming conventions

August 09, 2023

OK, OK, so it may not necessarily be the most interesting topic...

Nevertheless, I think this article from Microsoft on Conditional Access framework and policies is an important one.

Of particular note, there's a section on naming conventions and how to develop/establish a system that scales well for designating . . .

[SC-100] The Seven Properties of Highly Secure Devices

August 07, 2023

Great read from Microsoft: The Seven Properties of Highly Secure Devices.

This doc delves into architectural considerations for designing IoT systems that have security baked in. Good stuff!

Posted in: azure cybersecurity iot sc-100

[SC-100] Identity is more than a username

August 06, 2023

While studying for the SC-100 exam, a concept really resonated with me: the definition of identity and its purpose in security.

I think for some folks (myself included), it's been all too easy to think of "identity" as a singular credential; a unique data element. Like an ID card. While understandable, I think that . . .

Posted in: cybersecurity microsoft sc-100

Trivial terminology: MITRE vs MITRE Engenuity?

What's the difference?

August 05, 2023

I like this succinct explanation from Check Point on the difference between "MITRE" and "MITRE Engenuity". Good stuff.

The MITRE Corporation is a US Government federally funded research and development center (FFRDC), and the MITRE Engenuity is a foundation dedicated to using the research and technology . . .

Posted in: cybersecurity sc-100

[SC-100] NIST 800-61 response management phases

August 05, 2023

I'm digging this simple (but functional!) illustration of the NIST 800-161 response management phases, courtesy of Microsoft Learning:

Good stuff!

Posted in: cybersecurity microsoft nist sc-100

[SC-100] Simplified explanation of technical response to incidents

August 05, 2023

While perusing a study guide for SC-100 exam, I came across a really nice and succinct explanation for technical response. It's one of my favorite quotes now:

(...) there are two key goals that every incident response should aim to address from a technical perspective. The first is identifying the scope of the attack (...) . . .

← Previous 1 2 3 Next →