Professional Documents
Culture Documents
Federation, a collection of domain that shared trust for shared access to a set of
resources.
Trust is not always bidirectional.
Dictionary Attacks
Brute Force
Password Spray Attacks: Attemps to match a username against a list of weak password
Phishing Attacks
Spear Phishing, target specific group of users.
Whaling, target high level excecutives.
Vishing, uses VoIP.
Azure AD Identity
Azure AD, is Microsoft identity cloud-based and access management service which
help users to sign in and access resources.
Hybrid Identity
Azure AD Connect Cloud Sync, is new offering from Microsoft designed to meet and
accomplish your hybrid identity goals for synchronization of users, groups and
contacts to Azure AD.
B2B Collaboration, allows to share your organization apps and services with guest
users from other organization, while maintaining control over your own data.
Uses and INVITATION AND REDEMPTION PROCESS, allowing external users to access your
resources with their credentials.
work (Azure AD) account
Azure RBAC,
helps you manage who has access to Azure resources, what they can do with those
resources and which resources they have access to.
MFA
Windows Hello for Business, an auth feature buit in Windows 10, that replaces
password with strong two factor auth on PCs and mobile.
Allows to auth:
Microsoft account
an AD account
an Azure ActDirectory account
Identity provider
Conditional Access.
Used by Azure ActDirectory to bring singals together, to make decisions and enforce
organizational policies.
Improves security by enforcing conditions of access.
Azure AD Roles.
Control permissions to manage Azure AD resources
Support built-in and custom role
enable enforce of least privilege
Identity Governance:
Which users should have access to which resources
What are those users doing with that access
Are effective organizational control for managing access
Can auditors verify that the control are working
Entitle Management
An identity Governance feature that enable organization to manage identity and
access lifecycle at scale.
> Add resources, like group, teams, apps to an access package
> Specify permissions by selecting a role.
> Related resources and access package are stored in a catalog.
Access Review
Ensure that only the right people have access to resources.
Azure Defender:
Two pillars of Azure Security Center
Azure Sentinel
Provides visibility and context across silos, including apps, identities, endpoints
and data.
---
---
Microsoft 365 Security Center
Its the new home for monitoring and managing security across your Microsoft
identities, data, devices and apps.
Brings Defender for Endpoint, Defender for Office 365, Microsoft 365 Defender and
MCAS data into the Microsoft 365 Security Center.
security.microsoft.com
----
Microsoft Secure Score
> Help the organization to improve security posture for Microsoft 365 services
Incident
Are a colection of correlated alerts created when a suspicious event is found.
Alerts are generated from different devices and cam come from many different
domain.
Microsoft Intune
A cloud based service that focus on MDM (mobile device management) and MAM (mobile
application management)
MAM policies enable app-centric protection on personal devices in BYOD.
endpoint.microsoft.com
------
Compliance Center
Integrated solution for information protection and governance, insider risk
management, discovery and more
compliance.microsoft.com
Compliance Manager
Measure your progress in completing actions that helps reduce risks around data
protection and regulatory.
Compliance Score
Provides a rollup of compliance based on the assesment items within the template.
-------
Data Classification
Activity Explorer : Allows you to monitor whats being done with your labeled
content through historical view of activitiies on your labeled content.
(What is being done with labeled content?)
Sensitivity Labels
Enable the labeling and protection of content.
Implement data classification.
Labels Policies
Apply protection to documents with a specific labels
Retention Policies
Used to assign the same retention settings to a site level or mailbox level.
Can be applied to multiple locations, or specific locations or users.
Retention Labels
Used to assign retention settings at a item level, such a folder, documents or
email.
An email can have only a single retention label assigned to it at a time.
Record Mangament
DLP
Protect sensitive information
Communication Compliance
helps minimize communication risks by enabling organization to detect, capture, and
take remediation actions for inappropriate messages.
PIM vs PAM
eDiscovery
The process of identifying and delivering electronic information that can be used
as evidence in legal cases.
Content Search:
Consist of searches and export, but not holds.
Core eDiscovery:
You can add sources, create holds and queries, export case results and manage the
lifecycle of your case.
Advanced eDiscovery
Add custodians, automate notifications, view jobs, additional settings.
-----
Search for in-place content such as email, documents and instant messaging in your
organization.
Used to search for content in Exchange, SharePoint, OneDrive, Teams, M365 groups.
---
Data Governance
Azure Purview
A unified data governance service that helps you manage and gover onpremises,
multicloud and SaaS data.
Create a holistic, up to date map of your data landscape, with automated data
discovery, sensitive data classification and end to end data lineage. (timeline of
the data)
Advanced Auditing
Use to conduct forensic and compliance investigation by increasing audit log
retention.
Help to determine the scope of compromise.
------
Resource Governance
Provides mechanism and process to maintain control over your resources in Azure.
Resource Lock
Prevent other users in your organization from accidentally deleting or modifying
critical resources.
------
The Cloud Adoption Framework brings together cloud adoption best practices from
Microsoft employees, partners, and customers. It provides a set of tools, guidance,
and narratives that help shape technology, business, and people strategies for
driving desired business outcomes during your cloud adoption effort.
Organize: Align the teams and roles supporting your organization's cloud adoption
efforts.
---------
Cloud Governance
Features:
Tags: A name and a value pair used to logically organize Azure resources, resource
group and subscriptions into a logical taxonomy.
Can bue used for applying business policies and tracking costs.
-----
Management Group Can contain > Subscriptions > Resource Group > Resource >
---------
Microsoft six key privacy principles:
Control: We will put you in control of your privacy with easy-to-use tools and
clear choices.
Transparency: We will be transparent about data collection and use so you can make
informed decisions.
Security: We will protect the data you entrust to us through strong security and
encryption.
Strong legal protections: We will respect your local privacy laws and fight for
legal protection of your privacy as a fundamental human right.
No content-based targeting: We will not use your email, chat, files or other
personal content to target ads to you.
Benefits to you: When we do collect data, we will use it to benefit you and to make
your experiences better.
-------
Zero Trust principles
Verify explicitly
Always authenticate and authorize based on all available data points, including
user identity, location, device health, service or workload, data classification,
and anomalies.
Assume breach
Minimize blast radius and segment access. Verify end-to-end encryption and use
analytics to get visibility, drive threat detection, and improve defenses.