微软SC-900(Azure安全基础)备考笔记

这篇具有很好参考价值的文章主要介绍了微软SC-900(Azure安全基础)备考笔记。希望对大家有所帮助。如果存在错误或未考虑完全的地方,请大家不吝赐教,您也可以点击"举报违法"按钮提交疑问。

微软SC-900(Azure安全基础)备考笔记

写在前面

因为sc-900是英文考试(或是有中文版本但我不知道),我复习和刷题也是看的英文材料,因此该笔记会以英文为基础,遇到比较少见的单词时我会标注翻译。

该笔记单纯旨在通过考试,对实践的帮助不大。sc-900,依我拙见,也不是一个能学到很多知识的考试。想要了解网络安全基础概念的朋友,可以了解一下ISC^2最近发布的CC(certified in cybersecurity)考试。之后我也会发布cc的学习笔记。

SC-900

  • 60分钟
  • 40-60道题
  • 满分1000分,700分以上合格

笔记

评分相关

secure score: 网络安全系数

compliance score: 员工是否遵从规定,按程序行事

功能相关

Azure Active Directory(Azure AD):

  • cloud-based identity and access management service

Azure AD identity protection

  • automate the detection and remediation of identity-based risk
  • investigate risks using data in the portal

MS defender:

  • MS Defender for Identity:
    • cloud-based solution that leverage(借助) on-premises Active Directory Domain Service(AD DS) to identify, detect, ... risks
  • MS Defender for Endpoint:
    • 一般跟装备(device)有关的就选这个
    • secure score就存在这
    • automatic investigation and regulation
    • attack surface reduction
  • MS Defender for Office 365:
    • protect from malicious threats posted by email messages, links, ...
    • real-time report
  • MS Defender for Cloud:
    • manage security for a multi-cloud environment(微软,谷歌,亚马逊结合到一起管理)
    • assess security posture, identify threats, harden resource
  • MS Defender for Cloud App:
    • Cloud Access Security Broker(CASB) that supports various deployment modes
      • CASB四大要素: visibility, compliance, data security, threat protection
    • 达到GDPR和PCI的要求

Azure Firewall:

  • network-level and application-level
  • protect machine and network

Azure Web Application Firewall(WAF):

  • application-level filtering
  • SSL termination
  • centralized protection from common exploits&vulnerabilities

Azure Baston:

  • secure RDP&SSH connectivity to the virtual machine

Network Security Group(NSG):

  • filter network traffic to and from Azure Resource

Azure Sentinel(哨兵):

  • security information and event management(SIEM)
    • SIEM: collect info from diverse source, and analyzes it for signs of a security incident
  • security orchestration automated response(SOAR)
  • workbook: interactive dashboards that allow users to explore and analyze
  • playbook: automated response

MS purview compliance portal:

  • manage compliance requirement
  • 3 controls:
    • MS-managed control
    • customer-managed control
    • shared control
  • insider risk management: sensitive data leak, confidentiality violation
  • 一般没见过的题就选它

privileged identity management(PIM):

  • time-based and approval-based role activation
  • e.g. just-in-time access
  • premium P2 subscription

virtual network:

  • network segmentation

customer lockbox:

  • used by MS engineers when they need to access some user's data

eDiscovery:

  • digital investigation that attempts to find evidence in email, ... for a criminal proceeding

规定相关

MS service Trust Portal:

  • detail how MS complies with the regulatory standard and implements controls to protect the organization
  • 一般来说,如果题目中提到document,就选trust portal

Azure Policy:

  • enforce(实行) standard, and assess compliance

Zero Trust:

  • assume breach
  • verify explicitly
  • least privilege

Privacy Principle:

  • Control
  • Security
  • Legal
  • Transparency
  • No content-based targeting
  • Benefit

Microsoft Cloud Adoption Framework for Azure:

  • collection of documentation providing guidance

密码学相关

Symmetric encryption

  • use the same key to encrypt and decrypt files

Asymmetric encryption

  • private key to sign a document(digital signature)
  • public key to verify authentication

Azure MFA(multi-factor authentication)

  • text message
  • authentication app
  • phone call

Self-service password reset(SSPR):

  • 忘记密码自己解决
  • 启动条件:
    • Assign an Azure AD license
    • Enable SSPR for user
    • Register an authentication method

Federation:

  • enable access to service across the organization

Single-Sign on:

  • 登录一次,其他相关程序免登录

Password Hash Synchronization:

  • enables password sync with active directory

有用链接

刷题:
https://www.examtopics.com/exams/microsoft/sc-900/view/

https://learn.microsoft.com/zh-cn/certifications/exams/sc-900/practice/assessment?assessment-type=practice&assessmentId=11

免费考试:
https://msftstudentcert.cloudreadyskills.com/course/sc900

写在后面

以上为本人复习时整理,如有遗漏知识点(肯定有很多),欢迎大家评论补充。提前祝大家考试通过文章来源地址https://www.toymoban.com/news/detail-412145.html

到了这里,关于微软SC-900(Azure安全基础)备考笔记的文章就介绍完了。如果您还想了解更多内容,请在右上角搜索TOY模板网以前的文章或继续浏览下面的相关文章,希望大家以后多多支持TOY模板网!

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处: 如若内容造成侵权/违法违规/事实不符,请点击违法举报进行投诉反馈,一经查实,立即删除!

领支付宝红包 赞助服务器费用

相关文章

觉得文章有用就打赏一下文章作者

支付宝扫一扫打赏

博客赞助

微信扫一扫打赏

请作者喝杯咖啡吧~博客赞助

支付宝扫一扫领取红包,优惠每天领

二维码1

领取红包

二维码2

领红包