微软SC-900(Azure安全基础)备考笔记-Toy模板网

这篇具有很好参考价值的文章主要介绍了微软SC-900(Azure安全基础)备考笔记。希望对大家有所帮助。如果存在错误或未考虑完全的地方，请大家不吝赐教，您也可以点击"举报违法"按钮提交疑问。

微软SC-900(Azure安全基础)备考笔记

写在前面

因为sc-900是英文考试（或是有中文版本但我不知道），我复习和刷题也是看的英文材料，因此该笔记会以英文为基础，遇到比较少见的单词时我会标注翻译。

该笔记单纯旨在通过考试，对实践的帮助不大。sc-900，依我拙见，也不是一个能学到很多知识的考试。想要了解网络安全基础概念的朋友，可以了解一下ISC^2最近发布的CC(certified in cybersecurity)考试。之后我也会发布cc的学习笔记。

SC-900

60分钟
40-60道题
满分1000分，700分以上合格

笔记

评分相关

secure score: 网络安全系数

compliance score: 员工是否遵从规定，按程序行事

功能相关

Azure Active Directory(Azure AD):

cloud-based identity and access management service

Azure AD identity protection

automate the detection and remediation of identity-based risk
investigate risks using data in the portal

MS defender:

MS Defender for Identity:
- cloud-based solution that leverage(借助) on-premises Active Directory Domain Service(AD DS) to identify, detect, ... risks
MS Defender for Endpoint:
- 一般跟装备(device)有关的就选这个
- secure score就存在这
- automatic investigation and regulation
- attack surface reduction
MS Defender for Office 365:
- protect from malicious threats posted by email messages, links, ...
- real-time report
MS Defender for Cloud:
- manage security for a multi-cloud environment(微软，谷歌，亚马逊结合到一起管理)
- assess security posture, identify threats, harden resource
MS Defender for Cloud App:
- Cloud Access Security Broker(CASB) that supports various deployment modes
  - CASB四大要素: visibility, compliance, data security, threat protection
- 达到GDPR和PCI的要求

Azure Firewall:

network-level and application-level
protect machine and network

Azure Web Application Firewall(WAF):

application-level filtering
SSL termination
centralized protection from common exploits&vulnerabilities

Azure Baston:

secure RDP&SSH connectivity to the virtual machine

Network Security Group(NSG):

filter network traffic to and from Azure Resource

Azure Sentinel(哨兵):

security information and event management(SIEM)
- SIEM: collect info from diverse source, and analyzes it for signs of a security incident
security orchestration automated response(SOAR)
workbook: interactive dashboards that allow users to explore and analyze
playbook: automated response

MS purview compliance portal:

manage compliance requirement
3 controls:
- MS-managed control
- customer-managed control
- shared control
insider risk management: sensitive data leak, confidentiality violation
一般没见过的题就选它

privileged identity management(PIM):

time-based and approval-based role activation
e.g. just-in-time access
premium P2 subscription

virtual network:

network segmentation

customer lockbox:

used by MS engineers when they need to access some user's data

eDiscovery:

digital investigation that attempts to find evidence in email, ... for a criminal proceeding

规定相关

MS service Trust Portal:

detail how MS complies with the regulatory standard and implements controls to protect the organization
一般来说，如果题目中提到document，就选trust portal

Azure Policy:

enforce(实行) standard, and assess compliance

Zero Trust:

assume breach
verify explicitly
least privilege

Privacy Principle:

Control
Security
Legal
Transparency
No content-based targeting
Benefit

Microsoft Cloud Adoption Framework for Azure:

collection of documentation providing guidance

密码学相关

Symmetric encryption

use the same key to encrypt and decrypt files

Asymmetric encryption

private key to sign a document(digital signature)
public key to verify authentication

Azure MFA(multi-factor authentication)

text message
authentication app
phone call

Self-service password reset(SSPR):

忘记密码自己解决
启动条件：
- Assign an Azure AD license
- Enable SSPR for user
- Register an authentication method

Federation:

enable access to service across the organization

Single-Sign on:

登录一次，其他相关程序免登录

Password Hash Synchronization:

enables password sync with active directory

有用链接

刷题：
https://www.examtopics.com/exams/microsoft/sc-900/view/

https://learn.microsoft.com/zh-cn/certifications/exams/sc-900/practice/assessment?assessment-type=practice&assessmentId=11

免费考试：
https://msftstudentcert.cloudreadyskills.com/course/sc900

写在后面

以上为本人复习时整理，如有遗漏知识点（肯定有很多），欢迎大家评论补充。提前祝大家考试通过文章来源地址https://www.toymoban.com/news/detail-412145.html

到了这里，关于微软SC-900(Azure安全基础)备考笔记的文章就介绍完了。如果您还想了解更多内容，请在右上角搜索TOY模板网以前的文章或继续浏览下面的相关文章，希望大家以后多多支持TOY模板网！