End of year celebration with a pass on Microsoft SOC exam

Hello, my friends!

I am sincerely wishing you all a Happy New Year!

As I always say this motto: The #cloudjourney and learning never stops ⛅❗🏃‍♂️ 🏃‍♀️

What is the Microsoft SOC exam?

I am happy to share that I was able to pass an Azure security certificate before the end of 2022!!!

As you might know, this certification belongs to an important Microsoft Security operations space. I am very glad to finish this year with this achievement. 

Thank you my dear #cloudfamily#cloudmarathoner, and my co-workers at T-Rex Solutions, LLC for a strong and relentless learning culture and continued support!

Microsoft Certified: Security Operations Analyst Associate

What skills did I learn?

Studying for this certification helped me gain the skills and knowledge required to reduce my organization’s risk by rapidly remediating active attacks on the environment, advising on improvements to threat protection practices, and referring violations of organizational policies to appropriate people and teams.

As an important part of the exam preparation, I did labs that investigate, respond to, and hunt for threats using Microsoft products, such as Azure Defender, Azure Sentinel, Microsoft 365 Defender, and other related security products.

Summary

Please, let me know if you are targeting this certification.
I would be more than glad to provide additional guidance for your preparations!

Thank you everyone for your greetings and wishes on social media.
I do really appreciate your continued support!!!

Azure introduced new Fusion Detection for Ransomware!

Hi Cloud Marathoners,

This week a new service – Fusion Detection for Ransomware has been announced. These Fusion detections correlate alerts that are potentially associated with ransomware activities that are observed at defense evasion and execution stages during a specific timeframe. 

What is Ransomware?

Ransomware attack is a type of attack that involves using specific types of malicious software or malware to make a network or system inaccessible for the purpose of extortion – ‘ransom’.

There is no doubt that ransomware attacks have taken a massive turn in being the top priority as a threat to many organizations. A recent report released by PurpleSec revealed that the estimated cost of ransomware attacks was $20 billion in 2020 and with downtime increasing by over 200% and the cost being 23x higher than 2019.

Preventing such attacks in the first place would be the ideal solution but with the new trend of ‘ransomware as a service’ and human operated ransomware, the scope and the sophistication of attacks are increasing – attackers are using slow and stealth techniques to compromise network, which makes it harder to detect them in the first place.

AI in action with Azure Sentinel for help!

Good new is that #azuresentinel 🔥 is constantly getting more efficient by introducing #AI in action – Sentinel #fusion!

In order to help your analyst quickly understand the possible attack, Fusion provides you with a complete picture for the suspicious activities happened on the same device/host by correlating signals from Microsoft products as well as signals in network and cloud. Supported data connectors include:

”With Fusion detection for ransomware that captures malicious activities at the defense evasion and execution stages of an attack, it gives security analysts an opportunity to quickly understand the suspicious activities happened around the same timeframe on the common entities, connect the dots and take immediate actions to disrupt the attack.”

Microsoft is commited to release new multistage attack scenarios detected by Fusion in Azure Sentinel. You could keep an eye on there Azure Sentinel Fusion page and get latest updates there 🙂

Stay tuned for more Azure automation & Security related posts.

Fᴏʟʟᴏᴡ ᴍᴇ 🎯 ᴀɴᴅ become ᴀ #cloudmarathoner ⛅🏃‍♂️🏃‍♀️ – 𝐋𝐄𝐓’𝐒 𝐂𝐎𝐍𝐍𝐄𝐂𝐓 👍

#microsoftsecurity
#security
#infosec
#cybersecurity

Study Guide for Azure Security Technologies (AZ-500)

Hello friends,

Updates: This exam had a number of changes from the mid 2020 till now. I have updated exam objectives and some of the listed references to be up-t0-date..

I am back with a new study guide AZ-500: Azure Security Technologies Associate.

This is a very important exam for anyone who puts security at the core of a solution – deployed into Azure Cloud environment. In this respect, it is invaluable for any professional whose responsibilities include: maintaining the security posture, identifying, and remediating vulnerabilities by using a variety of security tools, implementing threat protection, and responding to security incident escalations.

By the way, you could also check out the following study guides, if interested 👌👍

By learning this topic, you as a candidate will gain strong skills in scripting and automation; a deep understanding of networking, virtualization, and cloud N-tier architecture. Your strong familiarity with cloud capabilities and products and services for Azure is very critical to succeed.

Getting AZ-500 Microsoft Azure Security Technologies Associate

In this section, you will get to know the official exam objectives, free Microsoft Learn materials and additional materials that I have used. On a high level, the skills that are measured in this exam are:

Actually, you could find this information on the official Microsoft exam website.

Useful resources that helped me along the way:

Here are the references which will serve you a way for successful digestion of the security materials. I would like to thank Pete Zerger – a Microsoft MVP & Cybersecurity Strategist for his informative content & professional support. He has really valuable posts and training courses on the LinkedIn platform.

There were many breaks in my study where I paused to search for Azure Security documentation on Microsoft Docs. However, discovering the GitHub repo from AzureMentor highly helped me to save some time, while getting familiar with exam objectives.

Thus, the @AzureMentor GitHub pages on Azure-AZ-500-Study-Guide have direct links into each high level objective as well as outlined items within it.

I would like to thank my family and kids for providing me with the opportunity to complete my journey. Big thanks to close friends and #linkedinfaily for continued support.

That’s all friends! Hope this sharing will encourage you to start your own cloud journey.

And as always, feel free to get connected and leave your comment(s). The whole LinkedIn family will benefit from your suggestions and feedback.