国产 无码 综合区,色欲AV无码国产永久播放,无码天堂亚洲国产AV,国产日韩欧美女同一区二区

  1. Toy模板網(wǎng)首頁
  2. >Toy博客

微軟SC-900(Azure安全基礎(chǔ))備考筆記

2年前作者:杏仁。君分類:Toy博客閱讀(23)違法舉報(bào)

這篇具有很好參考價(jià)值的文章主要介紹了微軟SC-900(Azure安全基礎(chǔ))備考筆記。希望對(duì)大家有所幫助。如果存在錯(cuò)誤或未考慮完全的地方,請大家不吝賜教,您也可以點(diǎn)擊"舉報(bào)違法"按鈕提交疑問。

微軟SC-900(Azure安全基礎(chǔ))備考筆記

寫在前面

因?yàn)閟c-900是英文考試(或是有中文版本但我不知道),我復(fù)習(xí)和刷題也是看的英文材料,因此該筆記會(huì)以英文為基礎(chǔ),遇到比較少見的單詞時(shí)我會(huì)標(biāo)注翻譯。

該筆記單純旨在通過考試,對(duì)實(shí)踐的幫助不大。sc-900,依我拙見,也不是一個(gè)能學(xué)到很多知識(shí)的考試。想要了解網(wǎng)絡(luò)安全基礎(chǔ)概念的朋友,可以了解一下ISC^2最近發(fā)布的CC(certified in cybersecurity)考試。之后我也會(huì)發(fā)布cc的學(xué)習(xí)筆記。

SC-900

  • 60分鐘
  • 40-60道題
  • 滿分1000分,700分以上合格

筆記

評(píng)分相關(guān)

secure score: 網(wǎng)絡(luò)安全系數(shù)

compliance score: 員工是否遵從規(guī)定,按程序行事

功能相關(guān)

Azure Active Directory(Azure AD):

  • cloud-based identity and access management service

Azure AD identity protection

  • automate the detection and remediation of identity-based risk
  • investigate risks using data in the portal

MS defender:

  • MS Defender for Identity:
    • cloud-based solution that leverage(借助) on-premises Active Directory Domain Service(AD DS) to identify, detect, ... risks
  • MS Defender for Endpoint:
    • 一般跟裝備(device)有關(guān)的就選這個(gè)
    • secure score就存在這
    • automatic investigation and regulation
    • attack surface reduction
  • MS Defender for Office 365:
    • protect from malicious threats posted by email messages, links, ...
    • real-time report
  • MS Defender for Cloud:
    • manage security for a multi-cloud environment(微軟,谷歌,亞馬遜結(jié)合到一起管理)
    • assess security posture, identify threats, harden resource
  • MS Defender for Cloud App:
    • Cloud Access Security Broker(CASB) that supports various deployment modes
      • CASB四大要素: visibility, compliance, data security, threat protection
    • 達(dá)到GDPR和PCI的要求

Azure Firewall:

  • network-level and application-level
  • protect machine and network

Azure Web Application Firewall(WAF):

  • application-level filtering
  • SSL termination
  • centralized protection from common exploits&vulnerabilities

Azure Baston:

  • secure RDP&SSH connectivity to the virtual machine

Network Security Group(NSG):

  • filter network traffic to and from Azure Resource

Azure Sentinel(哨兵):

  • security information and event management(SIEM)
    • SIEM: collect info from diverse source, and analyzes it for signs of a security incident
  • security orchestration automated response(SOAR)
  • workbook: interactive dashboards that allow users to explore and analyze
  • playbook: automated response

MS purview compliance portal:

  • manage compliance requirement
  • 3 controls:
    • MS-managed control
    • customer-managed control
    • shared control
  • insider risk management: sensitive data leak, confidentiality violation
  • 一般沒見過的題就選它

privileged identity management(PIM):

  • time-based and approval-based role activation
  • e.g. just-in-time access
  • premium P2 subscription

virtual network:

  • network segmentation

customer lockbox:

  • used by MS engineers when they need to access some user's data

eDiscovery:

  • digital investigation that attempts to find evidence in email, ... for a criminal proceeding

規(guī)定相關(guān)

MS service Trust Portal:

  • detail how MS complies with the regulatory standard and implements controls to protect the organization
  • 一般來說,如果題目中提到document,就選trust portal

Azure Policy:

  • enforce(實(shí)行) standard, and assess compliance

Zero Trust:

  • assume breach
  • verify explicitly
  • least privilege

Privacy Principle:

  • Control
  • Security
  • Legal
  • Transparency
  • No content-based targeting
  • Benefit

Microsoft Cloud Adoption Framework for Azure:

  • collection of documentation providing guidance

密碼學(xué)相關(guān)

Symmetric encryption

  • use the same key to encrypt and decrypt files

Asymmetric encryption

  • private key to sign a document(digital signature)
  • public key to verify authentication

Azure MFA(multi-factor authentication)

  • text message
  • authentication app
  • phone call

Self-service password reset(SSPR):

  • 忘記密碼自己解決
  • 啟動(dòng)條件:
    • Assign an Azure AD license
    • Enable SSPR for user
    • Register an authentication method

Federation:

  • enable access to service across the organization

Single-Sign on:

  • 登錄一次,其他相關(guān)程序免登錄

Password Hash Synchronization:

  • enables password sync with active directory

有用鏈接

刷題:
https://www.examtopics.com/exams/microsoft/sc-900/view/

https://learn.microsoft.com/zh-cn/certifications/exams/sc-900/practice/assessment?assessment-type=practice&assessmentId=11

免費(fèi)考試:
https://msftstudentcert.cloudreadyskills.com/course/sc900

寫在后面

以上為本人復(fù)習(xí)時(shí)整理,如有遺漏知識(shí)點(diǎn)(肯定有很多),歡迎大家評(píng)論補(bǔ)充。提前祝大家考試通過文章來源地址http://www.zghlxwxcb.cn/news/detail-412145.html

到了這里,關(guān)于微軟SC-900(Azure安全基礎(chǔ))備考筆記的文章就介紹完了。如果您還想了解更多內(nèi)容,請?jiān)谟疑辖撬阉鱐OY模板網(wǎng)以前的文章或繼續(xù)瀏覽下面的相關(guān)文章,希望大家以后多多支持TOY模板網(wǎng)!

本文來自互聯(lián)網(wǎng)用戶投稿,該文觀點(diǎn)僅代表作者本人,不代表本站立場。本站僅提供信息存儲(chǔ)空間服務(wù),不擁有所有權(quán),不承擔(dān)相關(guān)法律責(zé)任。如若轉(zhuǎn)載,請注明出處: 如若內(nèi)容造成侵權(quán)/違法違規(guī)/事實(shí)不符,請點(diǎn)擊違法舉報(bào)進(jìn)行投訴反饋,一經(jīng)查實(shí),立即刪除!

領(lǐng)支付寶紅包贊助服務(wù)器費(fèi)用

相關(guān)文章

覺得文章有用就打賞一下文章作者

支付寶掃一掃打賞

博客贊助

微信掃一掃打賞

請作者喝杯咖啡吧~博客贊助

支付寶掃一掃領(lǐng)取紅包,優(yōu)惠每天領(lǐng)

二維碼1

領(lǐng)取紅包

二維碼2

領(lǐng)紅包