Passing The Microsoft AZ-900 Exam

Getting Microsoft Certified for Azure Fundamentals

I decided to challenge the AZ-900 Exam, as I got a Microsoft voucher for a free exam attempt. So, I decided to give the exam a crack. Basing it off other peer’s experience, who had already taken this exam. The consensus I had heard is that it should be a simple exam if you have used Azure before and worked on different services (e.g., IaaS, PaaS, SaaS.) I probably spent about less than 8 hours prepping, as I felt the topics seemed general and things I have already been exposed too.

Prepping to take the exam

My personal experience with Azure is that I have worked with it for 3+ years. If you have spent a lot of time in the Azure environment building things, configuring things and managing different items. You will have no problem challenging this exam. Most of the concepts are related to everyday tasks that you would be working on. Or tasks you would have been exposed to at some point while engineering designs in Azure.

Here is a score list of what you need to know –> https://docs.microsoft.com/en-us/learn/certifications/exams/az-900

• Cloud concepts (20-25%)
• Core Azure services (15-20%)
• Core solutions and management tools on Azure (10-15%)
• General security and network security features (10-15%)
• Identity, governance, privacy, and compliance features (20-25%)
• Azure cost management and Service Level Agreements (10-15%)
  

CISA Exam Study Guide from Packt

CISA Study Guide from Packt

I like to review over CISA study materials and keep up with content every year. ISACA usually has small new updates every year to the auditing domains. It is always nice to see all the new changes and advancements that are being made in the auditing world. This year, I decided to check out a book and wanted to post a quick review of it for others so they may get some good use out of it too.

What is this book about

The book is was just recently published by Packt and is called “CISA – Certified Information Systems Auditor Study Guide” authored by Hemang Doshi. You can grab a copy of it here –> https://amzn.to/358rb3h

Review of SEC545 Cloud Security Architecture and Operations

SEC545: Cloud Security Architecture and Operations

Just recently I went to attend a local SANS Community class in my city. For those that are not aware, SANS Community classes are usually smaller classes with 5-10+ students. It’s a small venue with more of a small class size, but the material would be the same that SANS would teach on vLive, OnDemand, or at a SANS conference.

I can say that the SEC545: Cloud Security Architecture and Operations class is VERY popular. There were many students there that were not hardcore SANS enthusiasts such as myself. Many people were there on the basis that companies are all now starting to move to the cloud. And, many companies are worried about the security implications of moving, and with larger concerns on if the architecture is not setup and configured correctly.

The class was very much AWS focused, which was great for me in terms of learning AWS. However, Read The Full Post

SMTP Authentication

Hello everyone.

I am back with some more email security!

Today I’d like to talk about SMTP Authentication.
Some people may never have heard of this concept or may have simply ignored it as it seemingly may not feel that important.

However, in certain situations one may need to make use of SMTP Auth for email.

SMTP Authentication

SMTP Authentication – Outgoing Emails

As shown above in the diagram.

SMTP Auth is fairly simply to use for all incoming or outgoing emails.

Essentially, a machine has to authenticate with the central mail server.

The authentication can be done in various ways.

You can normally query LDAP, Active Directory, or some other identity management system as well as store the credentials on the mail server (not recommended).

How Does It Work?

(more…)