Tag: security

Azure CLI

Azure CLI 2.0: Generate SAS Token for Blob in Azure Storage

Azure Storage is a cloud service at the very center of Microsoft Azure. It provides the foundations for storing data in many services and systems within the Azure cloud platform. You can use Azure Blob Storage to store any binary data such as files, images, backups, .vhd’s, videos, and pretty much any other file. The Azure Blob Storage will secure all blobs / files by default where they can’t be access without a key. You can configure the service to allow anonymous access to blobs, however, there are many circumstances that you want to securely share a file with Azure Blob Storage.
Read More

CertificationInfrastructure

70-744 Securing Windows Server 2016 Certification Exam

Server and Virtual Machine (VM) security is an increasingly important topic in IT. With the adoption of both Public and Private Cloud environments the landscape of server security has been changing as systems become increasingly connected; especially across networks and even the Internet. The Securing Windows Server 2016 (70-744) certification exam will test and measure your expertise in securing and hardening server and VMs running Windows Server 2016; whether their on-premises, or in Public or Private Cloud environments.

Certification Target Audience

The focus on the Securing Windows Server 2016 (70-744) certification exam is centered around Windows Server 2016 Security; such as hardening server environments, securing Virtual Machine infrastructure using Shielded and encryption-supported VMs and Guarded Fabric. The exam is designed to target candidates who are IT Pros and infrastructure professionals that are tasked with configuring and securing Windows Server 2016 environments On-Premises and in Virtual Machine (VM) environments including both the Public and Private Cloud.

Skills Measured

Here is a high level list of the skills and objectives measured on this exam. The percentages next to each of the high level objectives represents the percentage of exam questions that will be targeted towards that specific objective area.

  • Implement disk and file encryption (25-30%)
    • Configure disk and file encryption
    • Implement server patching and updating solutions
    • Implement malware protection
    • Protect credentials
    • Create security baselines
  • Secure a virtualization infrastructure (5-10%)
    • Implement a Guarded Fabric solutions
    • Implement Shielded and encryption-supported VMs
  • Secure a network infrastructure (10-15%)
    • Configure Windows Firewall
    • Implement a software-defined Distributed Firewall
    • Secure network traffic
  • Manage privileged identities (25-30%)
    • Implement an Enhanced Security Administrative Environment (ESAE) administrative forest design approach
    • Implement Just-in-Time (JIT) Administration
    • Implement Just-Enough-Administration (JEA)
    • Implement Privileged Access Workstations (PAWs) and User Rights Assignments
    • Implement Local Administrator Password Solution (LAPS)
  • Implement threat detection solutions (15-20%)
    • Configure advanced audit policies
    • Install and configure Microsoft Advanced Threat Analytics (ATA)
    • Determine threat detection solutions using Operations Management Suite (OMS)
  • Implement workload-specific security (5-10%)
    • Secure application development and server workload infrastructure
    • Implement a secure file services infrastructure and Dynamic Access Control (DAC)

When studying for this exam, you’ll definitely want to look at the official exam page from Microsoft for the full list of exam objectives. You’ll need to be sure to study every one of them that will be measured on the exam.

Training Materials

The Securing Windows Server 2016 (70-744) exam covers a lot of smaller objective areas in comparison to many other certification exams. There are a lot of topic areas to study around Security Windows Server 2016! Fortunately there is an Exam Reference book available from Microsoft Press targeted towards studying for this specific exam.

Here’s a short description of the Exam Reference book:

Exam Ref 70-744 Securing Windows Server 2016

Prepare for Microsoft Exam 70-744–and help demonstrate your real-world mastery of securing Windows Server 2016 environments. Designed for experienced IT professionals ready to advance their status, Exam Ref focuses on the critical-thinking and decision-making acumen needed for success at the MCSE level. 

Focus on the expertise measured by these objectives: 

  • Implement server hardening solutions
  • Secure a virtualization infrastructure
  • Secure a network infrastructure
  • Manage privileged identities
  • Implement threat detection solutions
  • Implement workload-specific security 

This Microsoft Exam Ref: 

  • Organizes its coverage by exam objectives
  • Features strategic, what-if scenarios to challenge you
  • Assumes you have experience as a Windows Server administrator and an understanding of basic networking and Hyper-V virtualization fundamentals, Active Directory Domain Services principles, and Windows Server security principles

Happy Studying!

Infrastructure

Setup SSL / TLS on Azure CDN Custom Domain

azure-content-delivery-network-cdn_colorSince the beginning the Azure CDN has allowed for custom domains to be mapped so you can use your own domain name instead of the Azure CDN default domain name endpoint; such as that at “*.azureedge.net”. However, until recently you couldn’t enable SSL encryption support for that custom domain mapped to the Azure CDN endpoint. In a recent update to the Azure CDN service Microsoft has finally enabled the ability to enable SSL / TLS on an Azure CDN Custom Domain name. Read More

Booksecurity

Free eBook: Defending the New Perimeter – Modern Security from Microsoft

free_ebook_defendingthenewperimeterThe Free eBook “Defending the New Perimeter: Modern Security from Microsoft” is a guide to the Microsoft Cybersecurity Stack for IT Decision Makers written by Pete Zerger and Wes Kroesbergen. The book discusses topics such as: Identifying Threats at Scale, Leveraging Identity as a Gateway, and Protecting the Modern Perimeter.

Download Here

Here’s a description of the book:

With the explosion of cloud and enterprise mobility, the traditional network perimeter is history. A network breach is now an e-mail away.

Identity protection is now a critical component in securing your organization’s front door to on-premises and cloud resources. With the increasing sophistication and funding of attackers by criminal enterprises and nation-states, tooling for detection and response to compromise has never been more important. Classification, labelling and protection of information is a critical aspect of security as organizations store and share information across services and with partners.

Targeted to the CIO and CISO, “Defending the New Perimeter” discusses these challenges and how to address them with the latest security and identity solutions from Microsoft. Designed to properly brief a busy professional in a couple of hours, “Defending the New Perimeter” provides the pertinent information to help you understand the threats your organization faces… and what you can do to protect your business.”

Internet of ThingsVideo

9 IoT Sessions from Ignite 2016 – Watch On-Demand

All the sessions from the Microsoft Ignite 2016 conference were recorded and are being put up online for free, on-demand streaming. There are hundreds of sessions overall on every technology in the Microsoft stack. It’s a very large amount of content to sift through, so I thought I would put together a showcase of just the Internet of Things (IoT) sessions from Ignite.

Here’s the list of Internet of Things (IoT) related sessions from Microsoft Ignite 2016. These are all links directly to the videos from Microsoft hosted on YouTub that you can watch anytime, anywhere, from any device, all on-demand!

1.  Learn about Microsoft IoT Vision

Level: 200 – Overview

The Internet of Things (IoT) is here today in the devices, sensors, cloud services, and data your business uses. Microsoft delivers a flexible cloud-based approach that enables enterprises to capitalize on IoT by gathering, storing, and processing data centrally. When centrally connecting distributed LoB assets, the edge of an enterprise’s infrastructure can be redefined, and the breadth of the Microsoft data platform can be harnessed. Learn about Microsoft’s position on IoT, and the technology and services being delivered from Microsoft to help you create the Internet of Your Things.

Speaker:
Arjmand Samuel – Principal Program Manager, Microsoft

2. Meetup: Educate and excite through computer science

Level: 100 – Community Meetup

Meet up with other passionate people who want to make a difference in making sure STEM, including computer science, is available for all children. Let’s make learning science fun as well as relevant for future careers. Mingle, share, and learn how Microsoft is involved in many formal and informal programs that you can be a part of, and we want to hear from you too. Get together to discuss how your voice can be heard on this important topic and how to get involved in your local communities.

Speaker:
Naomi Moneypenny – Chief Technology Officer, ManyWorlds

 

3. Secure your Internet of Things with Azure IoT

Level: 200 – Deep Dive

This session provide details for planning, developing and deploying a trustworthy Internet of Things (IoT) infrastructure using Microsoft Azure IoT Suite. Trustworthy IoT infrastructure implies building security, privacy, safety and availability within the design of an IoT infrastructure. We highlight Microsoft Azure’s philosophy of building software and services, which are secure and private by design, and share best practices leading to a safe and highly available infrastructure. We also provide a high level overview of some of the features Azure IoT Suite offers in this regard, and share some of the early thinking for features being considered in the future.

Speaker:
Arjmand Samuel – Principal Program Manager, Microsoft

4. Enable IoT solutions with Windows 10 IoT platform

Level: 200 – How to

Today, there is a growing trend of new IoT devices in the IT enterprise world and it is important for IT decision makers to create their infrastructure, strategy to deploy, manage and secure their environments. In this session, we illustrate how IoT is brought to life by smart devices powered by Windows 10 IoT Platform. We also include demo and relevant scenarios for IT environment.

Speakers:
Partha Srinivasan – Senior Product Marketing Manager, Microsoft
Doug Smith – Senior Director of Marketing, Microsoft
Suma SaganeGowda – Principal PM Manager, Microsoft

5. Create best-in-class customer experiences with digital transformation

Level: 100 – Partner Session

Success in a disruptive business environment requires digital reinvention focused on improving customer experience. Organizations transform business models, employee experiences, and ecosystems to design sophisticated customer experiences. IBM accelerates your transformation into a digital enterprise with end-to-end solutions that maximize your Microsoft investments, including cognitive, IoT, hybrid cloud and mobility capabilities. With IBM’s integration and design-thinking expertise, American Airlines Cargo migrated to a single customer service call center solution built on Microsoft Dynamics CRM that helps improve customer satisfaction. Join IBM and American Airlines leaders to hear insights about transforming your experience.

Speaker:
Murray Mitchell – Global & North America Leader, Microsoft Services, IBM Global Business Services

6. Explore IOT Scenarios from the field and their reference architectures

Level: 300 – Architecture

Explore the customer stories and reference architectures from some of the common IOT scenarios that we have seen working with customers in the field. As customers tell us about what they want to accomplish, we are seeing a set of reoccurring scenarios such as Smart Building, Connected Devices, Smart Healthcare, Connected Manufacturing and other scenarios.

Speaker:
Micheal Epprecht – Technical Specialist, Microsoft

7. Meetup: use Microsoft Azure IoT on a real business case

Level: 100 – Community Meetup

This session shows you how to ramp up a IoT Solution based on Microsoft Azure IoT and other Azure services. For example, we reflect the whole scenario on a predictive maintenance solution, showing which services are needed to get such type of solution working. We also look at the calculation of such an solution and which problems can be on devices and services.

Speaker:
Christian Waha – Platform Manager Multi IoT Service Platform, T-Systems International

8. Gain real time and predictive insights on your Internet of Things

Level: 300 – How To

Continuous streams of data are generated in every industry from sensors, business transactions, social media activity, etc. Within these streams of data lie business insights that are waiting to be unlocked. By querying these streams in real time, it becomes possible to ask key questions repeatedly, millions of times on millions of data points, thereby enabling the discovery of business opportunities and the realization of the “power of now”!

Speaker:
Samartha (Sam) Chandrashekar – Program Manager, Microsoft

9. Harness the power of the Internet of Things

Level: 100 – Partner Session

The Internet of Things (IoT) is experiencing exponential growth fueled by ubiquitous connectivity and the rise of cloud computing. In a world of disrupt or be disrupted, is your organization ready to embrace IoT? In this informative session, we explore the IoT opportunity for enterprises and the critical role of the ecosystem and platforms in IoT implementations. We bring it to life with real-world solutions and case studies spanning multiple industries. The examples we feature are all powered by Accenture’s Connected Platforms as a Service, an open and broadly deployed IoT platform architecture, integrated with and optimized for the Microsoft Azure IoT Suite.

Speaker:
Jim Bailey – Senior Managing Director, Accenture Mobility

Azure Weekly

Azure Weekly: May 30, 2016

The Azure Weekly series from BuildAzure.com brings a consolidated source for the weeks Azure news, blogs, and service updates. There is an incredible amount of things changing in the Microsoft Azure platform and ecosystem on a regular basis. The goal of this weekly list is to help keep up on all that keeps changing.

Service Updates

This is the list of Azure Service Updates announced by Microsoft for the week:

Read More

Azure Weekly

Azure Weekly: May 23, 2016

The Azure Weekly series from BuildAzure.com brings a consolidated source for the weeks Azure news, blogs, and service updates. There is an incredible amount of things changing in the Microsoft Azure platform and ecosystem on a regular basis. The goal of this weekly list is to help keep up on all that keeps changing.

Service Updates

This is the list of Service Updates announced by Microsoft.

Read More

DevOps

Free DevOps Virtual Workshop Sessions

Microsoft recently hosted a DevOps Virtual Workshop where they provided a deep dive into topics covering how to manage, automate, and transform applications and workloads within Microsoft Azure. This was held as a half day, virtual event that was recorded so it can be viewed afterwords. The sessions from this event provide tons of information and demos on DevOps and ALM integration for Architects, Developers and IT Pros. Read More

ArchitectureHardwareInfrastructure

Why Microsoft Azure?

Many companies are migrating existing or building new systems on the Microsoft Azure Cloud Platform. There’s a lot of buzz lately around the Cloud overall, but it can be a little unclear at first glance what the benefits are. Microsoft Azure includes many different Infrastructure and Platform features that simply mirror those on-premises, as well as features that extend far beyond. Let’s explore some of the primary features of Microsoft Azure, along with reasons why they may be the right choice to use, so we can answer some of the common questions. While Microsoft Azure may be an obvious technical choice, it’s extremely important to answer these questions when conveying the benefits of Microsoft Azure to business decision makers. Read More