Yuri Diogenes – författare

Prepare for Microsoft Exam AZ-500 and demonstrate your real-world knowledge of Microsoft Azure security, including the skills needed to implement security controls, maintain an organization’s security posture, and identify and remediate security vulnerabilities. Designed for professionals with Azure security experience, this Exam Ref focuses on the critical thinking and decision-making acumen needed for success at the Microsoft Certified: Azure Security Engineer Associate level.

Focus on the expertise measured by these objectives:

Manage identity and access Secure networking Secure compute, storage, and databases Manage security operations

This Microsoft Exam Ref:

Organizes its coverage by exam objectives Features strategic, what-if scenarios to challenge you Assumes you have experience in administration of Microsoft Azure and hybrid environments, and familiarity with compute, network, and storage in Azure and Microsoft Entra ID

About the Exam

Exam AZ-500 focuses on knowledge needed to manage Microsoft Entra identities, authentication, authorization, and application access; plan and implement security for virtual networks, as well as for private and public access to Azure resources; plan and implement advanced security for compute, storage, Azure SQL Database, and Azure SQL managed instance; plan, implement, and manage governance for security, manage security posture and configure and manage threat protection using Microsoft Defender for Cloud, and configure and manage security monitoring and automation solutions.

About Microsoft Certification

Passing this exam fulfills your requirements for the Microsoft Certified: Azure Security Engineer Associate credential, demonstrating your expertise as an Azure Security Engineer capable of managing an organization’s security posture, identifying, and remediating vulnerabilities, performing threat modeling, implementing threat protection, responding to security incident escalations, and participating in the planning and implementation of cloud-based management and security.

See full details at: microsoft.com/learn

Prepare for Microsoft Exam SC-200 and help demonstrate your real-world mastery of skills and knowledge required to work with stakeholders to secure IT systems, and to rapidly remediate active attacks. Designed for Microsoft security operations analysts, this Exam Ref focuses on the critical thinking and decision-making acumen needed for success at the Microsoft Certified Associate level.

Focus on the expertise on monitoring, identifying, investigating, and responding to threats in cloud and on-premises environments by using:

Microsoft Defender XDR Security Copilot Microsoft Sentinel Microsoft Defender for Cloud workload protections

This Microsoft Exam Ref:

Organizes its coverage by exam objectives Features strategic, what-if scenarios to challenge you Assumes you have experience with threat management, monitoring, and/or response in Microsoft 365 environments

Exam SC-200 focuses on knowledge needed to detect, investigate, and remediate security threats across cloud and on-premises environments by equipping security operations analysts with the skills to manage and operate a modern SOC using Microsoft Defender XDR, Microsoft Sentinel, Microsoft Defender for Cloud, and Security Copilot; configure and manage a security operations environment by designing Sentinel workspaces, optimizing data sources, managing assets through Defender Vulnerability Management and Exposure Management, and configuring automation and attack disruption; configure protections and detections across Defender solutions; assess incident response capabilities, including investigating and remediating threats such as ransomware, email compromise, compromised identities, insider risks, and cloud workload attacks using investigation tools, device timelines, live response, playbooks, and automation, as well as leveraging Security Copilot for guided investigations and analysis; employ KQL for proactive threat hunting, interpreting threat analytics and MITRE ATT&CK coverage, managing threat indicators, and visualizing security data to continuously reduce organizational risk.

About Microsoft CertificationPassing this exam fulfills your requirements for the Microsoft Certified: Security Operations Analyst Associate certification credential, demonstrating your ability to collaborate with organizational stakeholders to reduce organizational risk, advise on threat protection improvements, and address violations of organizational policies.

See full details at: microsoft.com/learn

Prepare for Microsoft Exam SC-200—and help demonstrate your real-world mastery of skills and knowledge required to work with stakeholders to secure IT systems, and to rapidly remediate active attacks. Designed for Windows administrators, Exam Ref focuses on the critical thinking and decision-making acumen needed for success at the Microsoft Certified Associate level.

 

Focus on the expertise measured by these objectives:

Mitigate threats using Microsoft 365 Defender Mitigate threats using Microsoft Defender for Cloud Mitigate threats using Microsoft Sentinel

 

This Microsoft Exam Ref:

Organizes its coverage by exam objectives Features strategic, what-if scenarios to challenge you Assumes you have experience with threat management, monitoring, and/or response in Microsoft 365 environments

 

About the Exam

Exam SC-200 focuses on knowledge needed to detect, investigate, respond, and remediate threats to productivity, endpoints, identity, and applications; design and configure Azure Defender implementations; plan and use data connectors to ingest data sources into Azure Defender and Azure Sentinel; manage Azure Defender alert rules; configure automation and remediation; investigate alerts and incidents; design and configure Azure Sentinel workspaces; manage Azure Sentinel rules and incidents; configure SOAR in Azure Sentinel; use workbooks to analyze and interpret data; and hunt for threats in the Azure Sentinel portal.

 

About Microsoft Certification

Passing this exam fulfills your requirements for the Microsoft 365 Certified: Security Operations Analyst Associate certification credential, demonstrating your ability to collaborate with organizational stakeholders to reduce organizational risk, advise on threat protection improvements, and address violations of organizational policies.

 

See full details at: microsoft.com/learn

Prepare for Microsoft Exam AZ-500: Demonstrate your real-world knowledge of Microsoft Azure security, including tools and techniques for protecting identity, access, platforms, data, and applications, and for effectively managing security operations. Designed for professionals with Azure security experience, this Exam Ref focuses on the critical thinking and decision-making acumen needed for success at the Microsoft Certified: Azure Security Engineer Associate level.

Focus on the expertise measured by these objectives:

Manage identity and access Implement platform protection Manage security operations Secure data and applications

This Microsoft Exam Ref:

Organizes its coverage by exam objectives Features strategic, what-if scenarios to challenge you Assumes you have expertise implementing security controls and threat protection, managing identity and access, and protecting assets in cloud and hybrid environments

About the Exam

Exam AZ-500 focuses on the knowledge needed to manage Azure Active Directory identities; configure secure access with Azure AD; manage application access and access control; implement advanced network security; configure advanced security for compute; monitor security with Azure Monitor, Azure Firewall manager, Azure Security Center, Azure Defender, and Azure Sentinel; configure security policies; configure security for storage and databases; and configure and manage Key Vault.

About Microsoft Certification

Passing this exam fulfills your requirements for the Microsoft Certified: Azure Security Engineer Associate credential, demonstrating your expertise as an Azure Security Engineer capable of maintaining security posture, identifying and remediating vulnerabilities, implementing threat protection, and responding to incident escalations as part of a cloud-based management and security team.

See full details at: microsoft.com/learn

The definitive practical guide to Microsoft Defender for Cloud covering new components and multi-cloud enhancements!

Microsoft Defender for Cloud offers comprehensive tools for hardening resources, tracking security posture, protecting against attacks, and streamlining security management – all in one natively integrated toolset. Now, leading Microsoft security experts Yuri Diogenes and Tom Janetscheck help you apply its robust protection, detection, and response capabilities throughout your operations, protecting workloads running on all your cloud, hybrid, and on-premises platforms.

This guide shows how to make the most of new components, enhancements, and deployment scenarios, as you address today's latest threat vectors. Sharing best practices, expert tips, and optimizations only available from Microsoft's Defender for Cloud team, the authors walk through improving everything from policies and governance to incident response and risk management. Whatever your role or experience, they'll help you address new security challenges far more effectively—and save hours, days, or even weeks.

Two of Microsoft's leading cloud security experts show how to:

Assess new threat landscapes, the MITRE ATT&CK framework, and the implications of ''assume-breach'' Explore Defender for Cloud architecture, use cases, and adoption considerations including multicloud with AWS and GCP Plan for effective governance, successful onboarding, and maximum value Fully visualize complex cloud estates and systematically reduce their attack surfaces Prioritize risks with Secure Score, and leverage at-scale tools to build secure cloud-native apps Establish consistent policy enforcement to avoid drift Use advanced analytics and machine learning to identify attacks based on signals from all cloud workloads Enhance security posture by integrating with the Microsoft Sentinel SIEM/SOAR, Microsoft Purview, and Microsoft Defender for Endpoint Leverage just-in-time VM access and other enhanced security capabilities

 About This Book

For architects, designers, implementers, SecOps professionals, developers, and security specialists working in Microsoft Azure environments For all IT professionals and decision-makers concerned with securing modern hybrid/multicloud environments, cloud-native apps, and PaaS services

Build next-generation security operations with Microsoft Sentinel

Microsoft Sentinel is the scalable, cloud-native, security information and event management (SIEM) solution for automating and streamlining threat identification and response across your enterprise. Now, three leading experts guide you step-by-step through planning, deployment, and operations, helping you use Microsoft Sentinel to escape the complexity and scalability challenges of traditional solutions. Fully updated for the latest enhancements, this edition introduces new use cases for investigation, hunting, automation, and orchestration across your enterprise and all your clouds. The authors clearly introduce each service, concisely explain all new concepts, and present proven best practices for maximizing Microsoft Sentinel's value throughout security operations.

 

Three of Microsoft's leading security operations experts show how to:

Review emerging challenges that make better cyberdefense an urgent priority See how Microsoft Sentinel responds by unifying alert detection, threat visibility, proactive hunting, and threat response Explore components, architecture, design, and initial configuration Ingest alerts and raw logs from all sources you need to monitor Define and validate rules that prevent alert fatigue Use threat intelligence, machine learning, and automation to triage issues and focus on high-value tasks Add context with User and Entity Behavior Analytics (UEBA) and Watchlists Hunt sophisticated new threats to disrupt cyber kill chains before you're exploited Enrich incident management and threat hunting with Jupyter notebooks Use Playbooks to automate more incident handling and investigation tasks Create visualizations to spot trends, clarify relationships, and speed decisions Simplify integration with point-and-click data connectors that provide normalization, detection rules, queries, and Workbooks

 

About This Book

For cybersecurity analysts, security administrators, threat hunters, support professionals, engineers, and other IT professionals concerned with security operations For both Microsoft Azure and non-Azure users at all levels of experience

Prepare for Microsoft Exam SC-100 and demonstrate your real-world mastery of skills and knowledge needed to design and evolve cybersecurity strategy for all aspects of enterprise architecture. Designed for experienced IT professionals, this Exam Ref focuses on critical thinking and decision-making acumen needed for success at the Microsoft Certfied: Cybersecurity Architect Expert level.

Focus on the expertise measured by these objectives:

Design a Zero Trust strategy and architecture Evaluate Governance Risk Compliance (GRC) technical strategies and security operations strategies Design a strategy for data and applications Recommend security best practices and priorities

This Microsoft Exam Ref:

Organizes its coverage by exam objectives Features strategic, what-if scenarios to challenge you Assumes you have advanced security engineering experience and knowledge and experience with hybrid and cloud implementations

About the Exam

Exam SC-100 focuses on the knowledge needed to build overall security strategy and architecture; design strategies for security operations, identity security, and regulatory compliance; evaluate security posture; recommend technical strategies to manage risk; design strategies to secure server endpoints, client endpoints, and SaaS, PaaS, and IaaS services; specify application security requirements; design data security strategy; recommend security best practices based on Microsoft Cybersecurity Reference Architecture and Azure Security Benchmarks; use the Cloud Adoption Framework to recommend secure methodologies; use Microsoft Security Best Practices to recommend ransomware strategies.

About Microsoft Certifiation

The Microsoft Certified: Cybersecurity Architect Expert certication credential demonstrates your ability to plan and implement cybersecurity strategy that meets business needs and protects the organization's mission and processes across its entire enterprise architecture. To fulfill your requirements, pass this exam and earn one of these four prerequisite certifications: Microsoft Certfied: Azure Security Engineer Associate; Microsoft Certfied: Identity and Access Administrator Associate; Microsoft365 Certied: Security Administrator Associate; Microsoft Certfied: Security Operations Analyst Associate.

See full details at: microsoft.com/learn

THE INSIDER'S GUIDE TO LAUNCHING AND ACCELERATING YOUR CYBERSECURITY CAREER

 

Cybersecurity is one of the world's fastest growing, most exciting fields--but that doesn't mean it's easy to enter the industry and succeed. Now there's a complete guide to creating a great cybersecurity career, whether you're migrating to cybersecurity from another field or already a cybersecurity professional.

 

Building a Career in Cybersecurity doesn't teach detailed technical skills you can get from a thousand books and videos. Instead, Yuri Diogenes focuses on make-or-break knowledge you won't find elsewhere: personal strategy, planning, process, mindset, and the critical “soft skills” today's employers are desperate to find.

 

Diogenes is your perfect guide: he's been there and done it all. He is Principal PM Manager for a cybersecurity team at Microsoft, hiring the next generation of practitioners. He's also a professor for a bachelor's degree program in cybersecurity, where he prepares students to become cybersecurity professionals. Diogenes will show you exactly what leaders like him are looking for, and mentor you step-by-step through getting started and moving forward.

 

Don't learn “the hard way” by making costly career mistakes. Get this book, and build your plan to win!

 

Assess your “fit,” skills, motivation, and readiness Compare the industry's career paths, and decide what to aim for Create a game plan: fill skill gaps, set timelines, create a portfolio, and target the right certs Build a cloud-based lab to hone your modern technical skills Develop a network that puts you in the right place at the right time Prepare to ace your interview Treat your employer as your customer, and overcome obstacles to success Get work-life balance right, so you can stay passionate about what you're doing Grow in your career, even if you're working remotely Plan your next moves, and become more valuable as the industry evolves

Prepare for Microsoft Exam SC-900 and demonstrate your real-world knowledge of the fundamentals of security, compliance, and identity (SCI) across cloud-based and related Microsoft services. Designed for business stakeholders, new and existing IT professionals, functional consultants, and students, this Exam Ref focuses on the critical thinking and decision-making acumen needed for success at the Microsoft Certified: Security, Compliance, and Identity Fundamentals level.

 

Focus on the expertise measured by these objectives:

Describe the concepts of security, compliance, and identity Describe the capabilities of Microsoft identity and access management solutions Describe the capabilities of Microsoft security solutions Describe the capabilities of Microsoft compliance solutions

 

This Microsoft Exam Ref:

Organizes its coverage by exam objectives Features strategic, what-if scenarios to challenge you Assumes you are a business user, stakeholder, consultant, professional, or student who wants to create holistic, end-to-end solutions with Microsoft security, compliance, and identity technologies

 

Implement maximum control, security, and compliance processes in Azure cloud environments In Microsoft Azure Security Infrastructure, three leading experts show how to plan, deploy, and operate Microsoft Azure with outstanding levels of control, security, and compliance. You’ll learn how to prepare infrastructure with Microsoft’s integrated tools, prebuilt templates, and managed services–and use these to help safely build and manage any enterprise, mobile, web, or Internet of Things (IoT) system. The authors guide you through enforcing, managing, and verifying robust security at physical, network, host, application, and data layers. You’ll learn best practices for security-aware deployment, operational management, threat mitigation, and continuous improvement–so you can help protect all your data, make services resilient to attack, and stay in control no matter how your cloud systems evolve.

Three Microsoft Azure experts show you how to:

• Understand cloud security boundaries and responsibilities

• Plan for compliance, risk management, identity/access management, operational security, and endpoint and data protection

• Explore Azure’s defense-in-depth security architecture

• Use Azure network security patterns and best practices

• Help safeguard data via encryption, storage redundancy, rights management, database security, and storage security

• Help protect virtual machines with Microsoft Antimalware for Azure Cloud Services and Virtual Machines

• Use the Microsoft Azure Key Vault service to help secure cryptographic keys and other confidential information

• Monitor and help protect Azure and on-premises resources with Azure Security Center and Operations Management Suite

• Effectively model threats and plan protection for IoT systems

• Use Azure security tools for operations, incident response, and forensic investigation

Windows Server 2012 Security from End to Edge and Beyond shows you how to architect, design, plan, and deploy Microsoft security technologies for Windows 8/Server 2012 in the enterprise. The book covers security technologies that apply to both client and server and enables you to identify and deploy Windows 8 security features in your systems based on different business and deployment scenarios. The book is a single source for learning how to secure Windows 8 in many systems, including core, endpoint, and anywhere access.

Authors Tom Shinder and Yuri Diogenes, both Microsoft employees, bring you insider knowledge of the Windows 8 platform, discussing how to deploy Windows security technologies effectively in both the traditional datacenter and in new cloud-based solutions. With this book, you will understand the conceptual underpinnings of Windows 8 security and how to deploy these features in a test lab and in pilot and production environments.

The book's revolutionary "Test Lab Guide" approach lets you test every subject in a predefined test lab environment. This, combined with conceptual and deployment guidance, enables you to understand the technologies and move from lab to production faster than ever before. Critical material is also presented in key concepts and scenario-based approaches to evaluation, planning, deployment, and management. Videos illustrating the functionality in the Test Lab can be downloaded from the authors' blog http://blogs.technet.com.b.security_talk/. Each chapter wraps up with a bullet list summary of key concepts discussed in the chapter.

Provides practical examples of how to design and deploy a world-class security infrastructure to protect both Windows 8 and non-Microsoft assets on your system Written by two Microsoft employees who provide an inside look at the security features of Windows 8 Test Lab Guides enable you to test everything before deploying live to your system

This book will explore some of the main problems of existing in a technologically advanced world that is built for ease and efficiency while our bodies are built for stamina and endurance. The book will further examine how this can negatively impact a person’s livelihood as well as work performance. It will then delve into the important reasons for change in one’s eating and exercising habits and will provide tips and suggestions on how to embrace this change and to be successful within a fast-paced environment. This book is not the typical “90-day” or “quick and easy” approach to fat loss. Instead, the focus will be centered on longevity and consistency for one’s personal fitness lifestyle.

Updated edition of the bestselling guide for planning attack and defense strategies based on the current threat landscapeKey FeaturesUpdated for ransomware prevention, security posture management in multi-cloud, Microsoft Defender for Cloud, MITRE ATT&CK Framework, and moreExplore the latest tools for ethical hacking, pentesting, and Red/Blue teamingIncludes recent real-world examples to illustrate the best practices to improve security postureBook DescriptionCybersecurity – Attack and Defense Strategies, Third Edition will bring you up to speed with the key aspects of threat assessment and security hygiene, the current threat landscape and its challenges, and how to maintain a strong security posture.In this carefully revised new edition, you will learn about the Zero Trust approach and the initial Incident Response process. You will gradually become familiar with Red Team tactics, where you will learn basic syntax for commonly used tools to perform the necessary operations. You will also learn how to apply newer Red Team techniques with powerful tools. Simultaneously, Blue Team tactics are introduced to help you defend your system from complex cyber-attacks. This book provides a clear, in-depth understanding of attack/defense methods as well as patterns to recognize irregular behavior within your organization. Finally, you will learn how to analyze your network and address malware, while becoming familiar with mitigation and threat detection techniques.By the end of this cybersecurity book, you will have discovered the latest tools to enhance the security of your system, learned about the security controls you need, and understood how to carry out each step of the incident response process.What you will learnLearn to mitigate, recover from, and prevent future cybersecurity eventsUnderstand security hygiene and value of prioritizing protection of your workloadsExplore physical and virtual network segmentation, cloud network visibility, and Zero Trust considerationsAdopt new methods to gather cyber intelligence, identify risk, and demonstrate impact with Red/Blue Team strategiesExplore legendary tools such as Nmap and Metasploit to supercharge your Red TeamDiscover identity security and how to perform policy enforcementIntegrate threat detection systems into your SIEM solutionsDiscover the MITRE ATT&CK Framework and open-source tools to gather intelligenceWho this book is forIf you are an IT security professional who wants to venture deeper into cybersecurity domains, this book is for you. Cloud security administrators, IT pentesters, security consultants, and ethical hackers will also find this book useful. Basic understanding of operating systems, computer networking, and web applications will be helpful.

Implement the entire CNAPP lifecycle from designing, planning, adopting, deploying, and operationalizing to enhance your organization's overall cloud security posture.Key FeaturesMaster the CNAPP lifecycle from planning to operationalization using real-world practical scenarios.Dive deep into the features of Microsoft's Defender for Cloud to elevate your organization’s security posture.Explore hands-on examples and implementation techniques from a leading expert in the cybersecurity industryBook DescriptionCloud security is a pivotal aspect of modern IT infrastructure, essential for safeguarding critical data and services. This comprehensive book explores Cloud Native Application Protection Platform (CNAPP), guiding you through adopting, deploying, and managing these solutions effectively. Written by Yuri Diogenes, Principal PM at Microsoft, who has been with Defender for Cloud (formerly Azure Security Center) since its inception, this book distills complex concepts into actionable knowledge making it an indispensable resource for Cloud Security professionals.The book begins with a solid foundation detailing the why and how of CNAPP, preparing you for deeper engagement with the subject. As you progress, it delves into practical applications, including using Microsoft Defender for Cloud to enhance your organization's security posture, handle multicloud environments, and integrate governance and continuous improvement practices into your operations.Further, you'll learn how to operationalize your CNAPP framework, emphasizing risk management & attack disruption, leveraging AI to enhance security measures, and integrating Defender for Cloud with Microsoft Security Exposure Management. By the end, you'll be ready to implement and optimize a CNAPP solution in your workplace, ensuring a robust defense against evolving threats.What you will learnImplement Microsoft Defender for Cloud across diverse IT environmentsHarness DevOps security capabilities to tighten cloud operationsLeverage AI tools such as Microsoft Copilot for Security to help remediate security recommendations at scaleIntegrate Microsoft Defender for Cloud with other XDR, SIEM (Microsoft Sentinel) and Microsoft Security Exposure ManagementOptimize your cloud security posture with continuous improvement practicesDevelop effective incident response plans and proactive threat hunting techniquesWho this book is forThis book is aimed at Cloud Security Professionals that work with Cloud Security, Posture Management, or Workload Protection. DevOps Engineers that need to have a better understanding of Cloud Security Tools and SOC Analysts that need to understand how CNAPP can enhance their threat hunting capabilities can also benefit from this book. Basic knowledge of Cloud Computing, including Cloud Providers such as Azure, AWS, and GCP is assumed.

Updated and revised edition of the bestselling guide to developing defense strategies against the latest threats to cybersecurityKey FeaturesCovers the latest security threats and defense strategies for 2020Introduces techniques and skillsets required to conduct threat hunting and deal with a system breachProvides new information on Cloud Security Posture Management, Microsoft Azure Threat Protection, Zero Trust Network strategies, Nation State attacks, the use of Azure Sentinel as a cloud-based SIEM for logging and investigation, and much moreBook DescriptionCybersecurity – Attack and Defense Strategies, Second Edition is a completely revised new edition of the bestselling book, covering the very latest security threats and defense mechanisms including a detailed overview of Cloud Security Posture Management (CSPM) and an assessment of the current threat landscape, with additional focus on new IoT threats and cryptomining.Cybersecurity starts with the basics that organizations need to know to maintain a secure posture against outside threat and design a robust cybersecurity program. It takes you into the mindset of a Threat Actor to help you better understand the motivation and the steps of performing an actual attack – the Cybersecurity kill chain. You will gain hands-on experience in implementing cybersecurity using new techniques in reconnaissance and chasing a user’s identity that will enable you to discover how a system is compromised, and identify and then exploit the vulnerabilities in your own system.This book also focuses on defense strategies to enhance the security of a system. You will also discover in-depth tools, including Azure Sentinel, to ensure there are security controls in each network layer, and how to carry out the recovery process of a compromised system.What you will learnThe importance of having a solid foundation for your security postureUse cyber security kill chain to understand the attack strategyBoost your organization's cyber resilience by improving your security policies, hardening your network, implementing active sensors, and leveraging threat intelligenceUtilize the latest defense tools, including Azure Sentinel and Zero Trust Network strategyIdentify different types of cyberattacks, such as SQL injection, malware and social engineering threats such as phishing emailsPerform an incident investigation using Azure Security Center and Azure SentinelGet an in-depth understanding of the disaster recovery processUnderstand how to consistently monitor security and implement a vulnerability management strategy for on-premises and hybrid cloudLearn how to perform log analysis using the cloud to identify suspicious activities, including logs from Amazon Web Services and AzureWho this book is forFor the IT professional venturing into the IT security domain, IT pentesters, security consultants, or those looking to perform ethical hacking. Prior knowledge of penetration testing is beneficial.