IT评测·应用市场-qidao123.com

标题: 微软SC-900(Azure安全基础)备考笔记 [打印本页]

---

作者: 惊雷无声    时间: 2023-4-13 18:44
标题: 微软SC-900(Azure安全基础)备考笔记

写在前面

因为sc-900是英文考试（或是有中文版本但我不知道），我复习和刷题也是看的英文材料，因此该笔记会以英文为基础，遇到比较少见的单词时我会标注翻译。
该笔记单纯旨在通过考试，对实践的帮助不大。sc-900，依我拙见，也不是一个能学到很多知识的考试。想要了解网络安全基础概念的朋友，可以了解一下ISC^2最近发布的CC(certified in cybersecurity)考试。之后我也会发布cc的学习笔记。
SC-900

• 60分钟
  
• 40-60道题
  
• 满分1000分，700分以上合格
  

笔记

评分相关

secure score: 网络安全系数

compliance score: 员工是否遵从规定，按程序行事

功能相关

Azure Active Directory(Azure AD):

• cloud-based identity and access management service
  

Azure AD identity protection

• automate the detection and remediation of identity-based risk
  
• investigate risks using data in the portal
  

MS defender:

• MS Defender for Identity:
  
  
  
  • cloud-based solution that leverage(借助) on-premises Active Directory Domain Service(AD DS) to identify, detect, ... risks
    
  
  
• MS Defender for Endpoint:
  
  
  
  • 一般跟装备(device)有关的就选这个
    
  • secure score就存在这
    
  • automatic investigation and regulation
    
  • attack surface reduction
    
  
  
• MS Defender for Office 365:
  
  
  
  • protect from malicious threats posted by email messages, links, ...
    
  • real-time report
    
  
  
• MS Defender for Cloud:
  
  
  
  • manage security for a multi-cloud environment(微软，谷歌，亚马逊结合到一起管理)
    
  • assess security posture, identify threats, harden resource
    
  
  
• MS Defender for Cloud App:
  
  
  
  • Cloud Access Security Broker(CASB) that supports various deployment modes
    
    
    
    • CASB四大要素: visibility, compliance, data security, threat protection
      
    
    
  • 达到GDPR和PCI的要求
    
  
  

Azure Firewall:

• network-level and application-level
  
• protect machine and network
  

Azure Web Application Firewall(WAF):

• application-level filtering
  
• SSL termination
  
• centralized protection from common exploits&vulnerabilities
  

Azure Baston:

• secure RDP&SSH connectivity to the virtual machine
  

Network Security Group(NSG):

• filter network traffic to and from Azure Resource
  

Azure Sentinel(哨兵):

• security information and event management(SIEM)
  
  
  
  • SIEM: collect info from diverse source, and analyzes it for signs of a security incident
    
  
  
• security orchestration automated response(SOAR)
  
• workbook: interactive dashboards that allow users to explore and analyze
  
• playbook: automated response
  

MS purview compliance portal:

• manage compliance requirement
  
• 3 controls:
  
  
  
  • MS-managed control
    
  • customer-managed control
    
  • shared control
    
  
  
• insider risk management: sensitive data leak, confidentiality violation
  
• 一般没见过的题就选它
  

privileged identity management(PIM):

• time-based and approval-based role activation
  
• e.g. just-in-time access
  
• premium P2 subscription
  

virtual network:

• network segmentation
  

customer lockbox:

• used by MS engineers when they need to access some user's data
  

eDiscovery:

• digital investigation that attempts to find evidence in email, ... for a criminal proceeding
  

规定相关

MS service Trust Portal:

• detail how MS complies with the regulatory standard and implements controls to protect the organization
  
• 一般来说，如果题目中提到document，就选trust portal
  

Azure Policy:

• enforce(实行) standard, and assess compliance
  

Zero Trust:

• assume breach
  
• verify explicitly
  
• least privilege
  

Privacy Principle:

• Control
  
• Security
  
• Legal
  
• Transparency
  
• No content-based targeting
  
• Benefit
  

Microsoft Cloud Adoption Framework for Azure:

• collection of documentation providing guidance
  

密码学相关

Symmetric encryption

• use the same key to encrypt and decrypt files
  

Asymmetric encryption

• private key to sign a document(digital signature)
  
• public key to verify authentication
  

Azure MFA(multi-factor authentication)

• text message
  
• authentication app
  
• phone call
  

Self-service password reset(SSPR):

• 忘记密码自己解决
  
• 启动条件：
  
  
  
  • Assign an Azure AD license
    
  • Enable SSPR for user
    
  • Register an authentication method
    
  
  

Federation:

• enable access to service across the organization
  

Single-Sign on:

• 登录一次，其他相关程序免登录
  

Password Hash Synchronization:

• enables password sync with active directory
  

有用链接

刷题：
https://www.examtopics.com/exams/microsoft/sc-900/view/
https://learn.microsoft.com/zh-cn/certifications/exams/sc-900/practice/assessment?assessment-type=practice&assessmentId=11
免费考试：
https://msftstudentcert.cloudreadyskills.com/course/sc900
写在后面

以上为本人复习时整理，如有遗漏知识点（肯定有很多），欢迎大家评论补充。提前祝大家考试通过

免责声明：如果侵犯了您的权益，请联系站长，我们会及时删除侵权内容，谢谢合作！

---

欢迎光临 IT评测·应用市场-qidao123.com (https://dis.qidao123.com/)

Powered by Discuz! X3.4