Home

Safeguarding Your Business: Combating EvilGinx and MFA Bypass with Conditional Access Phishing Resistance

In an era dominated by technological advancements, the rise of cyber threats poses a substantial risk to businesses and individuals alike. One such threat is EvilGinx, a sophisticated man-in-the-middle software…

Read More

Mastering Microsoft’s SC-400 Exam: Your Ultimate Guide

If you're looking to prove your expertise in securing and protecting Microsoft 365 workloads, passing the SC-400 exam is your key to success. Microsoft's SC-400, “Administering Information Protection and Compliance…

Read More

Navigating the SC-200 Exam: Your Comprehensive Guide

Introduction: Gearing up for the SC-200 exam? Microsoft's SC-200 exam, also known as the Security Operations Analyst certification, is designed to validate your skills in managing security alerts, responding to…

Read More

Get ACL Permissions for a specific OU

# Get ACL Permissions for a specific OU (Get-ACL "AD:$((Get-ADOrganizationalUnit -Identity 'OU=Computers,DC=Test,DC=LOCAL').distinguishedname)").access | Select IdentityReference,AccessControlType,ActiveDirectoryRights.IsInherited  #Other examples available from https://www.easy365manager.com/how-to-document-ou-delegation/ https://shellgeek.com/get-ad-ou-permissions-report/

Read More

Query Active Directory – Security Script

PowerShell script to query active directory : Identify Accounts with Password expiring is disabled Identify Accounts have not logged on for 30 or 90 days and accounts have never logged…

Read More

Purview – eDiscovery, and Investigations – How to guide

Create a Case - eDiscovery (Standard) - Microsoft Purview You will require the role eDiscovery Manager or eDiscovery Administrator Assign eDiscovery permissions in the Microsoft Purview compliance portal - Microsoft…

Read More

Microsoft SC-200 Security Operations Analyst – Study Notes

Defender for Identity entity tags in Microsoft 365 Defender https://docs.microsoft.com/en-us/defender-for-identity/manage-sensitive-honeytoken-accounts Using role-based access control (RBAC) https://docs.microsoft.com/en-us/learn/modules/deploy-microsoft-defender-for-endpoints-environment/4-manage-access Manage portal access using role-based access control https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/rbac?view=o365-worldwide Safe Attachments policies in Microsoft Defender…

Read More