In an era dominated by technological advancements, the rise of cyber threats poses a substantial risk to businesses and individuals alike. One such threat is EvilGinx, a sophisticated man-in-the-middle software…
Mastering Microsoft’s SC-400 Exam: Your Ultimate Guide
If you're looking to prove your expertise in securing and protecting Microsoft 365 workloads, passing the SC-400 exam is your key to success. Microsoft's SC-400, “Administering Information Protection and Compliance…
Navigating the SC-200 Exam: Your Comprehensive Guide
Introduction: Gearing up for the SC-200 exam? Microsoft's SC-200 exam, also known as the Security Operations Analyst certification, is designed to validate your skills in managing security alerts, responding to…
Get ACL Permissions for a specific OU
# Get ACL Permissions for a specific OU (Get-ACL "AD:$((Get-ADOrganizationalUnit -Identity 'OU=Computers,DC=Test,DC=LOCAL').distinguishedname)").access | Select IdentityReference,AccessControlType,ActiveDirectoryRights.IsInherited #Other examples available from https://www.easy365manager.com/how-to-document-ou-delegation/ https://shellgeek.com/get-ad-ou-permissions-report/
Query Active Directory – Security Script
PowerShell script to query active directory : Identify Accounts with Password expiring is disabled Identify Accounts have not logged on for 30 or 90 days and accounts have never logged…
Purview – eDiscovery, and Investigations – How to guide
Create a Case - eDiscovery (Standard) - Microsoft Purview You will require the role eDiscovery Manager or eDiscovery Administrator Assign eDiscovery permissions in the Microsoft Purview compliance portal - Microsoft…
EoL Software, Cyber Security, or a Business Issue?
If a piece of software is End of Life (EoL), should you upgrade immediately? Is it an instant Cyber Security or a Business issue? To understand the challenges/issue, conduct a…
Microsoft SC-200 Security Operations Analyst – Study Notes
Defender for Identity entity tags in Microsoft 365 Defender https://docs.microsoft.com/en-us/defender-for-identity/manage-sensitive-honeytoken-accounts Using role-based access control (RBAC) https://docs.microsoft.com/en-us/learn/modules/deploy-microsoft-defender-for-endpoints-environment/4-manage-access Manage portal access using role-based access control https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/rbac?view=o365-worldwide Safe Attachments policies in Microsoft Defender…
Import Reg Key To Remote Computer
Challenge : Import reg key settings to a remote compute Requires WinRM to be running Execute as Administrator **This script worked when tested on a Window 2021 server to a…
NIST Cyber Security Professional.. things to remember
Digital Transformation + Cyber Security = Success Digital Transformation. What to focus on: Customer Experience -> Operational Efficiencies -> New Revenue Streams -> Rapid Response to Change What is NIST-CSF…