In an era dominated by technological advancements, the rise of cyber threats poses a substantial risk to businesses and individuals alike. One such threat is EvilGinx, a sophisticated man-in-the-middle software…
Mastering Microsoft’s SC-400 Exam: Your Ultimate Guide
If you're looking to prove your expertise in securing and protecting Microsoft 365 workloads, passing the SC-400 exam is your key to success. Microsoft's SC-400, “Administering Information Protection and Compliance…
Navigating the SC-200 Exam: Your Comprehensive Guide
Introduction: Gearing up for the SC-200 exam? Microsoft's SC-200 exam, also known as the Security Operations Analyst certification, is designed to validate your skills in managing security alerts, responding to…
Get ACL Permissions for a specific OU
# Get ACL Permissions for a specific OU (Get-ACL "AD:$((Get-ADOrganizationalUnit -Identity 'OU=Computers,DC=Test,DC=LOCAL').distinguishedname)").access | Select IdentityReference,AccessControlType,ActiveDirectoryRights.IsInherited #Other examples available from https://www.easy365manager.com/how-to-document-ou-delegation/ https://shellgeek.com/get-ad-ou-permissions-report/
Query Active Directory – Security Script
PowerShell script to query active directory : Identify Accounts with Password expiring is disabled Identify Accounts have not logged on for 30 or 90 days and accounts have never logged…
Purview – eDiscovery, and Investigations – How to guide
Create a Case - eDiscovery (Standard) - Microsoft Purview You will require the role eDiscovery Manager or eDiscovery Administrator Assign eDiscovery permissions in the Microsoft Purview compliance portal - Microsoft…
Microsoft SC-200 Security Operations Analyst – Study Notes
Defender for Identity entity tags in Microsoft 365 Defender https://docs.microsoft.com/en-us/defender-for-identity/manage-sensitive-honeytoken-accounts Using role-based access control (RBAC) https://docs.microsoft.com/en-us/learn/modules/deploy-microsoft-defender-for-endpoints-environment/4-manage-access Manage portal access using role-based access control https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/rbac?view=o365-worldwide Safe Attachments policies in Microsoft Defender…
Import Reg Key To Remote Computer
Challenge : Import reg key settings to a remote compute Requires WinRM to be running Execute as Administrator **This script worked when tested on a Window 2021 server to a…
Azure Conditional Access Integration with Google Chrome
Scenario: Anyone using MCAS, Conditional Access, Window 10 Endpoints and Google Chrome. Challenge: How do you get Google Chrome to be recognised by Azure Conditional Access policies. Issue : Azure…
How to Enable “Security Defaults” in Azure and Office 365
Security Defaults in Azure Portal. IMPORTANT, SECURITY DEFAULTS IS NOT ALWAYS ENABLED BY DEFAULT. YOU MUST CHECK YOUR SETTINGS What does Security Defaults give you? Security Defaults when enabled provide…