Category Cloud & Datacenter Management

Safeguarding Your Business: Combating EvilGinx and MFA Bypass with Conditional Access Phishing Resistance

In an era dominated by technological advancements, the rise of cyber threats poses a substantial risk to businesses and individuals alike. One such threat is EvilGinx, a sophisticated man-in-the-middle software…

Read More

Mastering Microsoft’s SC-400 Exam: Your Ultimate Guide

If you're looking to prove your expertise in securing and protecting Microsoft 365 workloads, passing the SC-400 exam is your key to success. Microsoft's SC-400, “Administering Information Protection and Compliance…

Read More

Navigating the SC-200 Exam: Your Comprehensive Guide

Introduction: Gearing up for the SC-200 exam? Microsoft's SC-200 exam, also known as the Security Operations Analyst certification, is designed to validate your skills in managing security alerts, responding to…

Read More

Get ACL Permissions for a specific OU

# Get ACL Permissions for a specific OU (Get-ACL "AD:$((Get-ADOrganizationalUnit -Identity 'OU=Computers,DC=Test,DC=LOCAL').distinguishedname)").access | Select IdentityReference,AccessControlType,ActiveDirectoryRights.IsInherited  #Other examples available from https://www.easy365manager.com/how-to-document-ou-delegation/ https://shellgeek.com/get-ad-ou-permissions-report/

Read More

Query Active Directory – Security Script

PowerShell script to query active directory : Identify Accounts with Password expiring is disabled Identify Accounts have not logged on for 30 or 90 days and accounts have never logged…

Read More

Purview – eDiscovery, and Investigations – How to guide

Create a Case - eDiscovery (Standard) - Microsoft Purview You will require the role eDiscovery Manager or eDiscovery Administrator Assign eDiscovery permissions in the Microsoft Purview compliance portal - Microsoft…

Read More

Microsoft SC-200 Security Operations Analyst – Study Notes

Defender for Identity entity tags in Microsoft 365 Defender https://docs.microsoft.com/en-us/defender-for-identity/manage-sensitive-honeytoken-accounts Using role-based access control (RBAC) https://docs.microsoft.com/en-us/learn/modules/deploy-microsoft-defender-for-endpoints-environment/4-manage-access Manage portal access using role-based access control https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/rbac?view=o365-worldwide Safe Attachments policies in Microsoft Defender…

Read More

How to Enable “Security Defaults” in Azure and Office 365

Security Defaults in Azure Portal. IMPORTANT, SECURITY DEFAULTS IS NOT ALWAYS ENABLED BY DEFAULT. YOU MUST CHECK YOUR SETTINGS What does Security Defaults give you? Security Defaults when enabled provide…

Read More