Microsoft Azure Security – Study Notes

A collection of all my study notes and lab work while working towards passing the badge Microsoft Certified Security Engineer Associate by passing the AZ-500 exam

These notes are in no order and are not focused towards any exam content other than sharing my experience of configuring and automating security within Azure in the run up to the final exam.

  1. Azure – Setup Azure Blueprints
  2. Azure – Advisor
  3. Azure – AD Identity Protection
  4. Azure – Install and Configure Antimalware On A Virtual Machine
  5. Creating Security Baselines In Microsoft Azure
  6. Azure – Log Analytics Workspace and AzureVirtual Machine Agent Install
  7. Azure – Access Control and Role Assignment
  8. Azure – Configure Management Locks – Prevent Accidental Deletion Of Core Resources
  9. AZURE – Control Storage Access by Networks
  10. Azure – Update Management
  11. Azure – Monitoring Alert On Virtual Machine CPU Usage
  12. Azure – Register An Application in AD and Generate App Password
  13. Azure – Activity Log
  14. Azure – Route Tables – How To Force Traffic Down A Specific Route
  15. Azure – Content Trust in ACR and Roles
  16. Azure – Creating Key Vaults
  17. Azure – Create Kubernetes Cluster with ACR Integration
  18. Azure – Monitor / Alerts – Create Action Group to Notify Admin/User by SMS & Email
  19. Azure – Security Center and Pricing
  20. Azure Conditional Access Policies – Greyed Out
  21. Azure – Configure Web App Custom Domain and TLS
  22. Azure – Configure Web App and Licenses
  23. AZ-500: Microsoft Azure Security Technologies – EXAM PASSED!!!

MS-101: Microsoft 365 Mobility and Security – EXAM PASSED!!!

MS-101: Microsoft 365 Mobility and Security

EXAM PASSED!!!

#MS365 #Security #365Security #CertifiedProfessional #CloudSecurity #CloudFamily #CyberSecurity #Microsoft365 #MicrosoftCloud #Microsoft #alwaysbelearning #MS101 #EXAM #PASSED 

EXO V2 Module – Microsoft 365 Exchange Online – PowerShell Module

EXO v2 Exchange Online PowerShell Module download here

Some PowerShell commands to help you manage your Microsof 365 Exchange. 

More information on the Microsoft Site here

How to load the EXO v2 Module

Run PowerShell ( I used the ISE) as Administrator    (+ be connected to the Internet)

Install-Module -Name ExchangeOnlineManagement    #Execute this command

You will need to say “Yes to All” on Trust the repository prompt (Well that’s what I needed to do)

How do you connect to Exchange Online

Connect-ExchangeOnline -EnableErrorReporting -LogDirectoryPath C:\temp\logs –LogLevel All

Enter your tenancy credentials

(This will work and prompt for MFA enabled accounts.)

Example EXO V2 PowerShell Commands

Example 1 – Return Mailbox details for a specific user command (Settings you might see in Active Directory)

Get-EXOMailbox -Identity <ENTER EMAIL ADDRESS HERE> -Properties DisplayName,EmailAddresses,Alias

Example 2 – Return Mailbox details for a specific user command ( Settings like MAPI & POP status, Email Addresses)

Get-EXOCASMailbox -Identity “< ENTER EMAIL ADDRESS HERE >” 

Example 3 – Check User Permissions

Get-EXOMailboxPermission -Identity “< ENTER EMAIL ADDRESS HERE >”


Example 4 – What Devices have accessed the mailbox.

This showed multiple devices and which supported remote wipe. If you are reviewing security footprint and what devices have access corporate email, this is a good starting point.

Get-EXOMobileDeviceStatistics -Mailbox “< ENTER EMAIL ADDRESS HERE >” -ActiveSync


Then finally how to Disconnect

DisConnect-ExchangeOnline

Then select “Yes to All”

Disconnected Successfully

What is On-Premises, IaaS, PaaS, SaaS and IaC?

  • Infrastructure as a Service (IaaS)
  • Platform as a Service (PaaS)
  • Software as a Service (SaaS)
  • On-Premise
  • Infrastructure as Code (IaC)

Examples I’ve used

What are the differences?

Infrastructure as Code

So what is IaC, Infrastructure as Code? Standardise Infrastructure, Automate deployment and recreate, well-documented code. Exampled formats such as JSON & ARM templates.

DevOps teams will use IaC to recreate production like environments in dev cycles. Validate and Test deployments, prior to a production deployment. The end result being able to deliver a stable and repeatable environment.

Azure Resource Manager

The alternative to just running scripts. Manage your infrastructure resources in a group by templates. In addition, you apply security (RBAC) and tags, then associate costs to the group.

WVD – Windows Virtual Desktop – Admin Tasks, Tips and Useful Blogs

Azure Administrator – Tasks and Guides

Your one stop shop for the Azure Administrator resource pool of tasks.

Task
Set the tenant, subscription, and environment for cmdlets to use in the current session.
Plan virtual networks
Configure Azure Multi-Factor Authentication settings
Create DNS records in a custom domain for a web app
Add your custom domain name using the Azure Active Directory portal
Create a route-based VPN gateway using the Azure portal
Connect virtual networks with virtual network peering using the Azure portal
Troubleshoot password hash synchronization with Azure AD Connect sync
Manage device identities using the Azure portal
How to manage the local administrators group on Azure AD joined devices
Azure Load Balancer For RDP
Create a virtual network (classic) with multiple subnets
Point-to-Site VPN routing
Back-end health and diagnostic logs for Application Gateway
All things Azure and Sysadmin stuff
Set up Disaster Recovery for Azure IaaS VMs
Migrate AWS S3 buckets to Azure blob storage
Azure Security Center: Learning the ropes (resources)
Copy Files to Azure VM using PowerShell Remoting
How to manage Azure VMs with Windows Admin Center
Conditional Access rules for Admin MFA
Tag @stephenhackers on Twitter with your Azure blog pages

New Release: PowerCLI 11.4.0

Great news for all the scripting people out there. New Release: PowerCLI 11.4.0 #PowerCLI #Scripting #WhatsNew

New Release: PowerCLI 11.4.0

August is always a great month when it comes to new releases, and this year is no different. Even before VMworld, there have already been announcements for vSphere 6.7 Update 3, NSX-T 2.4.2, and a new version of HCX. The PowerCLI team has one more exciting release for you in the form of PowerCLI 11.4.0! […] The post New Release: PowerCLI 11.4.0 appeared first on VMware PowerCLI Blog.


VMware Social Media Advocacy

Ping sweep script test

POWERSHELL
import-CSV "" | 
foreach 
{ 
$result = Test-Connection -ComputerName 
$_.Name -Count 1 -Quiet $_.name, $result -join ',' | out-file "c:\scripts\PingSweep\computer_results.txt" -Append 
}       


COMMAND /BATCH SCRIPT
Create list of computers to ping Comupters.txt 

Create batch file pingsweep.bat  

for /f %%s in (computer.txt) do (ping -n 1 %%s) open  cmd pingsweep.bat >> PINGSWEEPQUOTES.TXT 


Please test all scripts in a lab environment. We have no liability for any issues caused.


If you would prefer a more advanced script in PowerShell, check out this  example of a ping script in PowerShell written by Jamie Crookes "Ping utility function/module for PowerShell" can be found here http://www.powerscript.net/handy-ping-utility-function/

PowerShell : Get COMPUTER objects of a specific group ( this example gets the properties “description” of each object )

# Get COMPUTER objects of a specific group ( this example gets the properties “description” of each object ) 
# List in a table format Name and Computer Description Properties

Get-AdGroupMember GROUPNAME | ForEach-Object {
$Computer = ($_.Name)
foreach ($c in $Computer) {
Get-ADComputer $c -Properties Description | ft name, description
}
}

# Expected Output
#Name Descriptions
#----- -------------
#Computername Computer Description
#Computername Computer Description
#Computername Computer Description

VMworld 2018 Barcelona Highlights

Stephen Hackers from Hot Wired IT Solutions affiliate partner to HTG (Howell Technology Group) made the trip to VMworld Barcelona 2018 with Kevin Howell (HTG), Graham Wight (HTG) and Tony Cota.

Overview

Tech Experts Meetings + Design Workshops + Vendors + Hall Sessions = A great experience and excellent value for money.

Things I learnt…

  1. Download the VMworld App
  2. Book sessions early
  3. Register for a vendor party
  4. Participate where possible

VMworld through my eyes

  1. Download the app… Contains your pass, schedule, reminders, events, map, info and more.
  2. The photo every geek wants

3. Picked up my VMware vExpert 2018 goodie bag

 

4. Attended multiple design workshops. Signing NDA… Sorry no secrets being shared here.

VMware design_studio

 

5. Entered the Hackathon .. Joined an amazing team of 8 experts. (3rd place)

Chris Porter, Christopher Lewis, Colin Westwater, Dave Simpson, Dominik Zorgnotti, Gareth Edwards, Tony Cota and Stephen Hackers (Me).

We created and launched #PowerVKE. PowerShell module to deploy kubernetes. This was successful in taking 3rd place at the Hackathon

Available on GitHub https://github.com/PowerVKE

Follow on twitter https://twitter.com/PowerVKE

24 hours on from the Hackathon and Will PowerVKE name change to PowerPKS??

 

6. Meet the Vendors.

Vembu stand

NetApp with Ducati ( I was always going to visit any stand with a bike being a biker myself)

Quantum

 

7. Vendor party

Cohesity was our option

Great night out and some interesting glow in the dark / flashing devices for the night. The Queen tribute act was definitely worth watching. The friendly atmosphere was fantastic

 

8. Meet the Experts.

I attended two of these excellent sessions on PKS (kubernetes) and vSphere on AWS. As a techy I felt I got more business value in these 30-45min 1-1 tech sessions than in some of the high level presentations attended. That’s not to say the high level presentations were worth attending as well, but I got to ask in the 1-1 my homework for actual work I’m doing or planning on doing.

 

9.The End

Then the trip was over. Such an amazing few days. Already looking forward to VMworld 2019……