Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Common Observations from a Security Assessor

via YouTube

Overview

Explore common observations from a security assessor's perspective in this 47-minute conference talk from Louisville Metro Infosec 2019. Delve into cloud security, data breach statistics, and identity attacks. Learn about secure score types, Microsoft Secure Score, and multi-factor authentication. Discover the differences between legacy and modern authentication, and how to use sign-in logs to identify legacy auth. Examine Azure AD features, including conditional access and baseline policies. Review a comprehensive cloud security checklist and external security observations. Analyze account security, password policies, and guidelines for administrators. Investigate Azure AD Premium Password Protection and other password filter software. Understand the importance of password length, managers, and protecting against credential theft. Explore tiered privilege access, separate administrative accounts, and Privileged Access Workstations (PAWs). Examine endpoint security observations, including LLMNR/NBT-NS poisoning and relay, and Emotet/Trickbot threats. Conclude with common security control observations, commercial solutions, and free tools for enhancing your organization's security posture.

Syllabus

Intro
Agenda 1. Cloud Security
Data Breach Statistics (Identity Attacks)
Attacks on the Cloud
Secure Score (3 Different Types)
Microsoft Secure Score
Multi-Factor Authentication (MFA)
Legacy vs Modern Authentication
Use Sign-In Logs to find Legacy Auth Step 1: Understand the usage of Legacy Authentication in your organization
Review Risk Users in Azure AD
Azure AD Conditional Access
Baseline Policies
Cloud Security Checklist
External Security Observations • Management interfaces exposed to Internet
Account Security Observations
Insufficient Password Policy
Password Guidelines for Administrators
Azure AD Premium Password Protection
Other Password Filter Software
Password Length (Azure AD)
Password Managers
Credential Theft
Securing Privileged Access
Tiered Privilege Access
Separate Administrative Accounts
Service Accounts
Privileged Access Workstations (PAWs)
Endpoint Security Observations
LLMNR/NBT-NS Poisoning and Relay
Emotet/Trickbot
Common Security Control Observations
Commercial Solutions
Free Tools / Informative References

Reviews

Start your review of Common Observations from a Security Assessor

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.