Hacking
W kategorii Hacking zebrano publikacje dotyczące nie tylko hackerów, crackerów i ich technik działania, ale także opisujące różne aspekty bezpieczeństwa komputerów i danych na nich przechowywanych. Poznacie technikę przeprowadzania audytów bezpieczeństwa oraz sposoby zabezpieczania się przed atakami hackerów, programami szpiegującymi czy zwykłą plagą wirusów.
Nauczycie się chronić nie tylko poszczególne komputery ale całe sieci komputerowe przez opracowanie i wdrożenie odpowiedniej polityki bezpieczeństwa, poprawne użycie firewalli czy odpowiednie skonfigurowanie serwerów pracujących pod Waszym nadzorem, a także opanujecie sposoby bezpiecznego surfowania po internecie.
Metasploit Bootcamp. The fastest way to learn Metasploit
Nipun Jaswal
The book starts with a hands-on Day 1 chapter, covering the basics of the Metasploit framework and preparing the readers for a self-completion exercise at the end of every chapter. The Day 2 chapter dives deep into the use of scanning and fingerprinting services with Metasploit while helping the readers to modify existing modules accordingto their needs. Following on from the previous chapter, Day 3 will focus on exploiting various types of service and client-side exploitation while Day 4 will focus on post-exploitation, and writing quick scripts that helps with gathering the required information from the exploited systems. The Day 5 chapter presents the reader with the techniquesinvolved in scanning and exploiting various services, such as databases, mobile devices, and VOIP. The Day 6 chapter prepares the reader to speed up and integrate Metasploit with leading industry tools for penetration testing. Finally, Day 7 brings in sophisticated attack vectors and challenges based on the user’s preparation over the past six days and ends with a Metasploit challenge to solve.
Metasploit Bootcamp. The fastest way to learn Metasploit
Nipun Jaswal
The book starts with a hands-on Day 1 chapter, covering the basics of the Metasploit framework and preparing the readers for a self-completion exercise at the end of every chapter. The Day 2 chapter dives deep into the use of scanning and fingerprinting services with Metasploit while helping the readers to modify existing modules accordingto their needs. Following on from the previous chapter, Day 3 will focus on exploiting various types of service and client-side exploitation while Day 4 will focus on post-exploitation, and writing quick scripts that helps with gathering the required information from the exploited systems. The Day 5 chapter presents the reader with the techniquesinvolved in scanning and exploiting various services, such as databases, mobile devices, and VOIP. The Day 6 chapter prepares the reader to speed up and integrate Metasploit with leading industry tools for penetration testing. Finally, Day 7 brings in sophisticated attack vectors and challenges based on the user’s preparation over the past six days and ends with a Metasploit challenge to solve.
Metasploit for Beginners. Create a threat-free environment with the best-in-class tool
Sagar Rahalkar
This book will begin by introducing you to Metasploit and its functionality. Next, you will learn how to set up and configure Metasploit on various platforms to create a virtual test environment. You will also get your hands on various tools and components used by Metasploit. Further on in the book, you will learn how to find weaknesses in the target system and hunt for vulnerabilities using Metasploit and its supporting tools. Next, you'll get hands-on experience carrying out client-side attacks. Moving on, you'll learn about web application security scanning and bypassing anti-virus and clearing traces on the target system post compromise. This book will also keep you updated with the latest security techniques and methods that can be directly applied to scan, test, hack, and secure networks and systems with Metasploit. By the end of this book, you'll get the hang of bypassing different defenses, after which you'll learn how hackers use the network to gain access into different systems.
Metasploit for Beginners. Create a threat-free environment with the best-in-class tool
Sagar Rahalkar
This book will begin by introducing you to Metasploit and its functionality. Next, you will learn how to set up and configure Metasploit on various platforms to create a virtual test environment. You will also get your hands on various tools and components used by Metasploit. Further on in the book, you will learn how to find weaknesses in the target system and hunt for vulnerabilities using Metasploit and its supporting tools. Next, you'll get hands-on experience carrying out client-side attacks. Moving on, you'll learn about web application security scanning and bypassing anti-virus and clearing traces on the target system post compromise. This book will also keep you updated with the latest security techniques and methods that can be directly applied to scan, test, hack, and secure networks and systems with Metasploit. By the end of this book, you'll get the hang of bypassing different defenses, after which you'll learn how hackers use the network to gain access into different systems.
Nipun Jaswal, Daniel Teixeira, Abhinav Singh, Monika...
Metasploit is the world's leading penetration testing tool and helps security and IT professionals find, exploit, and validate vulnerabilities. Metasploit allows penetration testing automation, password auditing, web application scanning, social engineering, post exploitation, evidence collection, and reporting. Metasploit's integration with InsightVM (or Nexpose), Nessus, OpenVas, and other vulnerability scanners provides a validation solution that simplifies vulnerability prioritization and remediation reporting. Teams can collaborate in Metasploit and present their findings in consolidated reports.In this book, you will go through great recipes that will allow you to start using Metasploit effectively. With an ever increasing level of complexity, and covering everything from the fundamentals to more advanced features in Metasploit, this book is not just for beginners but also for professionals keen to master this awesome tool.You will begin by building your lab environment, setting up Metasploit, and learning how to perform intelligence gathering, threat modeling, vulnerability analysis, exploitation, and post exploitation—all inside Metasploit. You will learn how to create and customize payloads to evade anti-virus software and bypass an organization's defenses, exploit server vulnerabilities, attack client systems, compromise mobile phones, automate post exploitation, install backdoors, run keyloggers, highjack webcams, port public exploits to the framework, create your own modules, and much more.
Nipun Jaswal, Daniel Teixeira, Abhinav Singh, Monika...
Metasploit is the world's leading penetration testing tool and helps security and IT professionals find, exploit, and validate vulnerabilities. Metasploit allows penetration testing automation, password auditing, web application scanning, social engineering, post exploitation, evidence collection, and reporting. Metasploit's integration with InsightVM (or Nexpose), Nessus, OpenVas, and other vulnerability scanners provides a validation solution that simplifies vulnerability prioritization and remediation reporting. Teams can collaborate in Metasploit and present their findings in consolidated reports.In this book, you will go through great recipes that will allow you to start using Metasploit effectively. With an ever increasing level of complexity, and covering everything from the fundamentals to more advanced features in Metasploit, this book is not just for beginners but also for professionals keen to master this awesome tool.You will begin by building your lab environment, setting up Metasploit, and learning how to perform intelligence gathering, threat modeling, vulnerability analysis, exploitation, and post exploitation—all inside Metasploit. You will learn how to create and customize payloads to evade anti-virus software and bypass an organization's defenses, exploit server vulnerabilities, attack client systems, compromise mobile phones, automate post exploitation, install backdoors, run keyloggers, highjack webcams, port public exploits to the framework, create your own modules, and much more.
Metasploit. Receptury pentestera. Wydanie II
Monika Agarwal, Abhinav Singh
Najlepsze przepisy na bezpieczeństwo Twoich danych! Jeżeli Twój system przechowuje i przetwarza poufne informacje — dane osobowe, numery kart kredytowych, wiadomości e-mail, dane finansowe lub coś równie ważnego — jest łakomym kąskiem dla cyberprzestępców. Jeżeli wizja kradzieży Twoich danych spędza Ci sen z powiek i zastanawiasz się, jak najlepiej sprawdzić stan bezpieczeństwa Twojego systemu, to odpowiedź jest jedna — zaatakuj go sam! Testy penetracyjne to najskuteczniejsza metoda weryfikacji bezpieczeństwa. Metasploit to narzędzie używane przez profesjonalistów do prowadzenia testów penetracyjnych. Jeżeli chcesz poznać najlepsze przepisy na jego wykorzystanie, to trafiłeś na doskonałą książkę! Zawiera ona ponad 80 receptur omawiających najbardziej skuteczne techniki testowania. W trakcie lektury dowiesz się, jak sprawnie skonfigurować Metasploit, ominąć ochronę antywirusową oraz skanować porty w systemach. Ponadto nauczysz się prowadzić testy penetracyjne sieci bezprzewodowych, korzystać z exploitów oraz używać modułów pomocniczych. Od dawna wiadomo, że najsłabszym ogniwem w systemie bezpieczeństwa jest człowiek, dlatego warto zaznajomić się z rozdziałem omawiającym pakiet narzędzi socjotechnicznych — Social Engineer-Toolkit. Książka ta jest obowiązkową pozycją na półce każdego pentestera! Dzięki tej książce: zainstalujesz i skonfigurujesz narzędzie Metasploit wykorzystasz język Ruby do budowy skryptów przeprowadzisz testy penetracyjne sieci VoIP poznasz pakiet narzędzi socjotechnicznych skutecznie zweryfikujesz bezpieczeństwo systemu informatycznego Testy penetracyjne — zadbaj o bezpieczeństwo Twojego systemu!
Metasploit. Receptury pentestera. Wydanie II
Monika Agarwal, Abhinav Singh
Najlepsze przepisy na bezpieczeństwo Twoich danych! Jeżeli Twój system przechowuje i przetwarza poufne informacje — dane osobowe, numery kart kredytowych, wiadomości e-mail, dane finansowe lub coś równie ważnego — jest łakomym kąskiem dla cyberprzestępców. Jeżeli wizja kradzieży Twoich danych spędza Ci sen z powiek i zastanawiasz się, jak najlepiej sprawdzić stan bezpieczeństwa Twojego systemu, to odpowiedź jest jedna — zaatakuj go sam! Testy penetracyjne to najskuteczniejsza metoda weryfikacji bezpieczeństwa. Metasploit to narzędzie używane przez profesjonalistów do prowadzenia testów penetracyjnych. Jeżeli chcesz poznać najlepsze przepisy na jego wykorzystanie, to trafiłeś na doskonałą książkę! Zawiera ona ponad 80 receptur omawiających najbardziej skuteczne techniki testowania. W trakcie lektury dowiesz się, jak sprawnie skonfigurować Metasploit, ominąć ochronę antywirusową oraz skanować porty w systemach. Ponadto nauczysz się prowadzić testy penetracyjne sieci bezprzewodowych, korzystać z exploitów oraz używać modułów pomocniczych. Od dawna wiadomo, że najsłabszym ogniwem w systemie bezpieczeństwa jest człowiek, dlatego warto zaznajomić się z rozdziałem omawiającym pakiet narzędzi socjotechnicznych — Social Engineer-Toolkit. Książka ta jest obowiązkową pozycją na półce każdego pentestera! Dzięki tej książce: zainstalujesz i skonfigurujesz narzędzie Metasploit wykorzystasz język Ruby do budowy skryptów przeprowadzisz testy penetracyjne sieci VoIP poznasz pakiet narzędzi socjotechnicznych skutecznie zweryfikujesz bezpieczeństwo systemu informatycznego Testy penetracyjne — zadbaj o bezpieczeństwo Twojego systemu!
Metasploit. Receptury pentestera. Wydanie II
Monika Agarwal, Abhinav Singh
Najlepsze przepisy na bezpieczeństwo Twoich danych! Jeżeli Twój system przechowuje i przetwarza poufne informacje — dane osobowe, numery kart kredytowych, wiadomości e-mail, dane finansowe lub coś równie ważnego — jest łakomym kąskiem dla cyberprzestępców. Jeżeli wizja kradzieży Twoich danych spędza Ci sen z powiek i zastanawiasz się, jak najlepiej sprawdzić stan bezpieczeństwa Twojego systemu, to odpowiedź jest jedna — zaatakuj go sam! Testy penetracyjne to najskuteczniejsza metoda weryfikacji bezpieczeństwa. Metasploit to narzędzie używane przez profesjonalistów do prowadzenia testów penetracyjnych. Jeżeli chcesz poznać najlepsze przepisy na jego wykorzystanie, to trafiłeś na doskonałą książkę! Zawiera ona ponad 80 receptur omawiających najbardziej skuteczne techniki testowania. W trakcie lektury dowiesz się, jak sprawnie skonfigurować Metasploit, ominąć ochronę antywirusową oraz skanować porty w systemach. Ponadto nauczysz się prowadzić testy penetracyjne sieci bezprzewodowych, korzystać z exploitów oraz używać modułów pomocniczych. Od dawna wiadomo, że najsłabszym ogniwem w systemie bezpieczeństwa jest człowiek, dlatego warto zaznajomić się z rozdziałem omawiającym pakiet narzędzi socjotechnicznych — Social Engineer-Toolkit. Książka ta jest obowiązkową pozycją na półce każdego pentestera! Dzięki tej książce: zainstalujesz i skonfigurujesz narzędzie Metasploit wykorzystasz język Ruby do budowy skryptów przeprowadzisz testy penetracyjne sieci VoIP poznasz pakiet narzędzi socjotechnicznych skutecznie zweryfikujesz bezpieczeństwo systemu informatycznego Testy penetracyjne — zadbaj o bezpieczeństwo Twojego systemu!
Metasploit Revealed: Secrets of the Expert Pentester. Build your defense against complex attacks
Nipun Jaswal, Sagar Rahalkar
Metasploit is a popular penetration testing framework that has one of the largest exploit databases around. This book will show you exactly how to prepare yourself against the attacks you will face every day by simulating real-world possibilities.This learning path will begin by introducing you to Metasploit and its functionalities. You will learn how to set up and configure Metasploit on various platforms to create a virtual test environment. You will also get your hands on various tools and components and get hands-on experience with carrying out client-side attacks. In the next part of this learning path, you’ll develop the ability to perform testing on various services such as SCADA, databases, IoT, mobile, tablets, and many more services. After this training, we jump into real-world sophisticated scenarios where performing penetration tests are a challenge. With real-life case studies, we take you on a journey through client-side attacks using Metasploit and various scripts built on the Metasploit framework. The final instalment of your learning journey will be covered through a bootcamp approach. You will be able to bring together the learning together and speed up and integrate Metasploit with leading industry tools for penetration testing. You’ll finish by working on challenges based on user’s preparation and work towards solving the challenge. The course provides you with highly practical content explaining Metasploit from the following Packt books:1. Metasploit for Beginners 2. Mastering Metasploit, Second Edition3. Metasploit Bootcamp
Metasploit Revealed: Secrets of the Expert Pentester. Build your defense against complex attacks
Nipun Jaswal, Sagar Rahalkar
Metasploit is a popular penetration testing framework that has one of the largest exploit databases around. This book will show you exactly how to prepare yourself against the attacks you will face every day by simulating real-world possibilities.This learning path will begin by introducing you to Metasploit and its functionalities. You will learn how to set up and configure Metasploit on various platforms to create a virtual test environment. You will also get your hands on various tools and components and get hands-on experience with carrying out client-side attacks. In the next part of this learning path, you’ll develop the ability to perform testing on various services such as SCADA, databases, IoT, mobile, tablets, and many more services. After this training, we jump into real-world sophisticated scenarios where performing penetration tests are a challenge. With real-life case studies, we take you on a journey through client-side attacks using Metasploit and various scripts built on the Metasploit framework. The final instalment of your learning journey will be covered through a bootcamp approach. You will be able to bring together the learning together and speed up and integrate Metasploit with leading industry tools for penetration testing. You’ll finish by working on challenges based on user’s preparation and work towards solving the challenge. The course provides you with highly practical content explaining Metasploit from the following Packt books:1. Metasploit for Beginners 2. Mastering Metasploit, Second Edition3. Metasploit Bootcamp
Vinicius Feitosa Pacheco
Microservices are a hot trend in the development world right now. Many enterprises have adopted this approach to achieve agility and the continuous delivery of applications to gain a competitive advantage. This book will take you through different design patterns at different stages of the microservice application development along with their best practices.Microservice Patterns and Best Practices starts with the learning of microservices key concepts and showing how to make the right choices while designing microservices. You will then move onto internal microservices application patterns, such as caching strategy, asynchronism, CQRS and event sourcing, circuit breaker, and bulkheads. As you progress, you'll learn the design patterns of microservices.The book will guide you on where to use the perfect design pattern at the application development stage and how to break monolithic application into microservices. You will also be taken through the best practices and patterns involved while testing, securing, and deploying your microservice application. At the end of the book, you will easily be able to create interoperable microservices, which are testable and prepared for optimum performance.
Nate Chamberlain, Karuana Gatimu
Overcome the complexity of Microsoft 365 administration with tailored, step-by-step recipes. This second edition shows you how to configure, secure, and automate your environment using modern tools and proven best practices.Written by Microsoft MVP Nate Chamberlain, this updated edition reflects the latest features and services in Microsoft 365. Whether you’re tackling common admin tasks or developing advanced automations, each recipe provides real-world guidance and hands-on solutions.You'll start by setting up your tenant, assigning roles, and streamlining identity management with Microsoft Entra ID. Then, dive into key apps like SharePoint, Teams, OneDrive, and Viva Engage, and learn how to configure them for collaboration and compliance. Advanced recipes guide you through automating tasks using PowerShell and Microsoft Graph, managing communication with Exchange Online, and reinforcing security with Defender and Purview.By the end of this book, you'll be able to confidently manage your Microsoft 365 environment and maximize its value in your organization.
Aaron Guilmette
This book serves as a comprehensive guide to prepare you for the Microsoft Identity and Services exam, which focuses on the core identity and security aspects of a Microsoft 365 tenant. The exam MS-100 tests your proficiency in Azure AD authentication types, user management roles, access management, and workload applications.This book follows the published MS-100 blueprint, which covers identity and identity synchronization concepts, administrative roles, and crucial security topics such as self-service password reset, Azure AD password protection, and multifactor authentication. You’ll gain insights into application and authentication concepts, including OAuth application request management, enterprise application configuration, the benefits of Azure AD Application Proxy, and deploying Microsoft 365 apps.The book also delves into passwordless sign-in methods and provides overviews of configuring Exchange Online, Microsoft Teams, SharePoint Online, and OneDrive for Business in both cloud-only and hybrid deployments. You’ll be able to assess your knowledge retention at the end of each chapter.By the end of this MS-100 study guide, you’ll have built the knowledge and skills to pass the MS-100 exam and be able to ensure thorough preparation with the help of practice exam questions.
Nate Chamberlain
Exam MS-101: Microsoft 365 Mobility and Security is a part of the Microsoft 365 Certified: Enterprise Administrator Expert certification path designed to help users validate their skills in evaluating, planning, migrating, deploying, and managing Microsoft 365 services. This book will help you implement modern device services, apply Microsoft 365 security and threat management, and manage Microsoft 365 governance and compliance. Written in a succinct way, you’ll explore chapter-wise self-assessment questions, exam tips, and mock exams with answers.You’ll start by implementing mobile device management (MDM) and handling device compliance. You’ll delve into threat detection and management, learning how to manage security reports and configure Microsoft 365 alerts. Later, you’ll discover data loss prevention (DLP) tools to protect data as well as tools for configuring audit logs and policies. The book will also guide you through using Azure Information Protection (AIP) for deploying clients, applying policies, and configuring services and users to enhance data security. Finally, you’ll cover best practices for configuring settings across your tenant to ensure compliance and security.By the end of this book, you’ll have learned to work with Microsoft 365 services and covered the concepts and techniques you need to know to pass the MS-101 exam.
Nate Chamberlain
Exam MS-101: Microsoft 365 Mobility and Security is a part of the Microsoft 365 Certified: Enterprise Administrator Expert certification path designed to help users validate their skills in evaluating, planning, migrating, deploying, and managing Microsoft 365 services. This book will help you implement modern device services, apply Microsoft 365 security and threat management, and manage Microsoft 365 governance and compliance. Written in a succinct way, you’ll explore chapter-wise self-assessment questions, exam tips, and mock exams with answers.You’ll start by implementing mobile device management (MDM) and handling device compliance. You’ll delve into threat detection and management, learning how to manage security reports and configure Microsoft 365 alerts. Later, you’ll discover data loss prevention (DLP) tools to protect data as well as tools for configuring audit logs and policies. The book will also guide you through using Azure Information Protection (AIP) for deploying clients, applying policies, and configuring services and users to enhance data security. Finally, you’ll cover best practices for configuring settings across your tenant to ensure compliance and security.By the end of this book, you’ll have learned to work with Microsoft 365 services and covered the concepts and techniques you need to know to pass the MS-101 exam.
Peter Rising
The Microsoft 365 Security Administration (MS-500) exam is designed to measure your ability to perform technical tasks such as managing, implementing, and monitoring security and compliance solutions for Microsoft 365 environments.This book starts by showing you how to configure and administer identity and access within Microsoft 365. You will learn about hybrid identity, authentication methods, and conditional access policies with Microsoft Intune. Next, the book shows you how RBAC and Azure AD Identity Protection can be used to help you detect risks and secure information in your organization. You will also explore concepts, such as Advanced Threat Protection, Windows Defender ATP, and Threat Intelligence. As you progress, you will learn about additional tools and techniques to configure and manage Microsoft 365, including Azure Information Protection, Data Loss Prevention, and Cloud App Discovery and Security. The book also ensures you are well prepared to take the exam by giving you the opportunity to work through a mock paper, topic summaries, illustrations that briefly review key points, and real-world scenarios.By the end of this Microsoft 365 book, you will be able to apply your skills in the real world, while also being well prepared to achieve Microsoft certification.
Sasha Kranjac, Omar Kudović
In today's hostile cyber landscape, securing data and complying with regulations is paramount for individuals, businesses, and organizations alike. Learn how Microsoft 365 Security and Compliance offers powerful tools to protect sensitive data and defend against evolving cyber threats with this comprehensive guide for administrators.Starting with an introduction to Microsoft 365 plans and essential compliance and security features, this book delves into the role of Azure Active Directory in Microsoft 365, laying the groundwork for a robust security framework. You’ll then advance to exploring the complete range of Microsoft 365 Defender security products, their coverage, and unique protection services to combat evolving threats.From threat mitigation strategies to governance and compliance best practices, you’ll gain invaluable insights into classifying and protecting data while mastering crucial data lifecycle capabilities in Microsoft 365.By the end of this book, you’ll be able to elevate the security and compliance posture of your organization significantly.
Peter Rising
The Microsoft 365 Security, Compliance, and Identity Administration is designed to help you manage, implement, and monitor security and compliance solutions for Microsoft 365 environments.With this book, you’ll first configure, administer identity and access within Microsoft 365. You’ll learn about hybrid identity, authentication methods, and conditional access policies with Microsoft Intune. Next, you’ll discover how RBAC and Azure AD Identity Protection can be used to detect risks and secure information in your organization. You’ll also explore concepts such as Microsoft Defender for endpoint and identity, along with threat intelligence. As you progress, you’ll uncover additional tools and techniques to configure and manage Microsoft 365, including Azure Information Protection, Data Loss Prevention (DLP), and Microsoft Defender for Cloud Apps.By the end of this book, you’ll be well-equipped to manage and implement security measures within your Microsoft 365 suite successfully.
Peter Rising
The Microsoft 365 Security, Compliance, and Identity Administration is designed to help you manage, implement, and monitor security and compliance solutions for Microsoft 365 environments.With this book, you’ll first configure, administer identity and access within Microsoft 365. You’ll learn about hybrid identity, authentication methods, and conditional access policies with Microsoft Intune. Next, you’ll discover how RBAC and Azure AD Identity Protection can be used to detect risks and secure information in your organization. You’ll also explore concepts such as Microsoft Defender for endpoint and identity, along with threat intelligence. As you progress, you’ll uncover additional tools and techniques to configure and manage Microsoft 365, including Azure Information Protection, Data Loss Prevention (DLP), and Microsoft Defender for Cloud Apps.By the end of this book, you’ll be well-equipped to manage and implement security measures within your Microsoft 365 suite successfully.
Microsoft Azure Security. Protect your solutions from malicious users using Microsoft Azure Services
Roberto Freato
This book is intended for Azure administrators who want to understand the application of security principles in distributed environments and how to use Azure to its full capability to reduce the risks of security breaches. Only basic knowledge of the security processes and services of Microsoft Azure is required.
David Okeyode
Exam preparation for the AZ-500 means you’ll need to master all aspects of the Azure cloud platform and know how to implement them. With the help of this book, you'll gain both the knowledge and the practical skills to significantly reduce the attack surface of your Azure workloads and protect your organization from constantly evolving threats to public cloud environments like Azure.While exam preparation is one of its focuses, this book isn't just a comprehensive security guide for those looking to take the Azure Security Engineer certification exam, but also a valuable resource for those interested in securing their Azure infrastructure and keeping up with the latest updates. Complete with hands-on tutorials, projects, and self-assessment questions, this easy-to-follow guide builds a solid foundation of Azure security. You’ll not only learn about security technologies in Azure but also be able to configure and manage them. Moreover, you’ll develop a clear understanding of how to identify different attack vectors and mitigate risks.By the end of this book, you'll be well-versed with implementing multi-layered security to protect identities, networks, hosts, containers, databases, and storage in Azure – and more than ready to tackle the AZ-500.
Dwayne Natwick, Graham Gold, Abu Zobayer
This Second Edition of Microsoft Cybersecurity Architect Exam Ref SC-100 is a comprehensive guide that will help cybersecurity professionals design and evaluate the cybersecurity architecture of Microsoft cloud services. Packed with practice questions, mock exams, interactive flashcards, and invaluable exam tips, this comprehensive resource gives you everything you need to conquer the SC-100 exam with confidence.This book will take you through designing a strategy for a cybersecurity architecture and evaluating the governance, risk, and compliance (GRC) of the architecture of both cloud-only and hybrid infrastructures. You'll discover how to implement zero trust principles, enhance security operations, and elevate your organization's security posture.By the end of this book, you'll be fully equipped to plan, design, and assess cybersecurity frameworks for Microsoft cloud environments—and pass the SC-100 exam with flying colors. Ready to take your cybersecurity expertise to the next level? This guide is your key to success.
Dwayne Natwick, Rod Trent
Microsoft Cybersecurity Architect Exam Ref SC-100 is a comprehensive guide that will help cybersecurity professionals design and evaluate the cybersecurity architecture of Microsoft cloud services. Complete with hands-on tutorials, projects, and self-assessment questions, you’ll have everything you need to pass the SC-100 exam.This book will take you through designing a strategy for a cybersecurity architecture and evaluating the governance, risk, and compliance (GRC) of the architecture. This will include cloud-only and hybrid infrastructures, where you’ll learn how to protect using the principles of zero trust, along with evaluating security operations and the overall security posture. To make sure that you are able to take the SC-100 exam with confidence, the last chapter of this book will let you test your knowledge with a mock exam and practice questions.By the end of this book, you’ll have the knowledge you need to plan, design, and evaluate cybersecurity for Microsoft cloud and hybrid infrastructures, and pass the SC-100 exam with flying colors.
Sasha Kranjac
Microsoft Defender for Cloud is a multi-cloud and hybrid cloud security posture management solution that enables security administrators to build cyber defense for their Azure and non-Azure resources by providing both recommendations and security protection capabilities.This book will start with a foundational overview of Microsoft Defender for Cloud and its core capabilities. Then, the reader is taken on a journey from enabling the service, selecting the correct tier, and configuring the data collection, to working on remediation. Next, we will continue with hands-on guidance on how to implement several security features of Microsoft Defender for Cloud, finishing with monitoring and maintenance-related topics, gaining visibility in advanced threat protection in distributed infrastructure and preventing security failures through automation.By the end of this book, you will know how to get a view of your security posture and where to optimize security protection in your environment as well as the ins and outs of Microsoft Defender for Cloud.
Sasha Kranjac
Microsoft Defender for Cloud is a multi-cloud and hybrid cloud security posture management solution that enables security administrators to build cyber defense for their Azure and non-Azure resources by providing both recommendations and security protection capabilities.This book will start with a foundational overview of Microsoft Defender for Cloud and its core capabilities. Then, the reader is taken on a journey from enabling the service, selecting the correct tier, and configuring the data collection, to working on remediation. Next, we will continue with hands-on guidance on how to implement several security features of Microsoft Defender for Cloud, finishing with monitoring and maintenance-related topics, gaining visibility in advanced threat protection in distributed infrastructure and preventing security failures through automation.By the end of this book, you will know how to get a view of your security posture and where to optimize security protection in your environment as well as the ins and outs of Microsoft Defender for Cloud.
Paul Huijbregts, Joe Anich, Justen Graves
With all organizational data and trade secrets being digitized, the threat of data compromise, unauthorized access, and cyberattacks has increased exponentially. Microsoft Defender for Endpoint (MDE) is a market-leading cross-platform endpoint security solution that enables you to prevent, detect, investigate, and respond to threats. MDE helps strengthen the security posture of your organization.This book starts with a history of the product and a primer on its various features. From prevention to attack surface reduction, detection, and response, you’ll learn about the features, their applicability, common misconceptions, and caveats. After planning, preparation, deployment, and configuration toward successful implementation, you’ll be taken through a day in the life of a security analyst working with the product. You’ll uncover common issues, techniques, and tools used for troubleshooting along with answers to some of the most common challenges cybersecurity professionals face. Finally, the book will wrap up with a reference guide with tips and tricks to maintain a strong cybersecurity posture.By the end of the book, you’ll have a deep understanding of Microsoft Defender for Endpoint and be well equipped to keep your organization safe from different forms of cyber threats.
Paul Huijbregts, Joe Anich, Justen Graves
With all organizational data and trade secrets being digitized, the threat of data compromise, unauthorized access, and cyberattacks has increased exponentially. Microsoft Defender for Endpoint (MDE) is a market-leading cross-platform endpoint security solution that enables you to prevent, detect, investigate, and respond to threats. MDE helps strengthen the security posture of your organization.This book starts with a history of the product and a primer on its various features. From prevention to attack surface reduction, detection, and response, you’ll learn about the features, their applicability, common misconceptions, and caveats. After planning, preparation, deployment, and configuration toward successful implementation, you’ll be taken through a day in the life of a security analyst working with the product. You’ll uncover common issues, techniques, and tools used for troubleshooting along with answers to some of the most common challenges cybersecurity professionals face. Finally, the book will wrap up with a reference guide with tips and tricks to maintain a strong cybersecurity posture.By the end of the book, you’ll have a deep understanding of Microsoft Defender for Endpoint and be well equipped to keep your organization safe from different forms of cyber threats.
Paul Huijbregts, Joe Anich, Justen Graves
With all organizational data and trade secrets being digitized, the threat of data compromise, unauthorized access, and cyberattacks has increased exponentially. Microsoft Defender for Endpoint (MDE) is a market-leading cross-platform endpoint security solution that enables you to prevent, detect, investigate, and respond to threats. MDE helps strengthen the security posture of your organization.This book starts with a history of the product and a primer on its various features. From prevention to attack surface reduction, detection, and response, you’ll learn about the features, their applicability, common misconceptions, and caveats. After planning, preparation, deployment, and configuration toward successful implementation, you’ll be taken through a day in the life of a security analyst working with the product. You’ll uncover common issues, techniques, and tools used for troubleshooting along with answers to some of the most common challenges cybersecurity professionals face. Finally, the book will wrap up with a reference guide with tips and tricks to maintain a strong cybersecurity posture.By the end of the book, you’ll have a deep understanding of Microsoft Defender for Endpoint and be well equipped to keep your organization safe from different forms of cyber threats.
Paul Snow, Ru Campbell, Ian Hoyle, Joe...
Modern organizations run on constantly changing endpoints, yet many teams still struggle to get the most out of Defender endpoint security. Coverage gaps, noisy detections, mixed platforms, and unclear device behavior often get in the way of effective prevention, detection, and response.This second edition helps you tackle those challenges directly. Updated for today’s Defender endpoint security, and the broader Microsoft Defender ecosystem, it shows how MDE works across clients, servers, and now mobile devices, and how to align deployments with real-world constraints. New chapters on mobile threat defense, production rollout, and tuning provide practical guidance for moving beyond pilot environments, handling edge cases, and protecting critical and legacy assets. Throughout, the book brings together IT and SecOps viewpoints to help you operate Defender for Endpoint with more clarity and less friction. You’ll learn how to maintain sensor health, interpret incidents confidently, reduce noise without weakening protection, and troubleshoot recurring issues. Whether you’re refining an existing deployment or planning a new one, this edition gives you a clearer path to making Defender for Endpoint a reliable part of your security program.
Paul Snow, Ru Campbell, Ian Hoyle, Joe...
Modern organizations run on constantly changing endpoints, yet many teams still struggle to get the most out of Defender endpoint security. Coverage gaps, noisy detections, mixed platforms, and unclear device behavior often get in the way of effective prevention, detection, and response.This second edition helps you tackle those challenges directly. Updated for today’s Defender endpoint security, and the broader Microsoft Defender ecosystem, it shows how MDE works across clients, servers, and now mobile devices, and how to align deployments with real-world constraints. New chapters on mobile threat defense, production rollout, and tuning provide practical guidance for moving beyond pilot environments, handling edge cases, and protecting critical and legacy assets. Throughout, the book brings together IT and SecOps viewpoints to help you operate Defender for Endpoint with more clarity and less friction. You’ll learn how to maintain sensor health, interpret incidents confidently, reduce noise without weakening protection, and troubleshoot recurring issues. Whether you’re refining an existing deployment or planning a new one, this edition gives you a clearer path to making Defender for Endpoint a reliable part of your security program.
Paul Snow, Ru Campbell, Ian Hoyle, Joe...
Modern organizations run on constantly changing endpoints, yet many teams still struggle to get the most out of Defender endpoint security. Coverage gaps, noisy detections, mixed platforms, and unclear device behavior often get in the way of effective prevention, detection, and response.This second edition helps you tackle those challenges directly. Updated for today’s Defender endpoint security, and the broader Microsoft Defender ecosystem, it shows how MDE works across clients, servers, and now mobile devices, and how to align deployments with real-world constraints. New chapters on mobile threat defense, production rollout, and tuning provide practical guidance for moving beyond pilot environments, handling edge cases, and protecting critical and legacy assets. Throughout, the book brings together IT and SecOps viewpoints to help you operate Defender for Endpoint with more clarity and less friction. You’ll learn how to maintain sensor health, interpret incidents confidently, reduce noise without weakening protection, and troubleshoot recurring issues. Whether you’re refining an existing deployment or planning a new one, this edition gives you a clearer path to making Defender for Endpoint a reliable part of your security program.
Paul Snow, Ru Campbell, Ian Hoyle, Joe...
Modern organizations run on constantly changing endpoints, yet many teams still struggle to get the most out of Defender endpoint security. Coverage gaps, noisy detections, mixed platforms, and unclear device behavior often get in the way of effective prevention, detection, and response.This second edition helps you tackle those challenges directly. Updated for today’s Defender endpoint security, and the broader Microsoft Defender ecosystem, it shows how MDE works across clients, servers, and now mobile devices, and how to align deployments with real-world constraints. New chapters on mobile threat defense, production rollout, and tuning provide practical guidance for moving beyond pilot environments, handling edge cases, and protecting critical and legacy assets. Throughout, the book brings together IT and SecOps viewpoints to help you operate Defender for Endpoint with more clarity and less friction. You’ll learn how to maintain sensor health, interpret incidents confidently, reduce noise without weakening protection, and troubleshoot recurring issues. Whether you’re refining an existing deployment or planning a new one, this edition gives you a clearer path to making Defender for Endpoint a reliable part of your security program.
Pierre Thoor, Matthew Zorich
Written by a recognized cybersecurity expert, Microsoft Defender for Identity in Depth not only lays the groundwork for deploying and managing MDI, but also takes your knowledge to expert levels, enabling you to strengthen your organization against the most advanced cyber threats.You’ll familiarize yourself with the essentials of MDI, from seamless setup to leveraging PowerShell for automation, setting the stage for exploring advanced integrations and capabilities. Through practical, real-world examples, you’ll learn how to extend MDI’s reach by using APIs and conducting proactive threat hunting with KQL to turn insights into actions.The book gradually shifts focus to operational excellence, helping you develop expertise in investigating alerts, optimizing action accounts, and troubleshooting, which will empower you to master the building and maintenance of a robust ITDR framework and strengthen your security posture.By the end of this book, you’ll be able to harness the full potential of MDI’s functionalities, positioning you as a key player in your organization’s cybersecurity defenses.
Jordan Krause
DirectAccess is an amazing Microsoft technology that is truly the evolution of VPN; any Microsoft-centric shop needs this technology. DirectAccess is an automatic remote access solution that takes care of everything from planning to deployment.Microsoft DirectAccess Best Practices and Troubleshooting will provide you with the precise steps you need to take for the very best possible implementation of DirectAccess in your network. You will find answers to some of the most frequently asked questions from administrators and explore unique troubleshooting scenarios that you will want to understand in case they happen to you.Microsoft DirectAccess Best Practices and Troubleshooting outlines best practices for configuring DirectAccess in any network. You will learn how to configure Manage Out capabilities to plan, administer, and deploy DirectAccess client computers from inside the corporate network. You will also learn about a couple of the lesser-known capabilities within a DirectAccess environment and the log information that is available on the client machines.This book also focuses on some specific cases that portray unique or interesting troubleshooting scenarios that DirectAccess administrators may encounter. By describing the problem, the symptoms, and the fixes to these problems, the reader will be able to gain a deeper understanding of the way DirectAccess works and why these external influences are important to the overall solution.
Kent Nordstrom
Microsoft's Forefront Identity Manager simplifies enterprise identity management for end users by automating admin tasks and integrating the infrastructure of an enterprise with strong authentication systems.The Microsoft Forefront Identity Manager 2010 R2 Handbook is an in-depth guide to Identity Management. You will learn how to manage users and groups and implement self-service parts. This book also covers basic Certificate Management and troubleshooting.Throughout the book we will follow a fictional case study. You will see how to implement IM and also set up Smart Card logon for strong administrative accounts within Active Directory. You will learn to implement all the features of FIM 2010 R2. You will see how to install a complete FIM 2010 R2 infrastructure including both test and production environment. You will be introduced to Self-Service management of both users and groups. FIM Reports to audit the identity management lifecycle are also discussed in detail.With the Microsoft Forefront Identity Manager 2010 R2 Handbook you will be able implement and manage FIM 2010 R2 almost effortlessly.
Aaron Guilmette, James Hardiman, Doug Haven, Dwayne...
SC-300 exam content has undergone significant changes, and this second edition aligns with the revised exam objectives. This updated edition gives you access to online exam prep resources such as chapter-wise practice questions, mock exams, interactive flashcards, and expert exam tips, providing you with all the tools you need for thorough exam preparation.You’ll get to grips with the creation, configuration, and management of Microsoft Entra identities, as well as understand the planning, implementation, and management of Microsoft Entra user authentication processes. You’ll learn to deploy and use new Global Secure Access features, design cloud application strategies, and manage application access and policies by using Microsoft Cloud App Security. You’ll also gain experience in configuring Privileged Identity Management for users and guests, working with the Permissions Creep Index, and mitigating associated risks.By the end of this book, you’ll have mastered the skills essential for securing Microsoft environments and be able to pass the SC-300 exam on your first attempt.
Aaron Guilmette, James Hardiman, Doug Haven, Dwayne...
SC-300 exam content has undergone significant changes, and this second edition aligns with the revised exam objectives. This updated edition gives you access to online exam prep resources such as chapter-wise practice questions, mock exams, interactive flashcards, and expert exam tips, providing you with all the tools you need for thorough exam preparation.You’ll get to grips with the creation, configuration, and management of Microsoft Entra identities, as well as understand the planning, implementation, and management of Microsoft Entra user authentication processes. You’ll learn to deploy and use new Global Secure Access features, design cloud application strategies, and manage application access and policies by using Microsoft Cloud App Security. You’ll also gain experience in configuring Privileged Identity Management for users and guests, working with the Permissions Creep Index, and mitigating associated risks.By the end of this book, you’ll have mastered the skills essential for securing Microsoft environments and be able to pass the SC-300 exam on your first attempt.
Aaron Guilmette, James Hardiman, Doug Haven, Dwayne...
SC-300 exam content has undergone significant changes, and this second edition aligns with the revised exam objectives. This updated edition gives you access to online exam prep resources such as chapter-wise practice questions, mock exams, interactive flashcards, and expert exam tips, providing you with all the tools you need for thorough exam preparation.You’ll get to grips with the creation, configuration, and management of Microsoft Entra identities, as well as understand the planning, implementation, and management of Microsoft Entra user authentication processes. You’ll learn to deploy and use new Global Secure Access features, design cloud application strategies, and manage application access and policies by using Microsoft Cloud App Security. You’ll also gain experience in configuring Privileged Identity Management for users and guests, working with the Permissions Creep Index, and mitigating associated risks.By the end of this book, you’ll have mastered the skills essential for securing Microsoft environments and be able to pass the SC-300 exam on your first attempt.
Aaron Guilmette, James Hardiman, Doug Haven, Dwayne...
SC-300 exam content has undergone significant changes, and this second edition aligns with the revised exam objectives. This updated edition gives you access to online exam prep resources such as chapter-wise practice questions, mock exams, interactive flashcards, and expert exam tips, providing you with all the tools you need for thorough exam preparation.You’ll get to grips with the creation, configuration, and management of Microsoft Entra identities, as well as understand the planning, implementation, and management of Microsoft Entra user authentication processes. You’ll learn to deploy and use new Global Secure Access features, design cloud application strategies, and manage application access and policies by using Microsoft Cloud App Security. You’ll also gain experience in configuring Privileged Identity Management for users and guests, working with the Permissions Creep Index, and mitigating associated risks.By the end of this book, you’ll have mastered the skills essential for securing Microsoft environments and be able to pass the SC-300 exam on your first attempt.
David Steadman, Jeff Ingalls
Microsoft Identity Manager 2016 is Microsoft’s solution to identity management. When fully installed, the product utilizes SQL, SharePoint, IIS, web services, the .NET Framework, and SCSM to name a few, allowing it to be customized to meet nearly every business requirement. The book is divided into 15 chapters and begins with an overview of the product, what it does, and what it does not do. To better understand the concepts in MIM, we introduce a fictitious company and their problems and goals, then build an identity solutions to fit those goals. Over the course of this book, we cover topics such as MIM installation and configuration, user and group management options, self-service solutions, role-based access control, reducing security threats, and finally operational troubleshooting and best practices.By the end of this book, you will have gained the necessary skills to deploy, manage and operate Microsoft Identity Manager 2016 to meet your business requirements and solve real-world customer problems.