Start off looking at the year on my screen in shock, I’m still processing 2020 in my head.
The year is off to a rapid start, for the first time I find my afternoons with some extra time. I’m still adjusting to not being in school full time (thankfully). I’m on a roll so far as I’ve finished SC-400, SC-200 certifications to finish off Microsoft Security series. These were extremely more challenging because the scope is connecting Microsoft Azure and Office 365. I’ll share below in the links of what resources I’ve used and other resources for cloud/devops. For 2022, I’m taking a different approach last year was a serious focus on Microsoft Azure and I wanted to expand that scope once I’ve gotten a good understanding. While I’m still a huge fan of Microsoft Azure I’m expanding to attempt the CKA, CKS route this year and finish up some hashicorp exams I’m interested in. I’m often messaged throughout LinkedIn from others who are interested in Cloud Security and want to understand a pathway to cloud security. While by no means am I suggesting there is one way or path but on that front I’d like to help others interested in the field. I’m focusing more on this blog this year to produce some content of topics I’m exploring. Stay tuned.
SC-200: Security Operations Analyst
- Review Objectives (search objectives and read in MS Learn)
- Deploy Sentinel and Lab heavily on that platform with a understanding the need of having Azure Log Analytics as per-requisite.
- Microsoft Sentinel Ninja Training
- Office 365 E3 Trial
- Defender for Cloud Apps
Summary: This exam does live up to the title, if your not familiar with onboarding a SIEM and the ecosystem you’ll need to do some labs. I thought this would be similar to AZ-500 and originally challenged this last summer and it was tough and I did fail. So take it with a grain of salt that its more to the scope of Microsoft Sentinel.
SC-400: Information Protection Administrator
- SC-400 Learning Path (Pluralsight)
- MS Learn
- Labs for Office 365 and Compliance
- Some background on concepts that pertain to governance
Summary: Initially the idea behind going into this certification was that I’d likely cover DLP and Sensitivity labels. Little did I know how much of the compliance suite offers and glad to partake in the training on these important topics. This certification is on the protection of your digital estate and the ability to gain visibility across your organization’s data. Azure Purview has been added to the exam and is likely to grow in the suite as its connectors can help you beyond your microsoft cloud. Pluralsight course was about 3-4 months old but covered an array of topics that matched the objectives with in-depth demos. If you apply for a developer account on Visual Studio you can get a trial Microsoft E3 tenant with test data. I initially did this to evaluate E3 and this allowed me to access compliance.microsoft.com / security.microsoft.com. These were pivotal in my learning because the offerings in the compliance suite extends to Compliance Score, eDiscovery, Legal holds and the list goes on so it had a familiar feel to security.microsoft.com but differed in the focus being protection. Ensure you use the MS Learn Path while it lags behind in a sandbox you can find ways to use a trial. Just be sure to cancel before it ends (or pay!).
Resources for security in the cloud
DevSecOps / AWS and Azure Security Stack Training / Hands-on Labs
DevOps Training – You can find this on Udemy as well
https://www.devsecops-academy.com/courses
DevSecOps and courses that vary on CI/CD to Pipeline Scans