This page is a collection of bookmarks to quickly find FIM article collections and references
Short URL = http://aka.ms/fimbookmarks
Getting started with FIM 2010 – Resources for FIM starters
This article contains a limited set of links that are used frequently for fresh starters in FIM.
Short URL = http://aka.ms/starttofim
FIM 2010 Best practices – article collection
It offers 10 IT-riskmanagement domains that are often forgotten. The guide also offers a simplified framework on IT Risk management for SMB.
Further more the guide discusses useful topics on risk management, to determine the possible risks and how to implement control mechanisms on insider threats.
Download the executive guide here.
Of course, everybody hates to write documentation.
But never say again you didn’t do it, because you can easily have documentation created for you while you’re on the job.
It’s all about PSR (Problem Steps Recorder): http://letmebingthatforyou.com/?q=psr.exe
- http://aka.ms/psr (video)
From: http://searchsecurity.techtarget.com/tip/SearchSecuritycom-guide-to-information-security-certifications (you need to register to free access).
“This special report offers a comprehensive review of information security industry certifications, highlighting which ones can best help you achieve goals specific to your information security career path”
I assume this report will get an 2014 update, but still the 2013 version is a valuable resource for planning security certification.
Windows Server 2012 Group Policy Guide.pdf
Microsoft has released a series of whitepapers that are designed to help organizations understand and manage the risk posed by targeted attacks by determined adversaries. These papers include:
In addition, they have published a short series of videos that introduce many of the topics covered in these papers.
The shortcut below:
Introduction to Determined Adversaries and Targeted Attacks:
Mitigating Pass-the-Hash Attacks:
Anatomy of a Cyber-attack Part 1:
Anatomy of a Cyber-attack Part 2:
Importance of Securing Active Directory:
Sharon Laivand, Program Manager and Alex Simons (Twitter: @Alex_A_Simons) have announced the publication the first public preview of Microsoft Identity Manager (a.k.a. “MIM”, the product formerly known as Forefront Identity Manager).
From the announcement:
What will be new in MIM?
Our investments in MIM are grouped into three:
Privileged Access Management: Aimed at mitigating cyber-attacks and insider attacks which leverage the identity systems to spread in the organization. MIM will have a new set of capabilities designed to isolate, monitor and better protect the privileged users.
Hybrid IAM: As more and more organizations and information workers move to SaaS applications, the IAM systems expands to the cloud, but still exists on premises. Our goal is to make the cloud based and on-premises IAM systems, co-exist, and also coupled to deliver better IAM capabilities, regardless of whether the user or app being on premise or in the cloud (and this is what we call Hybrid IAM)
Modernization and ease of use: We are constantly updating our supported underlying server infrastructure (Windows Server, SQL, SharePoint, etc…) and improving our user experience
New in this CTP: Privileged Access Management, Isolation and elevation
To make the story PAM short, you can watch this video demo.
New in this CTP: Password Reset with Azure MFA
Short story on SSPR with MFA: watch this video demo.
In FIM 2010 R2, the self-service password reset (SSPR) enabled two authentication gates:
- Questions and answers
Now they added another authentication gate: Azure MFA.
New in this CTP: Updates to Certificate Manager
Short story: see here.
Details in source post.
New in CTP2: Modernized Supported Platforms
In addition to the new capabilities, we have extended out platform support matrix to:
- Windows server 2012 R2
- Sharepoint 2013
- SQL 2014
- Exchange 2013
- Visual Studio 2013 (to support extension development)
- Exchange 2013
In addition, our PAM functionalities can make use of Windows Server 10.