Note-to-self: prepping for CSA CCSK v4 upgrade

Note-to-self: extended reprint of a LinkedIn post…

I might have mentioned it already, but if you have passed the CCSK exam before, better logon to your CCSK profile on the CSA website and check if you still have an exam token left.

By default you get 2 tokens each exam registration, so…

If you pass your exam the first time, the “second try” backup token is left unused in your profile.

And (if not yet expired) you can use it to upgrade your CCSK to v4.

Tokens stay valid for 2 years after purchase.

More info: https://ccsk.cloudsecurityalliance.org/en/faq

On that page you can also find the required study material for the exam.

You can download the CCSK v4 prep kit from : https://downloads.cloudsecurityalliance.org/ccsk/CCSKv4_Exam_Preparation_Kit.zip

It’s an online exam and thus open book exam, using the below reference guides.

• CSA Guidance: https://cloudsecurityalliance.org/download/security-guidance-v4/
• Cloud Controls Matrix: https://cloudsecurityalliance.org/download/cloud-controlsmatrix-v3-0-1/
• ENISA: http://www.enisa.europa.eu/act/rm/fles/deliverables/cloud-computing-riskassessment

But realise:  60 questions in 90 minutes still is hard work, so better do some prep work up front to maximize your chances.

Once you pass this one, you can go for the (ISC)² CCSP with more confidence…

Note-to-self: Just Enough Administration Whitepaper

Source: https://gallery.technet.microsoft.com/Just-Enough-Administration-6b5ad370

Short URL: http://aka.ms/JEA

From the introduction: ”

In the current world of Information Technology, protective measures do not stop at the network edge. Recent news reports based on security breach post-mortems indicate the need to protect assets using measures that reduce administrative access. While the principle of least privilege has always been known to IT Security professionals, there is a need in the industry for a standardized method of constructing an operator experience that reduces access with a more sophisticated level of granularity than what is available in many traditional access control models.

Just Enough Administration (JEA) is a solution designed to help protect Server systems. This is accomplished by allowing specific users to perform administrative tasks on servers without giving them administrator rights, and then auditing all actions that these users performed. JEA is based on Windows PowerShell constrained runspaces, a technology that is already being used to secure administrative tasks in environments such as Microsoft Exchange Online.”

For the latest information, please see http://blogs.msdn.com/powershell/ and http://aka.ms/buildingclouds

Don’t need to tell you that you should definitely save these in your favorites. (Well, just did it… so no excuses..)

Note-to-self: understand and manage the risk posed by targeted attacks by determined adversaries

Source:

• http://blogs.microsoft.com/cybertrust/2013/06/13/targeted-attacks-video-series/

Bookmark this:

• http://blogs.microsoft.com/cybertrust/

Microsoft has released a series of whitepapers that are designed to help organizations understand and manage the risk posed by targeted attacks by determined adversaries.  These papers include:

• Determined Adversaries and Targeted Attacks
• Mitigating Pass-the-Hash (PtH) Attacks and Other Credential Theft Techniques
• Best Practices for Securing Active Directory

In addition, they have published a short series of videos that introduce many of the topics covered in these papers.

Full details at: http://blogs.microsoft.com/cybertrust/2013/06/13/targeted-attacks-video-series/

The shortcut below:

Introduction to Determined Adversaries and Targeted Attacks:

Mitigating Pass-the-Hash Attacks:

Anatomy of a Cyber-attack Part 1:

Anatomy of a Cyber-attack Part 2:

Importance of Securing Active Directory:

Sources for #AADSync starters

I’ve collected some interesting base resources for getting started with AAD Sync at : http://aka.ms/aadsyncstarter

Feel free to comment or suggest other resources to be added.

#AADSync v1.0.0470.1023 released, with new features

Few days ago Microsoft launched a new release of the Azure AD Sync tool.

As mentioned in the AAD Sync Version Release History, this build adds the following features:

• Password synchronization from multiple on-premise AD to AAD
• Localized installation UI to all Windows Server languages

Get an overview and comparison for Directory Integration with Azure AD here .

1. Azure Active Directory Synchronization Tool (DirSync)
2. Azure Active Directory Synchronization Services (AAD Sync)
3. Forefront Identity Manager 2010 R2

The download location for AADSync (http://aka.ms/AADSyncDownload) has not changed, but has been updated with the new version.

Overview:

• Directory Integration Tools: http://msdn.microsoft.com/en-us/library/azure/dn757582.aspx
• AAD Sync Version Release History: http://msdn.microsoft.com/en-us/library/azure/dn835004.aspx

Note-to-Self: Microsoft Security Newsletter September 2014

Source: http://aka.ms/MSSecuritynewsletter

In this months newletter you’ll find guidance on:

• Windows Phone 8.1 Security Overview
• Windows Phone Security Forum for IT Pros
• Create Stronger Passwords and Protect Them
  • Inlcuding  free online tool offered by Microsoft Research, called Telepathwords, for those that would rather have a randomly generated strong password created for them.
• Two-Factor Authentication for Office 365
• Multi-Factor Authentication for Office 365
• Configuring Two-Factor Authentication in Lync Server 2013
• Adding Multi-Factor Authentication to Azure Active Directory
• Enabling Multi-Factor Authentication for On-Premises Applications and Windows Server
• Building Multi-Factor Authentication into Custom Apps

And:

• Get Started with Virtual Smart Cards

Plus much more… check it out at http://aka.ms/MSSecuritynewsletter

Azure Active Directory Sync is now GA! #FIM2010 #DirSync #AADSync

Source: http://blogs.technet.com/b/ad/archive/2014/09/16/azure-active-directory-sync-is-now-ga.aspx

New Azure Active Directory Synchronization Services (AAD Sync) has reached general availability.

Here are more details about this – and here is the related documentation.

If you just want to get started, just click here to download AAD Sync.

As discussed on the release blog post:

“AAD Sync capabilities in this release include the following;

• Active Directory and Exchange multi-forest environments can be extended now to the cloud.
• Control over which attributes are synchronized based on desired cloud services.
• Selection of accounts to be synchronized through domains, OUs, etc.
• Ability to set up the connection to AD with minimal Windows Server AD privileges.
• Setup synchronization rules by mapping attributes and controlling how the values flow to the cloud.
• Preview AAD Premium password change and reset to AD on-premises.”

Access control on Azure Cloud applications

(note-to-self)

A few weeks ago Paul Paul Loonen presented a TechNet Live Meeting in Belgium on how to extend your Enterprise Identity to the Cloud,  focussing on what Microsoft has to offer. Topics include Active Directory, Windows Azure ACS and Forefront Identity Manager 2010.

Also followed an interesting session on Azure ACS (access control services) by Vittorio Bertocci.

Looking around for ACS, there is quite some interesting stuff out there.

Things you must check out:

• Vibro.NET > New ACS Infographic
• Vibro.NET > acs tags
• Access Control Service Samples and Documentation (Labs)
  • The Labs release of ACS is publicly available at http://portal.appfabriclabs.com.
  • For information on the production version of ACS, see http://appfabric.azure.com.
• Windows Identity Foundation

And also:

• Access Control in the Cloud: Windows Azure AppFabric’s ACS
• Windows Azure SDK and Windows Azure Tools for Microsoft Visual Studio (March 2011)
• Windows Azure Platform Training Kit – February 2011 Update
  • “/../ Most of the updates were focused on supporting the new Windows Azure AppFabric February CTP and the new portal experience for AppFabric Caching, Access Control, and the Service Bus.    The specific content that was updated in this release includes:
    • Hands-on Lab – Using the Access Control Service to Federate with Multiple Business Identity Providers
    • Hands-on Lab – Introduction to the AppFabric Access Control Service V2
    • …  /../ “
• Windows Azure Platform Training Course

  More to follow… (still collecting)…

Technet Live Meeting 2011-02-24: Identity Management in the Cloud

Source: http://be-id.blogspot.com/2011/02/identity-management-in-cloud.html

Next Thursday (February 24th, 2011), Paul Loonen will be presenting a TechNet Live Meeting in Belgium on how to extend your Enterprise Identity to the Cloud,  focussing on what Microsoft has to offer. Topics include Active Directory, Windows Azure ACS and Forefront Identity Manager 2010.

Register here for the Dutch language session and here for French language session,

To get your copy of the presentation, please check at Paul’s blog after the 24th!