in the previous article Summarize fundamental security concepts Part 1 we have explored the concepts of CIA and DAD triad, Non-repudiation, Authentication, Authorization, and Accounting (AAA) and Gap Analysis. In this article we will focus on few other fundamental security concepts. Table of contentsZero trust.Control Plane.Adaptive Identity.Threat Scope Reduction.Policy-driven Access…
Read MoreIn our previous article, we explored the types of security controls. This article is the Part 1 of the two part article which will cover the topic of "Summarize fundamental security concepts" in General Security Concepts domain for CompTIA Security + SY0-701 exam . Table of contentsCIA Triad.DAD Triad.Non-repudiation.Authentication, Authorization,…
Read MoreSecurity Controls is an act, process or countermeasure to limit the damage and impact of a Risk. Security Controls can also be used as a preventive, detective, defensive, and corrective measures against the security incidents. Risk is the probability of occurrence of a threat. The purpose of Security Control is…
Read MoreThe Email Communication Services (ECS) is a resource created in Azure, which lets an organization use SMTP AUTH (using Basic Authentication) and send email to internal and external recipients. Follow the link to understand the concept of Email Communication Services. Table of contentsGraphical representation of ECS.Prerequisites of using Email Communication…
Read MoreIn the article Methods of Integrating Multifunction Devices with Microsoft 365 – Part 1, we have learnt about Multifunction Devices, components of MFD's and 3 different ways how MFD's connects to Microsoft 365. In this part we will focus on the remaining methods of connecting MFD's to Microsoft 365. Table…
Read MoreMultifunction devices (MFD) refers to an application (third party or inhouse) or a device (printer, scanner) that can send the email to internal or external users using Microsoft 365 infrastructure. There are various ways that multifunction devices uses to send the email to the recipient. Different options has its own…
Read MoreAnalysing Fiddler classic traces can be useful in scenario, when we are getting any errors while accessing the services in Microsoft 365. Lets say the user is opening his mailbox using https://outlook.office.com/mail/ or accessing any SharePoint Online site and getting any error, you can either Capture web requests with Fiddler…
Read MoreSensitive information includes PII such as names, addresses, government issued identity cards, medical and financial information, any data that could be used to identify an individual or any business critical data. SITs in Microsoft 365 are called pattern-based classifiers, this means SITs are used to identify data within the information,…
Read MoreThe Domain Name System is a hierarchical and distributed name service, that helps translates human readable domain names or websites like www.google.com to machine readable IP addresses (for example: 192.168.10.1). Lets say, you want to visit google search engine, so you open any web browser and type www.google.com in the…
Read MoreBefore understating the Extended Message Trace, let first look at what is it and what information does it store. Extended Message Trace (EMT) is also called as Extended report, shows detailed routing of the email. In other words, EMT will show you which services (Components) in EOP processed the email…
Read More
Ashutosh Gawali