Preparing exam SC – 900 – Microsoft Security, Compliance, and Identity Fundamentals – Explaining few terms related to Security – Part 1

Hi All,

Greetings for the day !!!

I am started preparing for the exam : SC – 900 : Microsoft Security, Compliance and Identity Fundamentals – so sharing the learnings as well

Microsoft exam page – Microsoft Certified: Security, Compliance, and Identity Fundamentals

Today in this article we will discuss few terms related to cybersecurity

  • Cyberattack
    • Cyberattack is trying to get the illegal access to any digital device to damage it
    • Victim of cyberattack can be any individual, organisation, institution or government
    • Purpose of Cyberattack can be
      • Damage the device
      • Stole important information from the device
      • Stop any important processes from the device
      • Expose the important information publicly
    • To perform an attack, attacker can use people, computer, phone, applications, messages and system processes
  • Cybercriminal
    • Anyone who perform the cyberattack
    • Cybercriminal can be
      • A single person
      • Group of people
      • Any organization
      • Government entity
  • Cybersecurity
    • Technologies, Processes to protect systems, devices, network, program, data from the cyberattacks
    • Helps to reduce the risk of cyber attacks and protect against unauthorised access of systems, network, devices
    • Cybersecurity allows us to achieve
      • Confidentiality – Right data / content available to right people
      • Integrity – Data / content is updated by only authorised people
      • Availability – Data / content is available whenever required
  • Threat Landscape
    • An entry point for cyberattacks to perform attack and can be
      • Emails
      • Mobiles
      • Computers
      • People
      • Organization network / infrastructure
      • Cloud services
      • Social media accounts
  • Attack Vectors
    • Entry point or rout for attacker to get access the system
    • These can be
      • Emails – most common attack vector
      • Social media accounts
      • Browsers
      • Removable devices – USB drives, smart cables, storage cards
      • Cloud services
      • Wireless network – this is also common attack vector
  • Security breaches
    • Any attack which get unauthorised access to devices, services, applications or networks
    • Security breaches comes in following forms :
      • Social engineering attacks
      • Browser attacks
      • Password attacks
  • Data breaches
    • When attacker get access or control of data
  • Malware
    • Software used by cybercriminals to attack or to affect the system
    • This can be to stole data or to affect the processes
    • Malware has two main components
      • Propagation mechanism
        • How the malware spread itself across one or more system
        • Common propagation techniques
          • Virus
          • Worm
          • Trojan
      • Payload
        • Action that malware perform on infected systems
        • Types of Payload
          • Ransomware
          • Spyware
          • Backdoors
          • Botnet
  • Mitigation Strategy
    • Set of steps which organization performs to prevent cyberattacks
    • Some of the mitigation strategies are
      • Multifactor authentication
      • Browser security
      • Cybersecurity training to users
      • Threat Intelligence

Thanks for reading!!! Please feel free to discuss in case any questions / suggestions / thoughts !!!

HAVE A GREAT TIME AHEAD !!! LIFE IS BEAUTIFUL 🙂

Prasham Sabadra

LIFE IS VERY BEAUTIFUL :) ENJOY THE WHOLE JOURNEY :) Founder of Knowledge Junction and live-beautiful-life.com, Author, Learner, Passionate Techie, avid reader. Certified Professional Workshop Facilitator / Public Speaker. Scrum Foundation Professional certificated. Motivational, Behavioral , Technical speaker. Speaks in various events including SharePoint Saturdays, Boot camps, Collages / Schools, local chapter. Can reach me for Microsoft 365, Azure, DevOps, SharePoint, Teams, Power Platform, JavaScript.

You may also like...

4 Responses

  1. Yogesh Meher says:

    Thanks for sharing this article

  1. May 28, 2022

    […] last article – Preparing exam SC – 900 – Microsoft Security, Compliance, and Identity Fundamentals – Explaini… we discussed few terms related to […]

  2. June 6, 2022

    […] Preparing exam SC – 900 – Microsoft Security, Compliance, and Identity Fundamentals – Explaini… we discussed few terms related to Security […]

  3. June 9, 2022

    […] Preparing exam SC – 900 – Microsoft Security, Compliance, and Identity Fundamentals – Explaini… […]

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: