商品描述
Prepare for Microsoft Exam SC-100 and demonstrate your real-world mastery of skills and knowledge needed to design and evolve cybersecurity strategy for all aspects of enterprise architecture. Designed for experienced IT professionals, this Exam Ref focuses on critical thinking and decision-making acumen needed for success at the Microsoft Certified: Cybersecurity Architect Expert level.
Focus on the expertise measured by these objectives:
- Design a Zero Trust strategy and architecture
- Evaluate Governance Risk Compliance (GRC) technical strategies and security operations strategies
- Design a strategy for data and applications
- Recommend security best practices and priorities
This Microsoft Exam Ref:
- Organizes its coverage by exam objectives
- Features strategic, what-if scenarios to challenge you
- Assumes you have advanced security engineering experience and knowledge and experience with hybrid and cloud implementations
About the Exam
Exam SC-100 focuses on the knowledge needed to build overall security strategy and architecture; design strategies for security operations, identity security, and regulatory compliance; evaluate security posture; recommend technical strategies to manage risk; design strategies to secure server endpoints, client endpoints, and SaaS, PaaS, and IaaS services; specify application security requirements; design data security strategy; recommend security best practices based on Microsoft Cybersecurity Reference Architecture and Azure Security Benchmarks; use the Cloud Adoption Framework to recommend secure methodologies; use Microsoft Security Best Practices to recommend ransomware strategies.
About Microsoft Certification
The Microsoft Certified: Cybersecurity Architect Expert certification credential demonstrates your ability to plan and implement cybersecurity strategy that meets business needs and protects the organization's mission and processes across its entire enterprise architecture. To fulfill your requirements, pass this exam and earn one of these four prerequisite certifications: Microsoft Certified: Azure Security Engineer Associate; Microsoft Certified: Identity and Access Administrator Associate; Microsoft365 Certified: Security Administrator Associate; Microsoft Certified: Security Operations Analyst Associate.
See full details at: microsoft.com/learn
商品描述(中文翻譯)
準備 Microsoft SC-100 考試,展示您在設計和演進企業架構各個方面的資訊安全策略所需的技能和知識。這本考試參考書專為有經驗的 IT 專業人士設計,著重於成功通過 Microsoft 認證:資訊安全架構師專家級別所需的批判性思維和決策能力。
專注於以下目標所衡量的專業知識:
- 設計 Zero Trust 策略和架構
- 評估治理風險合規(GRC)技術策略和安全運營策略
- 設計數據和應用策略
- 推薦安全最佳實踐和優先事項
這本 Microsoft 考試參考書:
- 根據考試目標組織內容
- 提供戰略性的假設情境來挑戰您
- 假設您具有高級安全工程經驗,以及混合和雲端實施的知識和經驗
關於考試:
SC-100 考試侧重於構建整體安全策略和架構所需的知識;設計安全運營、身份安全和合規性策略;評估安全狀態;推薦管理風險的技術策略;設計保護伺服器端點、客戶端點和 SaaS、PaaS 和 IaaS 服務的策略;指定應用程式安全需求;設計數據安全策略;根據 Microsoft 資訊安全參考架構和 Azure 安全基準推薦安全最佳實踐;使用雲端採用框架推薦安全方法論;使用 Microsoft 安全最佳實踐推薦勒索軟體策略。
關於 Microsoft 認證:
Microsoft 資訊安全架構師專家認證證明您能夠規劃和實施滿足業務需求並保護組織整個企業架構的資訊安全策略。為了滿足要求,通過此考試並獲得以下四個先決認證之一:Microsoft 認證:Azure 安全工程師聯盟;Microsoft 認證:身份和訪問管理員聯盟;Microsoft365 認證:安全管理員聯盟;Microsoft 認證:安全運營分析師聯盟。
詳細資訊請參閱:microsoft.com/learn
作者簡介
Yuri Diogenes, MSC Master of science in cybersecurity intelligence and forensics investigation from UTICA College, currently working on his PhD in Cybersecurity Leadership from Capitol Technology University. Yuri has been working at Microsoft since 2006, and currently he is a Principal PM Manager for the CxE Microsoft Defender for Cloud Team. Yuri has published a total of 29 books, mostly around information security and Microsoft technologies. Yuri is also a Professor at EC-Council University where he teaches at the Bachelor in Cybersecurity Program. Yuri also has an MBA and many IT/Security industry certifications, such as CISSP, MITRE ATT&CK(R) Cyber Threat Intelligence Certified, ECND, ECEH, ECSA, ECHFI, CompTIA Security+, CySA+, Network+, CASP and CyberSec First Responder. You can follow Yuri on Twitter at @ yuridiogenes.
Mark Simos is Lead Cybersecurity Architect for Microsoft where he leads the development of cybersecurity reference architectures, best practices, reference strategies, prescriptive roadmaps, CISO workshops, and other guidance to help organizations meet cybersecurity and digital transformation goals. Mark is co-host of the Azure Security Podcast and actively contributes to open standards and other publications such as the Zero Trust Commandments, The Open Group Zero Trust Core Principles, NIST Guide for Cybersecurity Event Recovery (800-184), NIST Guide to Enterprise Patch Management (800-40), Microsoft Digital Defense Report, and Microsoft Security blogs. Mark also co-chairs the Zero Trust Architecture (ZTA) working group at The Open Group and has presented numerous conferences including Black Hat USA, RSA Conference, Gartner Security & Risk Management, Microsoft BlueHat, Microsoft Ignite, and Financial Executives International.
Sarah Young is a Senior Cloud Security Advocate at Microsoft and a CNCF Ambassador with over a decade of experience in security across Europe, the US and Asia. Sarah is an experienced public speaker and has presented on a range of IT security and technology topics at industry events and holds numerous industry qualifications including CISSP, CCSP, CISM and Azure Solutions Architect and has previously co-authored Microsoft Press technical books. She is also a co-host of the Azure Security Podcast. Sarah has also won the Security Champion award at the Australian Women in Security Awards. She is an active supporter of both local and international security and cloud native communities. You can follow Sarah on Twitter @_sarahyo, although expect many dog pictures alongside security content.
Gladys Rodriguez is Principal Cybersecurity Engineer with over 25 years in the Information Technology field. As part of the Mission Engineering team, Gladys has helped embed existing security capabilities within Microsoft developed products/services. She has also helped create new security functionality for customers to enable zero trust in their environment. Recently, Gladys has been involved in helping develop zero trust strategies for Operational Technology used in Critical Infrastructure with special focus in aerospace solutions. Gladys is co-host of the Azure Security Podcast for both English and Spanish version. She has also contributed to publications such as the Microsoft Zero Trust publications, NIST SP 800-207, Zero Trust Architecture, Microsoft Exam SC-100: Microsoft Cybersecurity Architect and others. Gladys also spends a lot of time mentoring and sharing her knowledge with others to help them get more involved in the cybersecurity space.
作者簡介(中文翻譯)
Yuri Diogenes,擁有UTICA College的資訊安全情報和法醫調查碩士學位,目前在Capitol Technology University攻讀資訊安全領導博士學位。Yuri自2006年起在Microsoft工作,目前擔任CxE Microsoft Defender for Cloud團隊的首席產品經理經理。Yuri已經出版了29本書籍,主要涵蓋資訊安全和Microsoft技術。Yuri還是EC-Council大學的教授,教授資訊安全學士課程。Yuri還擁有MBA學位和許多IT/安全行業認證,如CISSP、MITRE ATT&CK(R) Cyber Threat Intelligence Certified、ECND、ECEH、ECSA、ECHFI、CompTIA Security+、CySA+、Network+、CASP和CyberSec First Responder。您可以在Twitter上關注Yuri,帳號是@yuridiogenes。
Mark Simos是Microsoft的首席資訊安全架構師,負責領導資訊安全參考架構、最佳實踐、參考策略、指導路線圖、CISO研討會等方面的開發,以幫助組織實現資訊安全和數字轉型目標。Mark是Azure Security Podcast的聯合主持人,並積極參與開放標準和其他出版物,如Zero Trust Commandments、The Open Group Zero Trust Core Principles、NIST Guide for Cybersecurity Event Recovery (800-184)、NIST Guide to Enterprise Patch Management (800-40)、Microsoft Digital Defense Report和Microsoft Security blogs。Mark還共同主持了The Open Group的Zero Trust Architecture (ZTA)工作組,並在Black Hat USA、RSA Conference、Gartner Security & Risk Management、Microsoft BlueHat、Microsoft Ignite和Financial Executives International等多個會議上發表演講。
Sarah Young是Microsoft的高級雲安全倡導者,也是CNCF大使,擁有超過十年的歐洲、美國和亞洲安全經驗。Sarah是一位經驗豐富的公開演講者,曾在行業活動上就各種IT安全和技術主題發表演講,並擁有眾多行業資格,包括CISSP、CCSP、CISM和Azure解決方案架構師,曾共同撰寫過Microsoft Press的技術書籍。她還是Azure Security Podcast的聯合主持人。Sarah還曾獲得澳大利亞婦女安全獎的安全冠軍獎。她積極支持本地和國際安全和雲原生社區。您可以在Twitter上關注Sarah,帳號是@_sarahyo,不過除了安全內容,還會有很多狗狗照片。
Gladys Rodriguez是一位資深資訊安全工程師,擁有超過25年的資訊技術領域經驗。作為Mission Engineering團隊的一員,Gladys幫助將現有的安全能力嵌入Microsoft開發的產品/服務中。她還幫助客戶創建新的安全功能,以實現環境中的零信任。最近,Gladys參與了為航空航天解決方案中的關鍵基礎設施開發零信任策略。Gladys是Azure Security Podcast的聯合主持人,為英語和西班牙語版本。她還為Microsoft Zero Trust出版物、NIST SP 800-207 Zero Trust Architecture、Microsoft Exam SC-100: Microsoft Cybersecurity Architect等出版物做出了貢獻。Gladys還花了很多時間指導和分享自己的知識,幫助他人更多地參與資訊安全領域。
