SC-100 exam Questions - Microsoft Cybersecurity Architect Updated: 2024

Another year is behind us, and many are making resolutions about habits we want to build (or break) in the months ahead. 

Cybersecurity should be no exception to this. Much like day-to-day life, good hygiene forms the basis of any cybersecurity program. It’s always better to take proactive steps than to regret not doing so later (for instance, when faced with a costly breach). 

With that in mind, here are the top cybersecurity New Year’s resolutions every enterprise should make. 

1: I will stop being sloppy with passwords

We can all agree that passwords can be irritating, particularly when we have to remember a whole slew of them incorporating intricate strings of numbers, letters, upper and lower cases and special characters. 

But we all must accept the fact that passwords are a facet of our modern lives underpinned by technology. 

Yet, weak, uncreative passwords prevail. Even in 2023, the top admin passwords were, astoundingly, “admin,” “123456,” “12345678,” “1234” and “password.” 

As Karin Garrido, an AT&T VP and GM put it: “Weak and predictable passwords are like a flimsy lock on a treasure chest of gifts.”

So how can we avoid the pitfalls of banal passwords? For starters, don’t create ones that are easy for hackers to guess (like the ones above). Come up with unique, long, strong ones for each account and remember to update them regularly. 

Just as importantly, don’t share passwords. And, while it may be tempting to physically write them down, email them to yourself or save them in a draft document or email, don’t make that mistake. 

Password managers can help users store and protect their valuable credentials, and other tools can block common passwords. Furthermore, anti-malware platforms perform continuous scanning of login credentials to ensure they haven’t been compromised and determine whether they are used on multiple accounts or are identical, blank or expired. 

Another critical practice is disabling auto-fill settings and browser password saving. 

2: I will always turn on multifactor authentication

No doubt, it can be annoying: You enter your username and password and think you’re good to go — then you have to deal with a second step follow-up email, call or text providing a one-time code. 

But a few extra seconds performing an additional task as part of multi-factor authentication (MFA) is far better than potentially releasing your credentials into the wild and putting yourself and your organization at risk. 

Microsoft research posits that enabling MFA can block 99.9% of account compromise attacks. 

“Compromising more than one authentication factor presents a significant challenge for attackers because knowing (or cracking) a password won’t be enough to gain access to a system,” Microsoft researchers write. 

Still, it’s just important to integrate MFA in a way that presents the least amount of friction, experts advise. For instance, implement it only when extra authentication will help protect sensitive data and critical systems. The use of pass-through authentication and single sign-on (SSO) tools will also reduce password fatigue. 

Remember: MFA does not have to be challenging for end users. If it seems overly restrictive, employees are more likely to find workarounds that put the organization at greater risk (so-called “shadow IT”). 

3: I will avoid social engineering attacks

Even though it’s age-old in the cybersecurity world, phishing is still very much a thing.

Phishing remains so prevalent because it exploits human weakness and creates a false sense of urgency — the dire consequences of which can expose enterprises to ransomware attacks. 

An estimated 73% of organizations globally have been impacted by ransomware attacks as hackers step up (and diversify) their phishing tactics. Some evolving methods include: 

–Spearphishing and whaling: These forms of phishing are more sophisticated, targeted and personalized (as opposed to traditional phishing that casts about a wide net). For instance, spearphishing emails will be sent to members of a company’s finance department purporting to be the CFO. Whaling goes a step beyond that, targeting specific executives or other high-level employees. 

–Vishing: Hackers will call a target in hopes they will pick up. This method typically involves cloning tools or deepfakes. Often it may follow a spearphishing or whaling email to lend credibility. 

–SMishing: Text message phishing can bypass anti-spam filters and can be used to obtain one-time codes for MFA tools. For instance, a hacker will log in to a user’s account, and then send a text to get a target to provide the MFA-generated code. 

–Quishing: In this newer phishing method, threat actors imitate seemingly innocuous, ubiquitous QR codes, leading users to spoofed sites that steal their information or install malware. 

–Angler phishing: This evolving method targets a user’s social media accounts. For instance, hackers will pretend to be customer support agents ‘helping’ users dealing with a problem. They can observe public complaint messages on Meta or X, then contact targets to get them to deliver up their credentials or provide ‘helpful’ links that actually deliver malware. 

Other harmful methods include domain typosquatting (when hackers register domains with purposely misspelled names of common websites) and man-in-the-middle attacks (when threat actors get in the middle of a conversation between two users or a user and an app). 

The key to not falling prey: Be vigilant. If something looks, well, fishy, it most likely is. Never provide sensitive information to unsolicited calls, texts, emails or chatbots; don’t just wantonly scan QR codes; keep an eye out for links with misspellings; if you’re unsure whether a message is coming from who it claims to be, reach out to that person directly. 

As Garrido noted, “Not all links are wrapped with good intentions. Think twice before clicking on them, and three times before entering information.”

At the same time, avoid “keeping a cluttered digital house,” she advised. “It’s wise to delete old downloads and emails that are full of personal information.”

4: As an admin, I will follow the principles of least privilege

Zero trust has been around as a concept for some time, but it is finally now beginning to be realized. 

“Least privilege access,” as it’s also known, assumes from the outset that every user could be a legitimate threat. All users are Verified upon login, and are only granted access to data and systems they need (and when they need it) and are often required to re-verify at certain stages. 

With zero trust, all network traffic is logged, inspected and authenticated. Users are granted access based on the level of privilege and security policies. Anomalies are identified through data patterns. 

Along with this, admins should also be diligent about revoking permissions when an employee leaves or after a project. 

5: I will back up data and keep apps and systems up to date

As it’s been said, data is your ‘crown jewel.’ Enterprises need to have a backup strategy that duplicates and stores data in secure locations. Experts advise following the 3-2-1 rule: Having three copies of data; two on different media platforms such as cloud or on-prem and one offsite for disaster recovery. Backups should also be done regularly. 

Meanwhile, hackers get by exploiting vulnerabilities, and one of the easiest ways in is through out-of-date systems. Regularly patching and eliminating unnecessary connections and ports is critical. 

Just as importantly in today’s hybrid work environment, enterprise leaders should educate employees about patching their own devices. This includes hidden devices like smart thermostats, which can deliver hackers an easy way in. 

In the end, taking stock of your organization’s security posture can identify critical vulnerabilities and weaknesses. 

While you don’t want to think a breach will happen to your enterprise, the percentages are high that it eventually will (if it hasn’t already). It’s always best to prepare for the worst and hope for the best!

Jonathan Fischbein is the Chief Information Security Officer at Check Point Software Technologies.

2023 may go down in history as the year of artificial intelligence (AI)—or at least the year when business leaders and consumers alike became obsessed with generative AI tools like ChatGPT. Cybersecurity vendors are not immune to the hype. At the 2023 RSA conference, nearly every keynote included discussion on AI.

And for good reason. AI has tremendous potential to transform the cybersecurity industry. The analysts on our team have been tracking the use of AI by cybercriminals, who are using it to create more realistic phishing emails and to speed up the process of creating malicious files. The good news is that the “good guys” are also working to incorporate AI into cybersecurity solutions. AI can be used to automatically detect and prevent cyberattacks. It can prevent phishing emails from ever reaching your inbox. And it may also reduce the time-consuming false positives plaguing IT teams.

Unfortunately, it can be difficult to parse the AI hype to understand what is real and what is simply marketing fluff. As with any new technology, there is a learning curve, and many new companies are just now adding AI capabilities. When your job is to protect your company from its ever-growing threat landscape, it is essential to thoroughly vet new technologies before deploying them.

So what should you look for when assessing whether to incorporate AI into your cyber security strategy? I recommend approaching AI like you would a candidate for a job on your team. Assess its effectiveness, ease of use and trustworthiness.

• How is AI being used to augment your cybersecurity capabilities? One of AI’s benefits is its creativity and ability to make previously unheard-of (yet genius) decisions. In 2016, Google DeepMind’s AlphaGo AI beat the reigning Go world champion, Lee Sedol. Go is an ancient and exceedingly complex strategy game. During the match, AlphaGo made a move that confused Go experts, who thought it was a strange mistake. But Move 37, as it came to be known, was actually the turning point for the match—and one which Sedol wasn’t able to overcome. It’s not a move a human would have made. Look for a solution that uses AI to prevent threats that other vendors can’t even yet detect. Ask about their innovation cycle and what threats they see on the horizon.

• What is the level of AI expertise? With the current popularity of AI, many companies are rushing to add some level of AI capabilities to their products. But in this economy, CISOs are being asked to run operations more efficiently and need to justify budgets. There’s no need to pay for limited AI capabilities. Ask for third-party validation of their AI solution’s accuracy to determine whether they are providing real value or simply creating more noise and false alerts.

• Can AI technologies be trusted? AI models are only as good as the quality and quantity of the data they are trained with. According to Stanford Professor James Zou, “One of the best ways to Strengthen algorithms’ trustworthiness is to Strengthen the data that goes into training and evaluating the algorithm.” Look for a solution that provides real-time threat updates and has a large customer base. The more customers, the more training data available for the AI.

With the rate and sophistication of cyberattacks increasing every year, as CISOs, we need every advantage we can find to protect our data and teams. AI may offer a powerful advantage as long as we are deploying trusted solutions that move beyond hype to reality.

Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?

While Microsoft is planning to widely deploy the AI chatbot within its product portfolio, some cybersecurity professionals are already tying together ChatGPT with the Microsoft Sentinel security analytics platform.

While OpenAI backer Microsoft has very been clear that it has big plans for integrating its platforms with ChatGPT, some cybersecurity pros aren’t waiting on Microsoft.

In latest days, several cybersecurity professionals have published information online about how to integrate the AI-powered chatbot with Microsoft Sentinel, the widely used Microsoft cybersecurity analytics platform.

[Related: 5 Big Pros And Cons Of ChatGPT For Cybersecurity]

“By harnessing the power of ChatGPT, I believe it is possible to speed up and simplify the incident handling process, making it more efficient and effective for all involved,” wrote IT security pro Antonio Formato in a post on Medium Monday.

Another latest Medium post by cyber pro Zubair Rahim included step-by-step instructions for connecting ChatGPT with Microsoft Sentinel. “Integrating ChatGPT with Microsoft Sentinel for incident management offers numerous benefits such as automating responses, providing accurate and timely answers, and streamlining incident management workflow,” Rahim wrote.

Microsoft Sentinel is among the company’s key cybersecurity offerings and now has more than 20,000 customers, up from 15,000 a year ago, Microsoft disclosed last week.

The potential is definitely there for OpenAI’s ChatGPT to help security analysts, who work with SIEM (security information and event management) tools like Microsoft Sentinel, to help automate and expedite some of the typically manual analysis of security incidents, according to Michael Montagliano, CISO at Atlanta-based solution provider ProArch.

At this early stage, though, more testing of the types of integration methods that are now being posted online is definitely necessary, which ProArch plans to do, Montagliano told CRN.

“We are going to test that integration into Sentinel in a lab environment,” he said. “One of the things you have to be cautious about is is that accurate? Is it dependable?”

Robert Boyce, Accenture’s global lead for cyber resilience services, told CRN last week that Accenture Security sees major potential in using ChatGPT’s capabilities for automating some of the work involved in cyberdefense. While there has been major attention paid to the possible nefarious uses of the chatbot by hackers, it’s clear that the tool “helps reduce the barrier to entry with getting into the defensive side as well,” Boyce said.

Last week, Microsoft said it’s making a new “multiyear, multibillion-dollar investment” into OpenAI, which reportedly amounts to $10 billion. Microsoft had previously invested more than $3 billion into OpenAI starting in 2019, and OpenAI uses Microsoft Azure for its cloud infrastructure.

Earlier this month, Microsoft announced the general availability of its Azure OpenAI Service, which leverages OpenAI technologies including GPT-3.5. The company noted that “customers will also be able to access ChatGPT—a fine-tuned version of GPT-3.5 that has been trained and runs inference on Azure AI infrastructure—through Azure OpenAI Service soon.”

During Microsoft’s quarterly call with analysts last week, Chairman and CEO Satya Nadella said that the company plans to deploy OpenAI technology “across our consumer and enterprise products as we continue to push the state of the art in AI.”

OpenAI, which is also behind the DALL-E 2 image generator, and whose backers include Microsoft, first introduced ChatGPT in late November. While it’s been massively popular among users, it’s come under fire from a number of critics, including some of Microsoft’s competitors. For instance, Amazon Web Services CTO Werner Vogels Tuesday slammed ChatGPT as being “not concerned about the truth.”

What you need to know

• Microsoft CISO Bret Arsenault will leave his current role and become Chief Security Advisor at the company next year.

• Igor Tsyganskiy will replace Arsenault as CISO effective January 1, 2024.

• In his new role, Arsenault will oversee Microsoft's partners, customers, government clients, and important communities.

Bret Arsenault, who has served as Microsoft Chief Information Security Officer (CISO) for 14 years, will shift to a new role at the company. Arsenault will become Microsoft's Chief Security Advisor, which focuses on "escalating [Microsoft's] impact across the entire ecosystem," according to Microsoft Executive President of Security Charlie Bell. Igor Tsyganskiy will replace Arsenault effective January 1, 2024.

Bell shared the move on LinkedIn and emphasized the importance of security, especially when considering advancements in technology.

"Security is more important than ever for our customers, partners, and Microsoft. So much of the world depends on Microsoft for its digital safety and we need look no further than the news headlines to know we live in a rapidly evolving threat landscape, one that is highly demanding and drives us to continually innovate and deliver," Bell said.

"Navigating all this requires a tremendous amount of leadership know-how and experience – I’m lucky to work with a group of leaders at Microsoft that work every day to make the world a safer place."

Arsenault's new role of Chief Security Advistor will oversee Microsoft and its partners, customers, government agencies it works with, and "important communities."

During his time as Microsoft CISO, Arsenault drove the company's Zero Trust strategy. Bell highlighted that Arsenault is "one of the most respected global security leaders on the planet."

Arsenault will continue to work with Bell and Tsyganskiy in his new advisory role.

Tsyganskiy has worked in high-scale and high-security environments. The soon-to-be Microsoft CISO took to LinkedIn to respond to the news.

Story continues

"Thank you Charlie Bell, I am humbled and honored to take a responsibility of protecting Microsoft with a large and dedicated community of security professionals all over the world," said Tsyganskiy.

"Thank you Bret Arsenault for the hard work and amazing contributions you have made to our industry."

Improving cybersecurity with AI

Cybersecurity has become more complex over the years as technology advances. Attackers use sophisticated methods to utilize vulnerabilities across sectors, including artificial intelligence. Microsoft plans to use AI as well, but to stop attacks.

Micrsoft and its services have been the target of several major attacks over the last few years. The company faced scrutiny after suspected Chinese hackers saw U.S. government emails. Earlier this year, Russian hacker group Midnight Blizzard compromised Microsoft 365 tenants as part of an attack. DDOS attacks disrupted Office 365 back in June 2023, and a security breach affected as many as 65,000 companies in 2022.

With Microsoft services so prevalent across industries, they're constantly under attack. Microsoft's new security leadership setup and efforts to use AI to counter attacks are part of an evolving strategy to Strengthen cybersecurity.

The investment by Microsoft Canada in Quebec is slated to increase the company’s local cloud infrastructure by 750 percent and expand partnerships that provide training, certifications, and other resources for the area.

Microsoft Wednesday said it is making a major investment in cybersecurity, AI, and other digital technologies aimed at increasing its capabilities in the Canadian province of Quebec.

The new investment, totaling $500 million, will be used to expand Microsoft’s Quebec digital infrastructure footprint, including expanding the company’s hyperscale cloud computing and AI infrastructure.

That investment over the next two years is expected to increase Microsoft’s local cloud infrastructure in Canada by 750 percent, the company said.

[Related: IRS Wants Microsoft To Pay At Least $29B In Back Taxes ]

Redmond, Washington-based Microsoft also said the company’s base in Quebec already supports over 1,000 employees, 3,200 partners and substantial cloud infrastructure accounts, and over 57,000 jobs, citing a new report the company commissioned with consultant Ernst & Young.

Those partners generate about $5 billion Canadian, or about $365 billion, in annual revenue.

The new $500-million investment in Quebec comes on top of 300 million Canadian dollars, or about $219 million, that Microsoft already invested in the province over the last three fiscal years, according to Ernst & Young.

Microsoft did not respond to a CRN request for further information.

With its investment, Microsoft expects to expand its computing capacity in Quebec by about 240 percent over the next three years while accelerating the pace of AI innovation. This includes working with industry leaders on multiple initiatives to provide the learning resources, certifications, and other resources to Strengthen the skills needed to advance the local digital economy.

This includes the launch of the Operational Risk Skills Development Centre, a joint project between Microsoft Canada and KPMG Canada to offer French language training in cybersecurity and GenAI skills.

The investment is also slated to help expand the Canadian Tech Talent Accelerator in Quebec, a project of NPower Canada and Microsoft Canada, to provide new digital training and career development opportunities.

It is a fantastic move by Microsoft Canada, said Michael Slater, senior director for Microsoft and cybersecurity sales at Sherweb, a Sherbrooke, Quebec-based cloud services provider and one of the vendor’s biggest channel partners in the world.

“Microsoft Canada has always been one of its most successful subsidiaries,” Slater told CRN. “And Azure is the fastest-growing cloud in Canada. And the way Quebec works, it’s on the forefront of data sovereignty laws, making the investment very important for our ecosystem and that of all its MSPs.”

As a Canadian company itself, Sherweb does a lot of government work directly and with other partners, Slater said.

“Cybersecurity is a big focus,” he said. “We want to see this investment help increase both cybersecurity and AI expertise in Canada.”

RESEARCH TRIANGLE PARK — Lenovo and Microsoft have joined forces to help secure organizations.

The two companies are teaming up to offer a new subscription-based service, Cyber Resiliency as a Service (CRaaS). The offering will leverage Lenovo security solutions on Microsoft platforms including Azure, Defender, and Sentinel, facilitating security deployments and helping to prevent, detect, and recover from cyber events.

Lenovo is also bringing AI to the game. The CRaaS solution will incorporate Microsoft Security Copilot which combines an “advanced” large language model (LLM) with a security-specific model to help security professionals identify and respond to risks more quickly. Microsoft is a major stakeholder in OpenAI and has access to the company’s hugely popular and successful GPT-4 model.

Microsoft shares climb after reporting surge in cloud, artificial intelligence

According to Lenovo’s annual survey of CIOs, the issues of “privacy/security” and “cybersecurity/ransomware” are the most difficult challenges facing companies.

Lenovo aims to alleviate those concerns with a comprehensive solution that includes continuous risk assessment, automated security updates and patches, dynamic threat intelligence, active incident response and management, and data backup and recovery services. According to the press release, Lenovo believes a subscription-based model will allow companies to offload time-intensive tasks, offering meaningful savings.

“Lenovo’s customers want broad protection and visibility across their organizations, a zero-trust approach, and automated security and compliance, all while streamlining their vendor relationships and effectively managing technology costs,” said Marc Wheelhouse, Chief Security Officer, Lenovo Solutions and Services Group. “Cyber Resiliency as a Service is our comprehensive solution to help organizations effectively contend with sophisticated and frequent cyberattacks while also tackling other cybersecurity challenges like regulatory compliance and budget constraints.”

Inside Lenovo: Creating a cohesive global tech solutions giant less reliant on PCs

Lenovo’s suite of CRaaS security services is expected to be globally available by April 2024.

The Roundtable “AI Unleashed – Ensuring Safety and Leveraging Decentralization” Will Take Place on January 17, 2024 in Davos, Switzerland

Geneva, Switzerland – January 5, 2023: WISeKey International Holding Ltd. (“WISeKey”) (SIX: WIHN, NASDAQ: WKEY), a global leader in cybersecurity, digital identity, and Internet of Things (IoT) solutions operating as a holding company, is proud to announce that in collaboration with the Cybersecurity Tech Accord, it will host a roundtable discussion on January 17, 2024 in Davos, Switzerland.

The roundtable, themed “AI Unleashed: Ensuring Safety and Leveraging Decentralization,” is a landmark gathering that will dissect the burgeoning role of cybersecurity within Artificial Intelligence. It will aim to navigate the complex terrain of AI, probing the ethical, safety, and privacy challenges that accompany AI's integration into various sectors. We seek to offer an illuminating discourse that considers how decentralized AI systems might reshape privacy paradigms and control structures.

Similar to previous (since 2003) events organized by WISeKey, the Davos 2024 event is set to welcome an impressive roster of attendees including business and political heavyweights, distinguished economists, and senior representatives from both private and public sectors.

Notably, the event features a diverse panel of leading minds in AI, encompassing AI researchers, ethicists, technology mavens, and influential policymakers. This array of expertise promises a rich dialogue, exploring pathways to manage AI’s rapid growth with an emphasis on ethical governance and safety protocols. A core focus will be on how decentralization could potentially transform power dynamics within the AI landscape, posing both challenges and opportunities.

WISeKey cordially invites media representatives, industry experts, and all stakeholders interested in the intersection of AI, cybersecurity, and ethics to join this groundbreaking event.

Event Details:

• Date: January 17, 2024
• Time: 16:00 – 17:00 PM CET
• Venue: Europa Hotel, Davos
• Registration: Interested participants can secure their spot by visiting www.wisekey.com/davos2024.

Event Highlights:

• In-depth Panel Discussions: Tackling critical issues around AI's ethical implications, safety measures, and the impact of decentralized systems.
• Networking Opportunities: Engage with a broad spectrum of professionals and thought leaders in the field of technology and cybersecurity.
• Insights into Future Trends: Gain foresight into how AI and cybersecurity are shaping the future of industries and governance.

For further information and media inquiries, please contact info@wisekey.com.

About Cybersecurity Tech Accord:
The Cybersecurity Tech Accord promotes a safer online world by fostering collaboration among global technology companies committed to protecting their customers and users and helping them defend against malicious threats.

Signatories are committed to advancing the mission of the Cybersecurity Tech Accord by partnering on initiatives that Strengthen the security, stability and resilience of cyberspace. By combining the resources and expertise of the global technology industry, the Cybersecurity Tech Accord creates a starting point for dialogue, discovery and decisive action.

About WISeKey:
WISeKey International Holding Ltd (“WISeKey”, SIX: WIHN; Nasdaq: WKEY) is a global leader in cybersecurity, digital identity, and IoT solutions platform. It operates as a Swiss-based holding company through several operational subsidiaries, each dedicated to specific aspects of its technology portfolio. The subsidiaries include (i) SEALSQ Corp (Nasdaq: LAES), which focuses on semiconductors, PKI, and post-quantum technology products, (ii) WISeKey SA which specializes in RoT and PKI solutions for secure authentication and identification in IoT, Blockchain, and AI, (iii) WISeSat AG which focuses on space technology for secure satellite communication, specifically for IoT applications, and (iv) WISe.ART Corp which focuses on trusted blockchain NFTs and operates the WISe.ART marketplace for secure NFT transactions.

Each subsidiary contributes to WISeKey’s mission of securing the internet while focusing on their respective areas of research and expertise. Their technologies seamlessly integrate into the comprehensive WISeKey platform. WISeKey secures digital identity ecosystems for individuals and objects using Blockchain, AI, and IoT technologies. With over 1.6 billion microchips deployed across various IoT sectors, WISeKey plays a vital role in securing the Internet of Everything. The company’s semiconductors generate valuable Big Data that, when analyzed with AI, enable predictive equipment failure prevention. Trusted by the OISTE/WISeKey cryptographic Root of Trust, WISeKey provides secure authentication and identification for IoT, Blockchain, and AI applications. The WISeKey Root of Trust ensures the integrity of online transactions between objects and people. For more information on WISeKey’s strategic direction and its subsidiary companies, please visit www.wisekey.com.

Press and investor contacts:

Disclaimer:

This communication expressly or implicitly contains certain forward-looking statements concerning WISeKey International Holding Ltd and its business. Such statements involve certain known and unknown risks, uncertainties and other factors, which could cause the actual results, financial condition, performance or achievements of WISeKey International Holding Ltd to be materially different from any future results, performance or achievements expressed or implied by such forward-looking statements. WISeKey International Holding Ltd is providing this communication as of this date and does not undertake to update any forward-looking statements contained herein as a result of new information, future events or otherwise.

This press release does not constitute an offer to sell, or a solicitation of an offer to buy, any securities, and it does not constitute an offering prospectus within the meaning of the Swiss Financial Services Act (“FinSA”), the FInSa’s predecessor legislation or advertising within the meaning of the FinSA. Investors must rely on their own evaluation of WISeKey and its securities, including the merits and risks involved. Nothing contained herein is, or shall be relied on as, a promise or representation as to the future performance of WISeKey.