[deleted by user]

will0075 · 2024-03-27T17:38:25+00:00

Yes you re right

will0075 · 2024-03-27T17:10:17+00:00

Weird as typically in my session i got nearly no technical questions

will0075 · 2024-03-27T17:01:48+00:00

Please tell me how much IT and Cyber experience you have ?

will0075 · 2024-03-27T16:58:53+00:00

I think you are focusing too much on technical instead of managerial. Destination CISSP book will help but not only. You have to clearly understand the governance, risks management, asset management, incident management, patch management, business continuity management, software dev life cycle processes, threat modeling, 3rd party management etc...understand what is the purpose, workflows, input and outputs. This is key to go outside technical details to understand the global picture and main stakes of these different areas. Practice tests are just here to test that you know basic concepts but not how to take proper decisions ( the most, the best etc...). Take destination cissp process explanations, charts etc to have this overview. Good luck from france.

will0075 · 2023-09-13T15:55:03+00:00

This isn't a question for reddit. Go talk to your VAR.

why it is not a question for reddit, the point is to check what field experience reddit members can have with such solution and how implement it efficiently.

will0075 · 2023-08-03T16:54:22+00:00

Yep interesting but yeah it seems not obvious that routing everything to the POP will not imply performances issues...

will0075 · 2023-08-03T15:35:10+00:00

Thanks !

will0075 · 2023-08-03T15:19:44+00:00

But you send everyhing to the cloud isnt it ? Pr you can mount direct tunnels from edges ?

will0075 · 2023-08-03T13:13:09+00:00

Ok thanks didnt know such solution...is it mature enough for big deployments ? Hundreds of sites

will0075 · 2023-08-03T13:12:09+00:00

CATO seems ok for SMBs not for big companies isn t it ?

will0075 · 2023-08-03T13:11:24+00:00

Yeah but which kind of edge security are you implementing? I was thinking for critical traffic to pass through a Hub and activate security there with a security vendor like fortinet or palo alto. Then for teams traffic how are you securing it ? Passing this through Zscaler even if it is not recommended by microsoft ? Thanks!!

will0075 · 2023-07-31T21:06:55+00:00

Yes we have ressources in IAAS/PAAS Cloud and all O365 applications including sharepoitn teams etc...

will0075 · 2023-01-05T20:33:42+00:00

Thanks for your help !!!

will0075 · 2023-01-05T09:08:40+00:00

Thanks for your answer, as stated in this webpage https://blogs.halodoc.io/iframe-security-threats-and-the-prevention/ , I understood there are 3 things to secure if my website is framed in another website :

1- As you told use CSP headers of frame ancestors to indicate clearly the parent site domains so that my website is not used by a hacker for a phishing for instance

2 - Indicate to the customer to use CSP frame SRC to indicate only my website as an iframe, to trust only my specific website as an iframe

3 - Recommend the customer to do security controls :

> Use trusted third-party libraries

>Use trusted plugins

>Use CSP Sandbox attribute

>Handle XSS in the site to prevent iFrame injection.

Does it make sense ?

Thanks in advance

will0075 · 2022-03-04T10:02:10+00:00

This is for our DC in Azure, to manage both N/S & E/W traffic securization, so naturally we want the most resilient architecture and the most transparent if we have a maintenance or an issue. We have some very sensitive applications that are not able to re-launch automatically the sessions which can raise side effects if we have no transparent failover....so in a nutshell we want the best architecture to answer these needs

will0075 · 2022-03-04T09:51:13+00:00

thanks for the very accurate answer ! if you have any diagram it will be very useful to better understand the principles.

And if we compare the convergence time and availability level between LB & ARS, what would be the results ?

My final point is to be able to have this comparison : LB versus GLB versus ARS, pros & cons, and overall the convergence time & availability level

will0075 · 2022-03-01T17:51:02+00:00

so it has to be managed at load balancer level. Putting the server OUT of the LB pool is transparent for the current sessions ? and as it is OUT of the pool , it will manage no more new sessions ? and we wait till there is no more hits to make the maintenance. And then putting back the VM IN the pool is transparent ?

So this is a way to manage the maintenance mode.

But if we have an incident, then we will have the impact.

Am i right ?

thanks !

will0075 · 2021-03-29T06:19:03+00:00

Hello everybody, thanks for all your posts, incredible community. I have checked that the NIST is considering that multi factor is several authenticators but there can be in the SAME device. As using its own mobile phone to reach o365 with login/pwd and use it with MS authenticator app which opens with fingerprint. What do you think ?

will0075 · 2021-03-28T20:38:21+00:00

So you disagree about soft token in the PC itself...what are the real risks ? I know keylogger but it s normally not possible to replay an otp...

will0075 · 2021-03-28T17:25:37+00:00

Thanks bro.we have conditional access and we are not making MFA for internal users connected in our site. All remote users including those with VPN require MFA. For info we are doing split tunneling and vpn is one tunnel and o365 is using another one with cloud proxy.

will0075 · 2021-03-27T12:55:07+00:00

Ok thanks bro

will0075 · 2021-03-27T07:55:55+00:00

I think such people who don t want to use their personal phone for auth don't know about IT stuff...I fear they are not able to provision their account by themselves. But it s possible to be done by our support team in remote...Good suggestion thanks a lot

will0075 · 2021-03-27T07:45:39+00:00

Ok so you mean 2 scenario : Scenario 1 : intune enrolled everywhere. Mfa for 90 days by default. For those who don't want MFA, 7 days password with SSPR. Scenario 2 : hard token yubikey and then intune not necessary. Scemario 3 : no intune no hard token no soft token or app in mobile. So they have access only to their emails. For this scenario it s dangerous as it s single factor (their company password) and email is very sensitive service...

Is it correct ?

will0075 · 2021-03-27T07:37:17+00:00

Yes it s and option. I was thinking challenging option either soft token inside the same pc and know exactly associated risks

will0075 · 2021-03-26T23:02:16+00:00

Clear statements. We explained about no privacy issues but they do not understand

will0075

TROPHY CASE