AWS Azure Google Cloud Certifications Testimonials and Dumps

Register to AI Driven Cloud Cert Prep Dumps

Do you want to become a Professional DevOps Engineer, a cloud Solutions Architect, a Cloud Engineer or a modern Developer or IT Professional, a versatile Product Manager, a hip Project Manager? Therefore Cloud skills and certifications can be just the thing you need to make the move into cloud or to level up and advance your career.

85% of hiring managers say cloud certifications make a candidate more attractive.

Build the skills that’ll drive your career into six figures.

2022 AWS Cloud Practitioner Exam Preparation

In this blog, we are going to feed you with AWS Azure and GCP Cloud Certification testimonials and Frequently Asked Questions and Answers Dumps.

#djamgatech #aws #azure #gcp #ccp #az900 #saac02 #saac03 #az104 #azai #dasc01 #mlsc01 #scsc01 #azurefundamentals #awscloudpractitioner #solutionsarchitect #datascience #machinelearning #azuredevops #awsdevops #az305 #ai900


Get it on Apple Books
Get it on Apple Books

  • Is MeasureUp Microsoft Official Practice Test AZ-900 a good study material to prepare for exam AZ-900: Microsoft Azure Fundamentals?
    by /u/NeHeMueL (Microsoft Azure Certifications) on June 27, 2022 at 4:15 am

    Hi folks, I've been studying for the exam AZ-900 with MS Learn, and I had received a MeasureUp practice test key. So, I would to know, how accurate is the MeasureUp Microsoft Official Practice Test AZ-900 compare to the real exam? submitted by /u/NeHeMueL [link] [comments]

  • Is it possible to avoid being charged for Azure disk storage?
    by /u/SpartanJ5 (Microsoft Azure Certifications) on June 27, 2022 at 3:13 am

    I created an Azure account earlier this year so that I can have a lab environment to play around in to get experience that would eventually help me start on the path of getting certified as well as general experience since I don't currently use Azure for my current work duties. However, I have been getting charged $6 each month event though my vm has been shut down and deallocated for a few months now. I finally logged in to see what I can do about it and discovered that it appears I am being charged for the disk space for my OS. Is there a way around not being charged other than deleting my vm and storage each time I try and do some lab work? BTW, I've already exhausted the free azure subscription quite some time ago so that's not an option. submitted by /u/SpartanJ5 [link] [comments]

  • AZ-104 - Can someone help me with this DNS question?
    by /u/ericjansen88 (Microsoft Azure Certifications) on June 26, 2022 at 7:17 pm

    I dont understand this question. What does the DNS suffix configured inside the Windows Server tell us? https://preview.redd.it/0t2g7npim0891.png?width=1187&format=png&auto=webp&s=353261b9638c7ddaeee1619d3faa5137e3c1f8d1 submitted by /u/ericjansen88 [link] [comments]

  • New AZ-900
    by /u/okja11 (Microsoft Azure Certifications) on June 26, 2022 at 5:19 pm

    Folks who have taken or have an idea about the new AZ-900: How's it different from the old version in terms of a) scope and b) difficulty? Are the old resources cited in this group still relevant? If NOT, 3) Can you suggest new materials? Thank you!!! submitted by /u/okja11 [link] [comments]

  • Azure Databricks Platform Admin Certification
    by /u/riverrockrun (Microsoft Azure Certifications) on June 26, 2022 at 1:30 pm

    Has anyone taken the "Azure Databricks Platform Admin Certification" from Databricks? If so, what are the best practice tests to try? I found some on Udemy but they have a low rating. Don't want dumps but some legit practice tests to learn from. I've been through the Databricks learning plan for the platform but would like to take a few practice tests before spending $200 on the real one. Thanks! submitted by /u/riverrockrun [link] [comments]

  • AZ 400 - Labs or no Labs?
    by /u/ahmedtm1 (Microsoft Azure Certifications) on June 26, 2022 at 5:05 am

    I have my exam on 30 June. I'm giving online exam. I have some questions, regarding to exam. - Should I expect labs in my exam? - If yes, then what should I prepare for labs. - How much marks for labs? - How many labs? - What will be the complexity of these labs. - How much time shall I have? Some says labs are no longer included in exam. Is that true? Also, if there's any learning resources for labs, pls share. Thanks submitted by /u/ahmedtm1 [link] [comments]

  • AZ 900 Study Material
    by /u/ogvoidwalker2014 (Microsoft Azure Certifications) on June 26, 2022 at 2:30 am

    Hey everyone, Studying for Azure Fundamentals cert with MS Learn, Adam Marczak, and John Savill material. I want to make sure I’m studying the most current version of the exam. Has the exam changed much over the years? Any other places I should study from? Thanks! submitted by /u/ogvoidwalker2014 [link] [comments]

  • Passed AZ-900 today
    by /u/cloudsandbox (Microsoft Azure Certifications) on June 26, 2022 at 12:48 am

    Spend all of one week reviewing and then took the AZ-900 today and passed with an 835. I expected it to be a bit tougher. Great experience though. John Savill’s videos and Microsoft Learn were enough for it. Next is the AZ-104, which I know is not going to be easy. I am going to set a goal of getting it with it 3 months though. submitted by /u/cloudsandbox [link] [comments]

  • How to study for AZ-104
    by /u/job_equals_reddit (Microsoft Azure Certifications) on June 25, 2022 at 7:57 pm

    Hi guys, I currently work as L1/L2 helpdesk and am looking to upskill myself by learning how to Administrate Azure. My current game plan: Watch the AZ-104 course on FreeCodeCamp and follow along if they have labs Read Exam Ref AZ-104 cover-to-cover Do the labs on the Microsoft Github page Will this be a recipe for first time success? I'm basing this gameplan on how I'm studying for the CCNA. Please help as I'd really like to learn and acquire this certificate. submitted by /u/job_equals_reddit [link] [comments]

  • Would you say getting certified is enough to work as a Cloud Architect/Engineer
    by /u/CerealBit (Microsoft Azure Certifications) on June 25, 2022 at 10:49 am

    How could would you say do the certs (especially Associate + Expert) prepare you for a job as a Cloud Architect? Would you say you feel competent enough to consult a customer in this context and design cloud native architecture afterwards (learning-on-the-job pretty much)? I'm currently working as a senior consultant and software engineer (7 years of experience). I have two offers with Senior Cloud Architect positions. I designed a SaaS architecture in Azure but only have around 1 year of cloud experience in the cloud. I have some doubts about my skillset, given that I know some Senior Cloud Architects with < 10 years of experience... Thanks! submitted by /u/CerealBit [link] [comments]

  • Passed AZ-900 and MS-900 both in same week!
    by /u/EnthusiasmCrafty5986 (Microsoft Azure Certifications) on June 25, 2022 at 10:12 am

    Used Adam Marczak to pass AZ-900, passed in two weeks spending a couple of hours a night. MS-900 passed after two days of study. Planning on now completing AZ-104, I use Azure typically daily in my Senior IT Engineer role over the last couple of months. How long has it taken people with similar experience with Azure to pass AZ-104? What is the best way to prepare, planning on using John Savill’s study material as I’m more of a doer/visual learner than written? Also hoping my firm will soon close their deal with LinkedIn learning so I can use that platform too. Any advice also appreciated! submitted by /u/EnthusiasmCrafty5986 [link] [comments]

  • Obligatory I passed my AZ-900 earlier this morning
    by /u/Skandiluz (Microsoft Azure Certifications) on June 24, 2022 at 11:24 pm

    As the title says, spent around 2 weeks studying for it. I was initially typing notes out, as I always do, but about a week into it, I was only on module 2. I decided to just learn visually and poke around in the Azure portal while reading the docs. Scheduled my exam for today and finished it in about 20 minutes. Here’s how I did it, for anyone looking to take it. Used the MS Learn for Azure Fundamentals. I did every single unit including the examples. A After this I did the first exam from TutorialsDojo and got a 75%. Felt really good about that. Did a little more studying and took the second exam, got a 64%. Turns out I had a lot of gaps. Went through John Savills exam cram and used the az-900 playlist for specific videos. Took the TD exam 2 again, got an 85%. Yesterday, I on and off studied all day, mostly in spurts so I wouldn’t try to cram too much. I did exam 3 last night and got an 70% and the final exam an hour after the 3rd in which I got a 90%. As of now, I’m already jumping straight into the AZ-104 then I’ll probably take the SC-900 followed by the AZ-500 submitted by /u/Skandiluz [link] [comments]

  • Would getting Azure certifications while already working in Azure DevOps justify me to ask for higher compensation?
    by /u/DelicateJohnson (Microsoft Azure Certifications) on June 24, 2022 at 9:40 pm

    I moved up in my company to Junior DevOps Engineer and have been studying various AZ-400 courses pick and choosy like to help me grasp what I need to do in the moment. Usually once I get the basics I then work with other members of my team to create solutions. I only have my AZ-900, and to get the AZ-400 I need to do the AZ-104 or AZ-204. I feel a bigger affinity to the AZ-204 since I have a strong C# and Powershell background and automation and program concepts are easy for me. Be that as it may, would it be worth my time to get the AZ-204 and AZ-400 in that it would give me more negotiating power for higher compensation, or since I am already doing the job should my projects and experience be worth more at this point than certs? ​ tl;dr are azure certs more important to get your foot in the door or do they still hold value if you are already in the door submitted by /u/DelicateJohnson [link] [comments]

  • Azure Data Science Associate for R
    by /u/BigDeezerrr (Microsoft Azure Certifications) on June 24, 2022 at 4:13 pm

    I am a Data Scientist looking to pickup the Azure Data Scientist Associate certification. I noticed all lessons use Python as the statistical programming language of choice. Azure supports the R programming language, which I primarily use for my work. Does anyone know if there is a certification version that uses R for the lessons? https://docs.microsoft.com/en-us/learn/certifications/azure-data-scientist/#certification-exam-disclaimers submitted by /u/BigDeezerrr [link] [comments]

  • AZ-500 Fail Help
    by /u/LET828 (Microsoft Azure Certifications) on June 24, 2022 at 3:37 pm

    Question - I have just taken the AZ 500 and scored 643 (Fail) I had a scenario at the end with 9 tasks first 2 were ok, Register an app and then create a directory with User1. The next task is where things went horribly wrong it wanted me to setup a virtual network to Virtual network VMT1 -VMT2, I searched the resources found the virtual network but then it took me to the register free trial page, I checked the subscriptions and there weren't any, I wasn't able to complete any of the other tasks for the same reason was I doing something stupid any advice would be helpful. submitted by /u/LET828 [link] [comments]

  • Passed MS-500 today
    by /u/Nan0_0 (Microsoft Azure Certifications) on June 24, 2022 at 12:32 pm

    Today i passed the MS-500 after 5 weeks of studying almost every evening. I used the following resources: MS-500 Exam guide book by: Peter Rising MS-500 Udemy course by: John Cristopher My own M365 developer tenant MeasureUP practise test submitted by /u/Nan0_0 [link] [comments]

  • Certified Azure Fundamentals
    by /u/PeeIsFresh (Microsoft Azure Certifications) on June 24, 2022 at 10:43 am

    Passed on June 9. No breaks. I jumped on the path of Windows Server Hybrid Administrator Associate 1st. AZ-800 I don't realize the depth of AD DS and the generous amount I actually know. I still call it, what I meet it as 24 years ago: ADS submitted by /u/PeeIsFresh [link] [comments]

  • AZ-720 results have been released!
    by /u/notapplemaxwindows (Microsoft Azure Certifications) on June 24, 2022 at 9:19 am

    Results have been release for the AZ-720. Well done to all those who have passed! submitted by /u/notapplemaxwindows [link] [comments]

  • AZ-900 PearsonVue Practice Tests
    by /u/Wonderful_Jacket_371 (Microsoft Azure Certifications) on June 24, 2022 at 9:04 am

    I have been practicing with PearsonVue. Has this been a sufficient exam-prep for anybody else? submitted by /u/Wonderful_Jacket_371 [link] [comments]

  • AZ-104 retake
    by /u/JacobTriesTech (Microsoft Azure Certifications) on June 24, 2022 at 8:34 am

    AZ-104 is the only AZ exam that I need to retake. Does anyone have any tips on what to expect, and do I just use the same learning material I used as when I first studied for the exam? submitted by /u/JacobTriesTech [link] [comments]

  • fastest way to pass az-900 exam
    by /u/theghostsaaa (Microsoft Azure Certifications) on June 24, 2022 at 5:48 am

    Hello all, i wanted to take my az-900 exam soon, and i already studied it via adam course and finished watching the ms learn videos "still didn't get my voucher yet" is there a way to do a full review and preparation for the exam in few hours? Thank you all, submitted by /u/theghostsaaa [link] [comments]

  • Passed the SC-400 today!
    by /u/fuzzyfrank (Microsoft Azure Certifications) on June 23, 2022 at 11:21 pm

    Now I have the MS-500, AZ-500, and SC-400. Gonna work my way through the other SCs and try to get the SC-100 by January, hopefully! submitted by /u/fuzzyfrank [link] [comments]

  • I passed Azure 900 today.
    by /u/bluehawana (Microsoft Azure Certifications) on June 23, 2022 at 9:44 pm

    It is not that hard so I passed with 835 of 900 in 30 mins. Many questions regarding PAAS, IAAS, SAAS, so you must make sure you know them entirely. Just schedule the exam and pass it to start your cloud career. By the way, I used Microsoft voucher to take the exam for free by attenting Microsoft training day. I hope you guys good luck with your certifications and could take this advantage as well. Happy midsommar for all Swedish people by the way. submitted by /u/bluehawana [link] [comments]

  • AI-900 down and only SC-900 to go before choosing a track.
    by /u/Kenobicheated (Microsoft Azure Certifications) on June 23, 2022 at 9:16 pm

    AI-900 wasn't bad at all. The MeasureUP covered the content quite well and John Savill Cram was the icing on test day of course. SC-900 surprising seems to contain much from AZ-900 but only more in depth so I'm encouraged so far. submitted by /u/Kenobicheated [link] [comments]

  • New courses and updates from AWS Training and Certification in June 2022
    by Training and Certification Blog Editor (AWS Training and Certification Blog) on June 23, 2022 at 4:29 pm

    Check out the latest courses and offerings from AWS Training and Certification, including courses on managing containers, serverless solutions, hybrid storage solutions, large-scale workloads, AWS configurations, machine learning fundamentals, AWS billing & cost management, and common cloud workload use cases for the financial services industry.

  • 30% off of Microsoft official practice tests from MeasureUp.
    by /u/teriaavibes (Microsoft Azure Certifications) on June 23, 2022 at 2:11 pm

    submitted by /u/teriaavibes [link] [comments]

  • General availability: Edge Secured-Core for Windows IoT
    by Azure service updates on June 22, 2022 at 4:00 pm

    Edge Secured-Core is a certification program that extends the Secured-Core label into IoT and Edge devices.

  • The timing’s right for recent graduates to develop cloud skills
    by Kevin Kelly (AWS Training and Certification Blog) on June 21, 2022 at 6:26 pm

    Editor’s note: This post is a letter to recent graduates from Kevin Kelly, the director of Cloud Career Training Programs at Amazon Web Services (AWS). He shares his cloud education and training philosophy and how it will continue to impact our daily lives. He includes advice on cloud learning for graduates to consider while exploring

  • AWS re/Start program provides cloud education to refugees
    by Training and Certification Blog Editor (AWS Training and Certification Blog) on June 20, 2022 at 4:13 pm

    AWS re/Start is proud to announce the launch of a new cohort in Amsterdam. On World Refugee Day, AWS, Accenture, and Refugee Talent Hub are joining forces to help refugees in The Netherlands reskill into cloud computing careers.

  • New Twitch Series – AWS Cloud Quest: Cloud Practitioner launches June 22
    by Lauren Cutlip (AWS Training and Certification Blog) on June 20, 2022 at 4:01 pm

    Interested in cloud computing but looking for a fun, interactive, and informal learning option? Join us for the free, six-episode Twitch Series, AWS Cloud Quest: Cloud Practitioner to learn Amazon Web Services (AWS) Cloud concepts in a live gaming environment.

  • Google helps Indonesia advance education on cloud, machine learning, and mobile development through Bangkit academy
    by (Training & Certifications) on June 16, 2022 at 4:00 pm

    Indonesia is leading the way for digital transformation in Southeast Asia. According to Google’s e-Conomy South East Asia report, the country’s 2030 Gross Merchandise Value - the value of online retailing to consumers -  could be twice the value of the whole of Southeast Asia today.  This growth means that many companies need more qualified IT graduates and employees with digital skills than they have today. Fast-growing tech companies need more qualified IT graduates, and employees with digital skills. According to the World Bank, Indonesia needs an additional nine million people with digital skills by 2030. The shortage of technical talent reiterates the need to invest in a reliable skills pipeline. Following years of digital talent developments in Indonesia, Google has become a supporter of Bangkit, an academy designed to produce high-caliber technical talent for Indonesian technology companies and startups. Bangkit has facilitated a multi-stakeholder collaboration between Google, government, industry, and universities across Indonesia. Last year, the President of Indonesia and the Ministry of Education and Culture, Research, and Technology, acknowledged Bangkit’s significant impact, with 3,000 students completing nearly 15,000 courses and specialisations. Building on last year’s success, Bangkit started its 2022 program in February, offering three learning paths to students:Cloud computing with Google Cloud, preparing students for the Google Associate Cloud Engineer certification. Some of the course components are also available online Mobile development with Android, preparing students for the Google Associate Android Developer exam. An online version is available here. Machine learning with Tensorflow, getting students ready to take the Tensorflow Developer certification. Some of the online courses are available here for others.Bangkit 2022 has enrolled 3,100 university students who will take a five month study course, obtaining university study credit, as well as industry certifications. The program accepts diverse cohorts of people who are passionate about preparing for a tech career in the near future, with support and encouragement for women, people with disabilities, and students from across Indonesia to apply. Since its pilot in 2019, Bangkit has been guided by three principles:  Industry-led: provides curriculum and instructors from industry experts, including Google, GoTo and Traveloka. Instructors include key figures such as Laurence Moroney (Google, Lead AI Advocate), Google Developer Experts, and other committed professionals. Immersive: combines online learning methods conducted in both individual and group settings.  Interdisciplinary: contains knowledge and best practices in tech, soft skills, and English to provide complete career readiness. The program runs from February to July 2022, and has a 900-hour curriculum throughout the 18-week learning experience. Benefits for students participating in Bangkit include:Study credit conversion Job opportunities at our career fairGoogle Cloud, TensorFlow and AAD exam vouchersIncubation funds and mentorship support from industryTowards the end of Bangkit 2022, students will team up for the Capstone Project challenge to propose solutions to some of the nation’s most pressing problems, such as environmentalism, accessibility, and more. The top 15 teams will be selected to receive funding to incubate their capstone projects. These education and career-preparedness offerings are provided at no cost.Google is partnering with industry, governments, universities, and employers to help meet the skill demands of today. From supporting the State of Ohio to offer tech skills to residents, to working with the University of Minnesota-Rochester to create a customized health sciences degree program, Google is here to help our partners prepare those they serve for a cloud-first world.

  • Steps to start your AWS Certification journey
    by Siddharth Pasumarthy (AWS Training and Certification Blog) on June 15, 2022 at 5:31 pm

    Are you contemplating pursuing an AWS Certification? Learn about the different levels of certification and how to prepare with the training resources available from AWS.

  • Unveiling the 2021 Google Cloud Partner of the Year Award Winners
    by (Training & Certifications) on June 14, 2022 at 3:50 pm

    It’s time to celebrate! Join us in congratulating the 2021 Google Cloud Partner of the Year Award winners. As cloud computing and emerging technologies improve how we connect, share information, and conduct business, these partners helped customers turn challenges into opportunities. We’re proud to work alongside our partners and support customers as they innovate their businesses and accelerate their digital transformations. Congratulations to these winners for their creative spirit, collaborative drive, and customer-first approach; we are proud to recognize you and to call you our partners!Kudos to the 2021 winners:We're proud, grateful, and—above all—excited for what's next. As our network of partners continues to grow, we invite you to learn more about the Google Cloud Partner Advantage Program and how you can get involved by visiting our partner page.Related ArticleCelebrating the winners of the 2021 Google Cloud Customer AwardsCustomers have won Google Cloud Awards for innovation, excellence and transformation during another exciting year in the cloud.Read Article

  • Google Cloud supports higher education with Cloud Digital Leader program
    by (Training & Certifications) on June 8, 2022 at 4:00 pm

    College and university faculty can now easily teach cloud literacy and digital transformation with the Cloud Digital Leader track, part of the Google Cloud career readiness program. The new track is available for eligible faculty who are preparing their students for a cloud-first workforce. As part of the track, students will build their cloud literacy and learn the value of Google Cloud in driving digital transformation, while also preparing for the Cloud Digital Leader certification exam. Apply today!Cloud Digital Leader career readiness trackThe Cloud Digital Leader career readiness track is designed to equip eligible faculty with the resources needed to prepare their students for the Cloud Digital Leader certification. This Google Cloud certification requires no previous cloud computing knowledge or hands-on experience. The training path enables students to build cloud literacy and learn how to evaluate the capabilities of Google Cloud in preparation for future job roles. The curriculumFaculty members can access this curriculum as part of the Google Cloud Career Readiness program. Faculty from eligible institutions can apply to lead students through the no-cost  program which provides access to the four-course on-demand training, hands-on practice to supplement the learning, and additional exam prep resources. Students who complete the entire program are eligible to apply for a certification exam discount. The Cloud Digital Leader track is the third program available for classroom use, joining the Associate Cloud Engineer and Data Analyst tracks. Cloud resources for your classroomReady to get started? Apply today to access the Cloud Digital Leader career readiness track for your classroom. Read the eligibility criteria for faculty. You can preview the course content at no cost.Related ArticleRead Article

  • AWS Training now available to FutureLearn’s diverse learner community
    by Training and Certification Blog Editor (AWS Training and Certification Blog) on June 7, 2022 at 4:42 pm

    Our newest AWS Training Partner, FutureLearn, now offers two foundational courses to their diverse community of learners to take their first step toward building cloud knowledge - no prior experience necessary . . .

  • Wanna learn Cloud & Devops?
    by /u/ahmedtm1 (Google Cloud Platform Certification) on June 5, 2022 at 10:41 am

    I have created a repo that includes Books and imp notes related to GCP, Azure, AWS, Docker, K8s, and DevOps. More, exam and interview prep notes. Keep learning and Pls share. Also, feel free to contribute. Repo link: https://github.com/ahmedtariq01/Cloud-DevOps-Learning-Resources submitted by /u/ahmedtm1 [link] [comments]

  • Instructor led training for google cloud professional solution architect certification exam
    by /u/asolanki1991 (Google Cloud Platform Certification) on June 2, 2022 at 10:51 am

    Please advise which is the best instructor led training for google cloud professional solution architect certification exam . I don't want just pass exam , I want to have practical knowledge which is required in the industry. submitted by /u/asolanki1991 [link] [comments]

  • Would completing this path be enough for GCP ML Engineer Certification?
    by /u/FlanTricky8908 (Google Cloud Platform Certification) on May 29, 2022 at 7:01 am

    I am going through this learning path offered by Google itself: https://cloud.google.com/training/machinelearning-ai/#data-scientist-learning-path Does anyone have experience with it? Will I need to study anything else before I can confidently take ML Engineer exam? submitted by /u/FlanTricky8908 [link] [comments]

  • Why IT leaders choose Google Cloud certification for their teams
    by (Training & Certifications) on May 27, 2022 at 4:00 pm

    As organizations worldwide move to the cloud, it’s become increasingly crucial to provide teams with confidence and the right skills to get the most out of cloud technology. With demand for cloud expertise exceeding the supply of talent, many businesses are looking for new, cost-effective ways to keep up.When ongoing skills gaps stifle productivity, it can cost you money. In Global Knowledge’s 2021 report, 42% of IT decision-makers reported having “difficulty meeting quality objectives” as a result of skills gaps, and, in an IDC survey cited in the same Global Knowledge report, roughly 60% of organizations described a lack of skills as a cause for lost revenue. In today’s fast-paced environment, businesses with cloud knowledge are in a stronger position to achieve more. So what more could you be doing to develop and showcase cloud expertise in your organization?Google Cloud certification helps validate your teams’ technical capabilities, while demonstrating your organization’s commitment to the fast pace of the cloud.What certification offers that experience doesn’t is peace of mind. I’m not only talking about self-confidence, but also for our customers. Having us certified, working on their projects, really gives them peace of mind that they’re working with a partner who knows what they’re doing. Niels Buekers, managing director at Fourcast BVBAWhy get your team Google Cloud certified?When you invest in cloud, you also want to invest in your people. Google Cloud certification equips your teams with the skills they need to fulfill your growing business. Speed up technology implementation Organizations want to speed up transformation and make the most of their cloud investment.Nearly 70% of partner organizations recognize that certifications speed up technology implementation and lead to greater staff productivity, according to a May 2021 IDC Software Partner Survey. The same report also found that 85% of partner IT consultants agree that “certification represents validation of extensive product and process knowledge.”Improve client satisfaction and successGetting your teams certified can be the first step to improving client satisfaction and success. Research of more than 600 IT consultants and resellers in a September 2021 IDC study found that “fully certified teams met 95% of their clients’ objectives, compared to a 36% lower average net promoter score for partially certified teams.”Motivate your team and retain talentIn today’s age of the ongoing Great Resignation, IT leaders are rightly concerned about employee attrition, which can result in stalled projects, unmet business objectives, and new or overextended team members needing time to ramp up. In other words, attrition hurts.But when IT leaders invest in skills development for their teams, talent tends to stick around. According to a business value paper from IDC, comprehensive training leads to 133% greater employee retention compared to untrained teams. When organizations help people develop skills, people stay longer, morale improves, and productivity increases. Organizations wind up with a classic win-win situation as business value accelerates. Finish your projects ahead of scheduleWith your employees feeling supported and well equipped to handle workloads, they can also stay engaged and innovate faster with Google Cloud certifications. “Fully certified teams are 35% more likely than partially certified teams to finish projects ahead of schedule, typically reaching their targets more than two weeks early,” according to research in an IDC InfoBrief.Certify your teamsGoogle Cloud certification is more than a seal of approval – it can be your framework to increase staff tenure, improve productivity, satisfy your customers, and obtain other key advantages to launch your organization into the future. Once you get your teams certified, they’ll join a trusted network of IT professionals in the Google Cloud certified community, with access to resources and continuous  learning opportunities.To discover more about the value of certification for your team, download the IDC paper today and invite your teams to join our upcoming webinar and get started on their certification journey.Related ArticleHow to become a certified cloud professionalHow to become a certified cloud professionalRead Article

  • GETTING THIS ERROR DEPLOYING FUNCTION WHAT WILL DO WNYONE TELL ME
    by /u/CutEnvironmental3615 (Google Cloud Platform Certification) on May 27, 2022 at 12:06 pm

    submitted by /u/CutEnvironmental3615 [link] [comments]

  • New courses and updates from AWS Training and Certification in May 2022
    by Training and Certification Blog Editor (AWS Training and Certification Blog) on May 24, 2022 at 4:25 pm

    Check out news and updates from AWS Training and Certification for cloud learners, AWS customers, and AWS Partners for May 2022. New digital courses focus on cloud essentials, networking basics, compute, container management, and audit activities. Classroom training also is available for learning about securing workloads on the AWS Cloud and building a data warehousing solution, and there are certification updates for Advanced Networking – Specialty, Solutions Architect – Professional, and SAP on AWS – Specialty . . .

  • Public preview: Azure Communication Services APIs in US Government cloud
    by Azure service updates on May 24, 2022 at 4:00 pm

    Use Azure Communication Services APIs for voice, video, and messaging in US Government cloud.

  • New Research shows Google Cloud Skill Badges build in-demand expertise
    by (Training & Certifications) on May 19, 2022 at 4:00 pm

    We live in a digital world, and the future of work is in the cloud. In fact, 61% of HR professionals believe hiring developers will be their biggest challenge in the years ahead.1During your personal cloud journey, it’s critical to build and validate your skills in order to evolve with the rapidly changing technology and business landscape.That is why we created skill badges - a micro-credential issued by Google Cloud to demonstrate your cloud competencies and your commitment to staying on top of the latest Google Cloud solutions and products. To better understand the value of skills badges to holders’ career goals, we commissioned a third-party research firm, Gallup, to conduct a global study on the impact of Google Cloud skill badges. Skill badge earners overwhelmingly gain value from and are satisfied with Google Cloud skill badges.Skill badge holders state that they feel well equipped with the variety of skills gained through skill badge attainment, that they are more confident in their cloud skills, are excited to promote their skills to their professional network, and are able to leverage skill badges to achieve future learning goals, including a Google Cloud certification. 87% agree skill badges provided real-world, hands-on cloud experience286% agree skill badges helped build their cloud competencies2 82% agree skill badges helped showcase growing cloud skills290% agree that skill badges helped them in their Google Cloud certification journey274% plan to complete a Google Cloud certification in the next six months2Join thousands of other learners and take your career to the next level with Google Cloud skill badges.To learn more, download the Google Cloud Skills Badge Impact Report at no cost.1. McKinsey Digital,Tech Talent Technotics: Ten new realities for finding, keeping, and developing talent , 20222. Gallup Study, sponsored by Google Cloud Learning: "Google Cloud Skill Badge Impact report", May 2022Related ArticleHow to prepare for — and ace — Google’s Associate Cloud Engineer examThe Cloud Engineer Learning Path is an effective way to prepare for the Associate.Read Article

  • Top five reasons AWS Partners should take AWS Training
    by Training and Certification Blog Editor (AWS Training and Certification Blog) on May 16, 2022 at 4:27 pm

    Are you new to an Amazon Web Services (AWS) Partner business and the cloud? Not sure where to start your cloud learning journey? It may feel daunting but AWS offers Partner-exclusive courses to make it easier to understand cloud fundamentals. In fewer than 30 minutes, you can begin boosting your confidence and credibility with both customers and your organization . . .

  • When Artificial Intelligence becomes more than a passion
    by Training and Certification Blog Editor (AWS Training and Certification Blog) on May 5, 2022 at 6:01 pm

    Learn how AWS Certifications can help you validate your knowledge and enhance your credibility. Dipayan Das updated his artificial intelligence (AI) skills with AWS Training and Certification. He shares the resources he used and the impact of his training, including his ability to add value to his organization and clients. . .

  • If you are looking for a Job relating to azure try r/AzureJobs
    by /u/whooyeah (Microsoft Azure Certifications) on May 5, 2022 at 10:41 am

    submitted by /u/whooyeah [link] [comments]

  • GCP Certification missing certificates
    by /u/ProtossforAiur (Google Cloud Platform Certification) on May 2, 2022 at 8:31 am

    These certifications are a scam. They will provide you with a link of the certificate after that they can remove the link whenever they want. If you get certified make sure you download in pdf. Google doesn't keep backup of certificates. Yes you heard that right.we asked a copy of certification which was because the link was not working they replied they couldn't submitted by /u/ProtossforAiur [link] [comments]

  • How we’re keeping up with the increasing demand for the Google Workspace Administrator role
    by (Training & Certifications) on April 29, 2022 at 4:00 pm

    We’ve rebranded the Professional Collaboration Engineer Certification to the Professional Google Workspace Administrator Certification and updated the learning path. To mark the moment, we sat down with Erik Geerdink from SADA to talk about how the Google Workspace Administrator role and demand for this skill set has changed over the years. Erik is a Deployment Engineer and Pod Lead. He holds a Professional Google Workspace Administrator Certificationand has worked with Google Workspace for more than six years.What was it like starting out as a Google Workspace Administrator?When I first started, I was doing Google Workspace Support as a Level 2 Administrator. At that time, there were fewer admin controls for Google Workspace. There were calendar issues, some mail routing issues, maybe a little bit of data loss prevention (DLP), but that was about it.About 5 years ago, I transferred into Google Deployment and really got to see all that went on with deploying Google Workspace and troubleshooting advanced issues. Since then, what you can accomplish in the admin console has really taken off. There’s still Gmail and Calendar configurations, but the security posture that Google offers now—they’ve really upped their game. The extent of DLP isn’t just Gmail and Drive anymore; it extends into Chat. And we’re doing a lot of Context-Aware Access to make sure users only have as much access as IT compliance allows in our deployments. Calendar interop, which allows users in different systems to see availability, has been a big area of focus as well.How has the Google Workspace Administrator role changed over the last few years? It used to be that you were a systems admin who also took care of the Google portion as well. But with Google Workspace often being the entry point to Google Cloud, we’ve had to become more knowledgeable about the platform as a whole. Now, we not only do training with Google Workspace admins for our projects, we also talk to their Google Cloud counterparts as well.Google Workspace is changing all the time, and the weekly updates that Google sends out are great. As an engineering team, every week on Wednesday, we review each Google Workspace update that’s come out to understand how they affect us, our clients, and our upcoming projects. There’s a lot to it. It’s not just a little admin role anymore. It’s a strategic technology role.What motivated you to get Google Cloud Certified?I spent the first 15 years of my career doing cold server room roles, and I knew I had to get cloudy. I wanted to work with Google, and it was a no-brainer given the organization’s reputation for innovation. I knew this certification exam was the one to get me in the door. The Professional Google Workspace Administrator certification was required to level up as an administrator and to make sure our business kept getting the most out of Google Workspace. How has the demand for certified Google Workspace Admins changed recently? Demand has absolutely gone up. We are growing so much, and we need more professionals with this certification. It’s required for all of our new hires. When I see a candidate that already has the certification, they go to the top of the list. I’ll skip all the other resumes to find someone who has this experience. We’re searching globally—not just in North America—to find the right people to fill this strategic role.Explore the new learning pathIn order to keep up with the changing demands of this role, we’ve rebranded the Professional Collaboration Engineer Certification to the Professional Google Workspace Administrator Certification and updated the learning path. The learning path now aligns with the improved admin console. We’ve replaced the readings with videos for a better learning experience: in total, we added 17 new videos across 5 courses to match new features and functionality. Earn the Professional Google Workspace Administrator Certification to distinguish yourself among your peers and showcase your skills.Related ArticleUnlock collaboration with Google Workspace EssentialsIntroducing Google Workspace Essentials Starter, a no-cost offering to bring modern collaboration to work.Read Article

  • How one learner earned four AWS Certifications in four months
    by Training and Certification Blog Editor (AWS Training and Certification Blog) on April 28, 2022 at 4:16 pm

    Ever wonder what it takes to earn an AWS Certification? Imagine earning four in four months. Rola Dali, a senior software developer at Local Logic, shares her experience and insights about challenging herself to do just that. She breaks down the resources she found most helpful and her overall motivation to invest in her cloud learning journey . . .

  • Build your cloud skills with no-cost access to Google Cloud training on Coursera
    by (Training & Certifications) on April 28, 2022 at 4:00 pm

    Attracting talented individuals with cloud skills is critical to success, as organizations continue to adopt and optimize cloud technology. The lack of cloud expertise and experience is a top and growing challenge for businesses as they expand their cloud footprint and search for skilled talent. To help meet this need, we are now offering access to over 500 Google Cloud self-paced labs made available on Coursera. A selected collection of the most popular self-paced labs, known as projects, are available at no cost for one month from April 28 - May 29, 2022. Learners can choose their preferred format to claim one month free access to either a top Google Cloud Project, course, Specialization or Professional Certificate.What is a lab?A lab is a learning experience where you complete a scenario based use case by following a set of instructions in a specified amount of time in an interactive hands-on environment. Labs are completed in the real Google Cloud Console and other Google Cloud products using temporary credentials, as opposed to a simulation or demo environment and take 30 - 90 minutes to complete (depending on difficulty level). Our goal is to enable you to apply your new skills and be effective immediately in real-world cloud technology settings.Many of these labs, known in Coursera as projects, include a variety of tasks and activities for you to choose from to best fit your needs. Combine bite-size individual labs to create a personalized set of learning and upskilling with clear application in a sandbox environment. Labs are available for all skill levels, and cover a wide range of topics:Cloud essentialsCloud engineering and architectureMachine learningData analytics and engineeringDevOpsHere is a roundup of some popular and trending labs right now:Getting Started with Cloud Shell and gcloudKubernetes Engine: Qwik StartIntroduction to SQL for BigQuery and Cloud SQLMigrating a Monolithic Website to Microservices on Google Kubernetes EngineGet a feel for the lab experienceCreating a Virtual Machine is one of our most popular labs, taking place directly in Google Cloud Console. In this beginner level project, you will learn how to create a Google Compute Engine virtual machine and understand zones, regions and machine types. It takes 40 minutes to complete and you’ll earn a shareable certificate.As an example of more advanced content, Predict Baby Weight with TensorFlow on AI Platformrequires experience to train, evaluate and deploy a machine learning model to predict a baby’s weight. The lab activities are completed in a real cloud environment, not in a simulation or demo environment. It takes 90 minutes to complete and you will earn a shareable certificate.Kick off your no-cost learning journey todayFor direct access to self-paced labs, we recommend that you get started by taking a look at Coursera’s Collection Page, where you can browse labs/projects by our most popular topics, or explore the full catalog to find the cloud projects that are right for your career goals by browsing Google Cloud ‘projects’ on Coursera.The month of free Google Cloud learning on Coursera is available from April 28 - May 29, 2022, so join us to evolve your skill set and cloud knowledge.Ready to start your learning Google Cloud at no-cost for 30 days? Sign uphere.Related ArticleTraining more than 40 million new people on Google Cloud skillsTo help more than 40 million people build cloud skills, Google Cloud is offering limited time no-cost access to all training contentRead Article

  • 3 tier application gcp terraform code
    by /u/savetheQ (Google Cloud Platform Certification) on April 25, 2022 at 7:48 pm

    Hi folks, anyone has some sample git for 3 tier application gcp terraform code. submitted by /u/savetheQ [link] [comments]

  • Professional Cloud Architect - materials recommendations needed.
    by /u/theGrEaTmPm (Google Cloud Platform Certification) on April 24, 2022 at 10:56 am

    Hi, What materials did you use when preparing for Professional Cloud Architect? Do you have any proven materials? How much time did you spend getting ready for the exam? Thanks in advance for your help. submitted by /u/theGrEaTmPm [link] [comments]

  • How to prepare for — and ace — Google’s Associate Cloud Engineer exam
    by (Training & Certifications) on April 22, 2022 at 4:00 pm

    Do you want to get out of the server room and into the cloud? Now’s the time to sign up for our Cloud Engineer Learning Path — now with the newly refreshed Preparing for the Associate Cloud Engineer certification course — and start working toward your Associate Cloud Engineer certification. Earning your Associate Cloud Engineer certification sends a strong signal to potential employers about what you can accomplish in Google Cloud. Associate Cloud Engineers can deploy and secure applications and infrastructure, maintain enterprise solutions to ensure they meet performance metrics, and monitor the operations of multiple projects in the cloud. Associate Cloud Engineers have also demonstrated that they can use the Google Cloud Console and the command-line interface to maintain and scale deployed cloud solutions that leverage Google-managed or self-managed services on Google Cloud.Many Associate Cloud Engineers come from the on-premises world of racking and stacking servers and are ready to upgrade their skills to the cloud era. Achieving an Associate Cloud Engineer certification is a great step towards growing a career in IT, opening you up to become a cloud developer or architect, cloud security engineer, cloud systems engineer, or network engineer, among others.The Associate Cloud Engineer learning pathBefore attempting the Associate Cloud Engineer exam, we recommend that you have 6+ months hands-on experience with Google Cloud products and solutions. While you’re gaining that experience, a good way to enhance your preparation is to follow the Cloud Engineer Learning Path, which consists of on-demand courses, hands-on labs, and the opportunity to earn skill badges. Here are our recommended steps:1. Understand what’s on the exam: Review the exam guide to determine if your skills align with the topics on the exam.2. Create your study plan with the Preparing for Your Associate Cloud Engineer Journey: This course helps you structure your preparation for the Associate Cloud Engineer exam. You will learn about the Google Cloud domains covered by the exam and how to create a study plan to improve your domain knowledge.3. Start preparing:  Follow the Cloud Engineer learning path, where you’ll dive into Google Cloud services such as Compute Engine, Google Kubernetes Engine, App Engine, Cloud Storage, Cloud SQL, and BigQuery. 4. Earn skills badges: Demonstrate your growing Google Cloud skills by sharing your earned skill badges along the way. Skill badges that will help you prepare for the Associate Cloud Engineer certification include:Perform Foundational Infrastructure Tasks in Google CloudAutomating Infrastructure on Google Cloud with TerraformCreate and Manage Cloud ResourcesSet Up and Configure a Cloud Environment in Google Cloud5. Review additional resources: Test your knowledge with some sample exam questions here.6. Certify: Finally, register for the exam and select whether to take it remotely or at a nearby testing center. Start your prep to become an Associate Cloud Engineer Take the next step towards becoming a cloud engineer and develop the recommended hands-on experience by earning the recommended skill badges. Register here and get 30 days free access to the cloud engineer learning path on  Google Cloud Skills Boost!Related ArticleThis year, resolve to become a certified Professional Cloud Developer – here’s howFollow this Google Cloud Skills Boost learning path to help you earn your Google Cloud Professional Developer certification.Read Article

  • New to GCP and looking for a study group!
    by /u/sulliv16 (Google Cloud Platform Certification) on April 19, 2022 at 4:15 pm

    As the title states, I am starting my venture into GCP and would love to get connected with a few people to help with accountability and share insight as we learn! I have around 3 years working with AWS and have my solutions architect professional and security specialty very there. I know next to nothing about GCP, but am very familiar with cloud concepts and it has been my work focus the past 2 years. Let me know if you would interested to link up and start learning together! Thanks all submitted by /u/sulliv16 [link] [comments]

  • GCP Professional Cloud Architect Certification Blog.
    by /u/HamanSharma (Google Cloud Platform Certification) on April 17, 2022 at 12:24 am

    Check out the preparation guide for GCP Cloud Architect Certification with tips and resources - https://blog.reviewnprep.com/gcp-cloud-architect. Hope this helps everyone preparing for this certification. submitted by /u/HamanSharma [link] [comments]

  • Introducing the Professional Cloud Database Engineer certification
    by (Training & Certifications) on April 12, 2022 at 3:00 pm

    Today, we’re pleased to announce the new Professional Cloud Database Engineer certification, in beta, to help database engineers translate business and technical requirements into scalable and cost-effective database solutions. By participating in the beta, you will directly influence and enhance the learning and career path for other Cloud Database Engineers. And upon passing the exam, you will become one of the first Google Cloud Certified Cloud Database Engineers in the industry. The cloud database space is evolving rapidly with the worldwide cloud database market projected to reach $68.5 billion by 2026. As more databases move to fully managed cloud database services, the traditional database engineer is now being tasked to handle more nuanced and advanced functions. In fact, there is a massive need for database engineers to lead strategic decision-making and distinguish themselves with a more developed and advanced skill set than what the industry previously called for. Why the certification is importantCloud Database Engineers are critical to the success of your organization and that’s why this new certification from Google Cloud is so important. These engineers are uniquely skilled at designing, planning, testing, implementing, and monitoring databases including migration processes. Additionally, they provide the right guidance about which databases are best for a company’s specific use cases and they’re able to guide developers when making decisions about which databases to use when building applications. These engineers lead migration efforts while ensuring customers are getting the most out of their database investment.  This new certification will validate a developer’s ability to: Design scalable cloud database solutionsManage a solution that can span multiple databasesPlan and execute on database migrationsDeploy highly scalable databases in Google CloudBefore your exam, be sure to check out the exam guide to familiarize yourself with the topics covered, and round out your skills by following the Database Engineer Learning Path which includes online training, in-person classes, hands-on labs, and additional resources to help you prepare for your exam. I am excited to welcome you to the program. Sign up now and save 40% on the cost of the certification.Related ArticleGoogle Cloud’s key investment areas to accelerate your database transformationThis blog focuses on the 6 key database investment areas that help you accelerate your digital transformation journey.Read Article

  • Train your organization on Google Cloud Skills Boost
    by (Training & Certifications) on April 7, 2022 at 1:00 pm

    Enterprises are moving to cloud computing at an accelerated pace, estimating that 85% of enterprises will adopt a cloud first principle by 2025 (Gartner®, Gartner says Cloud will be the Centerpiece of the New Digital Experience, Laurence Goasduff, November 10, 2021). There are countless reasons why enterprises are moving to the cloud - from reduced IT costs and increased scalability, to improved security and efficiency. However this rapid change has presented a challenge - how will organizations build the skills they need to accelerate cloud adoption within their organization? The answer is comprehensive training. We commissioned IDC in March 2022 , an independent market intelligence firm, to write a white paper that studied the impact of comprehensive training and certification on cloud adoption. When organizations are trained they see:Significantly greater improvement in top business priorities - 133% greater improvement on employee retention and 56% greater improvement in customer experience scoresAccelerated cloud adoption, reduced time to value, and greater ROI - trained organizations are 10X more likely to implement cloud in 2 yearsGreater performance improvements - in areas like leveraging data analytics, protecting data, and jumpstarting innovationIDC White Paper, sponsored by Google Cloud Learning: "To Maximize Your Cloud Benefits, Maximize Training" - Doc #US48867222, March 2022To learn more, download the white paper.Build Team Skills in Google Cloud Skills Boost Coupling the research above with our commitment to equip more than 40 million people with cloud skills, we are excited to provide business organizations with a comprehensive platform to help address their teams’ cloud skilling needs. Google Cloud Skills Boost combines award winning learning experiences with the ability to earn credentials to validate learning, which can be managed and delivered directly by Google Cloud with enterprise level features. These features allow Organization leaders to manage access and user permissions for their team, and drive effective business outcomes using learning analytics. In addition, administrators will be able to grant access to the Google Cloud content catalog to individuals on their team. This catalog includes hundreds of courses, labs, and credentials authored by Google Cloud experts to help their teams learn and validate their cloud skills.Organizations can trial these features today through an exclusive no cost trial (based on eligibility). Contact your account team to learn more about your eligibility for the trial and how to set up your organization on Google Cloud Skills Boost. New to Google Cloud? Visit ourteam training page and complete the learning assessment to understand your team’s training needs and get connected with an account team. Ready to get started?Google Cloud Learning is committed to helping you accelerate the rate of cloud adoption in your organization through enabling team training. Contact your account team to learn more about your eligibility for the no cost trial and how to set up your organization on Google Cloud Skills Boost.  New to Google Cloud? Visit ourteam training page and complete the learning assessment to understand your team’s training needs and get connected with an account team. Click here to learn more about how comprehensive training impacts cloud adoption.GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.Related ArticleWomen Techmakers journey to Google Cloud certificationGoogle Cloud is creating more opportunities in the credentialing space with a certification journey for Ambassadors of the Women Techmake...Read Article

  • Looking for Good Practice Exams
    by /u/zeeplereddit (Google Cloud Platform Certification) on April 3, 2022 at 10:15 pm

    I have done some googling on practice exams for the Google Cloud Digital Leader exam and I have only come across the Udemy offering. I have done Udemy courses before but I have no idea what their practice exams are like. Is there anyone here with any advice or suggestions in this regard? submitted by /u/zeeplereddit [link] [comments]

  • General availability: Azure Database for PostgreSQL - Hyperscale (Citus) now FedRAMP High compliant
    by Azure service updates on March 30, 2022 at 4:01 pm

    Azure Database for PostgreSQL – Hyperscale (Citus), a managed service running the open-source Postgres database on Azure is now compliant with FedRAMP High.

  • Best Podcasts for Cert Seekers?
    by /u/zeeplereddit (Google Cloud Platform Certification) on March 24, 2022 at 10:07 pm

    Hi folks, I am greatly looking forward to embarking on my new adventure of getting several Google Certs. To that end, I am wondering what are the best podcasts to listen to during my commute back and forth from work? The types of podcasts I am hopeful of include those that discuss the exams, goes over sample questions in high detail, interviews people who have taken the test, and also, any podcasts that discuss the concepts that I will be wrapping my head around while I go after the certs. Thanks in advance! submitted by /u/zeeplereddit [link] [comments]

  • Accelerating Government Compliance with Google Cloud’s Professional Service Organization
    by (Training & Certifications) on March 21, 2022 at 5:00 pm

    Did you know that by 2025, enterprise IT spending on public cloud computing will overtake traditional IT spending? In fact, 51% of IT spend in application software, infrastructure software, business process services, and system infrastructure will transition to the public cloud, compared to 41% in 20221.. As enterprises continue to rapidly shift to the cloud, government agencies must prioritize and accelerate security and compliance implementation. In May 2021, the White House issued an Executive Order requiring US Federal agencies to accelerate cloud adoption, embrace security best practices, develop plans to implement Zero Trust architectures, and map implementation frameworks to FedRAMP. The Administration’s focus on secure cloud adoption marks a critical shift to prioritizing cybersecurity at scale. Google Cloud’s Public Sector Professional Services Organization (PSO) has committed to helping customers meet security and compliance requirements in the cloud through specialized consulting engagements. Accelerating Authority to Operate (ATO)The Federal Risk and Authorization Management Program (FedRAMP) was established in 2011 as a government-wide program that promotes the adoption of secure cloud services across the federal government. FedRAMP provides a standardized approach to security and risk assessment for cloud technologies and federal agencies. US Federal agencies are required to utilize and implement FedRAMP cloud service offerings as part of the “Cloud First” federal cloud computing strategy.While Google Cloud provides a FedRAMP-authorized cloud services platform and a robust catalog of FedRAMP-approved products and services (92 services and counting), customers are still tasked with achieving Agency ATO for the products and services they use, and Google Cloud provides many resources to assist customers with this journey. Google Cloud’s FedRAMP package can be accessed by completing the FedRAMP Package Access Request Form and submitting it to info@fedramp.gov. Additionally, customers can use Google’s NIST 800-53 ATO Accelerator as a starting point for documenting control implementation. Finally, Google Cloud’s Public Sector PSO offers the following strategic consulting engagements to help customers streamline the Agency ATO process.Cloud Discover: FedRAMP is a six-week interactive workshop to support customers that are just getting started with the ATO process on Google Cloud. Customers are educated on FedRAMP fundamentals, Google’s security and compliance posture, and how to approach ATO on Google Cloud. Through deep-dive interviews and design sessions, PSO helps customers craft an actionable ATO plan, assess FedRAMP readiness, and develop a conceptual ATO boundary. This engagement helps organizations establish a clear understanding and roadmap for FedRAMP ATO on Google Cloud.FedRAMP Security Review is a ten to twelve week engagement that aids customers in FedRAMP operational readiness. PSO consultants perform detailed FedRAMP architecture reviews to identify potential gaps in NIST 800-53 security control implementation and Google Cloud secure architecture best practices. Findings from the security reviews are shared with the customer along with configuration guidance and recommendations. This engagement helps organizations prepare for the third-party or independent security assessment that is required for FedRAMP ATO.Cloud Deploy: FedRAMP is a multi-month engagement designed to help customers document the details of their FedRAMP System Security Plan (SSP) and corresponding NIST 800-53 security controls, in preparation for Agency ATO on Google Cloud at FedRAMP Low, Moderate, or High. PSO collaborates with customers to develop a detailed technical infrastructure design document and security control matrix capturing evidence of the FedRAMP system architecture, security control implementation, data flows and system components. PSO can also partner with a third-party assessment organization (3PAO) or an independent assessor (IA) to support customer efforts for FedRAMP security assessment. This engagement helps customer system owners prepare for Agency ATO assessment and package submission.Developing a Zero Trust StrategyIn addition to providing FedRAMP enablement, Public Sector PSO has partnered with the Google Cloud Chief Information Security Officer (CISO) team to assist organizations with developing a zero trust architecture and strategy.Zero Trust Foundations is a seven-week engagement co-delivered by Google Cloud’s CISO and PSO teams. CISO and PSO educate customers on zero trust fundamentals, Google’s journey to zero trust through BeyondCorp, and defense in depth best practices. The CISO team walks customers through a Zero Trust Assessment (ZTA) to understand the organization’s current security posture and maturity. Insights from the ZTA enable the CISO team to work with the customer to identify an ideal first-mover workload for zero trust adoption. Following the CISO ZTA, PSO facilitates a deep-dive Zero Trust Workshop (ZTW), collaborating with key customer stakeholders to develop a NIST 800-207 aligned, cloud-agnostic zero trust architecture for the identified first-mover workload. The zero trust architecture is part of a comprehensive zero trust strategy deliverable that is based on focus areas called out in the Office of Management and Budget (OMB) Federal Zero Trust Strategy released January 2022. Scaling Secure Cloud Adoption with PSOPublic Sector PSO enables customer success by sharing our technical expertise, providing cloud strategy, implementation guidance, training and enablement using our proven methodology. As enterprise IT, operations, and organizational models continue to evolve, our goal is to help government agencies accelerate their security and compliance journeys in the cloud.  To learn more about the work we are doing with the federal government, visit cloud.google.com/solutions/federal-government. 1 Gartner Says More Than Half of Enterprise IT Spending in Key Market Segments Will Shift to the Cloud by 2025

  • GCP - PCNE (Thoughts on ACG/A cloud guru) training material
    by /u/friday963 (Google Cloud Platform Certification) on March 20, 2022 at 1:21 am

    Has anyone here done the PCNE exam and used A cloud guru as their primary study resource? If so what is your thoughts on the quality of the study material, is it enough to pass the cert or was much more external resources needed? So far I've done qwiklabs and acg for the PCNE exam, I think qwiklabs has a better lab environment but acg has a better video series. Either way I've not taken the exam but have scheduled it for later this month and am trying to gauge the level of difficulty. submitted by /u/friday963 [link] [comments]

  • exam of GCP Professional Cloud Architect
    by /u/meokey (Google Cloud Platform Certification) on March 11, 2022 at 9:43 pm

    I'm working on the courses of PCA and wondering what the exam would be like ... is there hands-on lab test in the exam? Do I have to remember all these command line tools and their arguments to pass the exam? Thanks. submitted by /u/meokey [link] [comments]

  • Which video course?
    by /u/Bollox427 (Google Cloud Platform Certification) on March 8, 2022 at 8:40 pm

    I would like to learn the fundamentals of GCP and then move on to Security and ML. I know Coursera do courses but is there anyone else of note? How do other course suppliers compare to Coursera? Is Coursera seen as an official education partner for the Google Cloud? submitted by /u/Bollox427 [link] [comments]

  • Women Techmakers journey to Google Cloud certification
    by (Training & Certifications) on March 8, 2022 at 5:00 pm

    In many places across the globe, March is celebrated as Women’s History Month, and March 8th, specifically, marks the day known around the world as International Women’s Day. Here at Google, we’re excited to celebrate women from all backgrounds and are committed to increasing the number of women in the technology industry. Google’s Women Techmakers community provides visibility, community, and resources for women in technology to drive participation and innovation in the field. This is achieved by hosting events, launching resources, and piloting new initiatives with communities and partners globally. By joining Women Techmakers, you'll receive regular emails with access to resources, tools and opportunities from Google and Women Techmakers partnerships to support you in your career.Google Cloud, in partnership with Women Techmakers, has created an opportunity to bridge the gaps in the credentialing space by offering a certification journey for Ambassadors of the Women Techmakers community. Participants will have the opportunity to take part in a free-of-charge, 6-week cohort learning journey, including: weekly 90-minute exam guide review sessions led by a technical mentor, peer-to-peer support in the form of an Online Community, and 12 months access to Google Cloud's on-demand learning platform, Google Cloud Skills Boost. Upon completion of the coursework required in the learning journey, participants will receive a voucher for the Associate Cloud Engineer certification exam. This program, and other similar offerings such as Cloud Career Jumpstart, and the learning journey for members transitioning out of the military, are just a few examples of the investment Google Cloud is making into the future of the technology workforce. Are you interested in staying in the loop with future opportunities with Google Cloud? Join our community here.Related ArticleCloud Career Jump Start: our virtual certification readiness programCloud Career Jump Start is Google Cloud’s first virtual Certification Journey Learning program for underrepresented communities.Read Article

  • Study path for GCP Professional Cloud Architect
    by /u/Prime367 (Google Cloud Platform Certification) on March 7, 2022 at 4:50 pm

    Hi Folks, Thanks for your time. I have been working as AWS Architect for 4-5 years, have several AWS certifications, including the Solution architect professional. I am supporting a GCP implementation for the past year or so, and want to go for GCP Cloud Architect certification now. Need some help with Which courses are best for the GCP Cloud Architect exam? Which practice tests do we need to do. I know it's difficult to clear certifications without doing any practice tests. Thanks in advance. submitted by /u/Prime367 [link] [comments]

  • which certification should i do?
    by /u/ParticularFactor353 (Google Cloud Platform Certification) on March 7, 2022 at 4:34 pm

    background: i am a fresher just joined a company and got the ETL domain ,and working on Bigquery scripts and composer, dataflow from past 6 months now i want to do some gcp certification so where should i begin? submitted by /u/ParticularFactor353 [link] [comments]

  • AWS & Azure Certified, how to start on GCP ACE? (Advice requested)
    by /u/skelldog (Google Cloud Platform Certification) on March 6, 2022 at 5:34 am

    Sorry, I know some of this has been discussed, but as things change regulary, I would appreciate any suggestions people are willing to share. I currently hold the three Associate certs from AWS and Azure Administrator Associate. I have been in IT for longer than I care to admit. I was thinking of bypassing Cloud Digital Leader and going directly to ACE? Between work and other options, I have access to most of the popular training programs (ITPro, AcloudGuru, Lynda, Qwiklabs, Acloudguru,Whizlabs, Udemy) I see the most recommendations for the Udemy course by Dan Sullivan, is this my best choice? My time is always limited, and I would like to pick the course that gives the most bang for the buck (Or time in this case) I already purchased the tutorials Dojo self-test last time they had a sale (Jon Bonso does some great work!) I would appreciate any other suggestions anyone is willing to offer. Thanks for reading this! submitted by /u/skelldog [link] [comments]

  • Digital Cloud Leader exam vouchers
    by /u/pillairohit (Google Cloud Platform Certification) on March 3, 2022 at 5:39 pm

    Hi all. Does GCP have online webinars/trainings that gives attendees exam vouchers? Similar to Microsoft Azure online webinars for AZ900? I'm asking for the Digital Cloud Leader certification exam. Thank you for your help and time. submitted by /u/pillairohit [link] [comments]

  • General availability: Asset certification in Azure Purview data catalog
    by Azure service updates on February 28, 2022 at 5:00 pm

    Data stewards can now certify assets that meet their organization's quality standards in the Azure Purview data catalog

  • GCP Associate Cloud Engineer Study Guide
    by /u/ravikirans (Google Cloud Platform Certification) on February 21, 2022 at 12:08 pm

    https://ravikirans.com/gcp-associate-cloud-engineer-exam-study-guide/ To view all the other GCP study Guides, check here https://ravikirans.com/category/gcp/ submitted by /u/ravikirans [link] [comments]

  • Sentinel Installation
    by /u/ribcap (Google Cloud Platform Certification) on February 20, 2022 at 7:30 pm

    Hey Everyone! So I'm in the process of scheduling an exam and have created my biometric profile but can't seem to install Sentinel. Anyone else have this issue? I've tried Chrome, Firefox, and even Safari. I click on the install link and literally nothing happens....nothing downloaded or anything. Any ideas? ​ Edit: I have not actually scheduled the exam...just trying to get everything else in place first. Should I schedule the exam prior to installing Sentinel? ​ Rib submitted by /u/ribcap [link] [comments]

  • Gcp exam fee reimbursement
    by /u/Aamirmir111 (Google Cloud Platform Certification) on February 17, 2022 at 2:15 pm

    If one clears a gcp certification exam.. is there any policy for fee reimbursement?? submitted by /u/Aamirmir111 [link] [comments]

  • Generally available: Azure Database for PostgreSQL – Hyperscale (Citus) new certifications
    by Azure service updates on February 16, 2022 at 5:00 pm

    New compliance certifications are now available on Azure Database for PostgreSQL – Hyperscale (Citus), a managed service running the open-source Postgres database on Azure.

  • Google Cloud Fundamentals Full Course For Beginners Only 2022 | GCP Certified
    by /u/ClayDesk (Google Cloud Platform Certification) on February 14, 2022 at 12:30 pm

    submitted by /u/ClayDesk [link] [comments]

  • Google Cloud Platform Service Comparison
    by /u/lervz_ (Google Cloud Platform Certification) on February 12, 2022 at 3:35 pm

    To anyone who has AWS/Azure background and is new to Google Cloud Platform, you will find this service comparison made by Google very helpful. AWS, Azure, GCP Service Comparison And for those who are preparing for the Google Associate Cloud Engineer Certification exam, check these resources from Tutorials Dojo. Google Certified Associate Cloud Engineer Practice Exams Google Certified Associate Cloud Engineer Study Guide Google Cloud Platform Cheat Sheets submitted by /u/lervz_ [link] [comments]

  • Unified data and ML: 5 ways to use BigQuery and Vertex AI together
    by (Training & Certifications) on February 9, 2022 at 4:00 pm

    Are you storing your data in BigQuery and interested in using that data to train and deploy models? Or maybe you’re already building ML workflows in Vertex AI, but looking to do more complex analysis of your model’s predictions? In this post, we’ll show you five integrations between Vertex AI and BigQuery, so you can store and ingest your data; build, train and deploy your ML models; and manage models at scale with built-in MLOps, all within one platform. Let’s get started!April 2022 update: You can now register and manage BigQuery ML models with Vertex AI Model Registry, a central repository to manage and govern the lifecycle of your ML models. This enables you to easily deploy your BigQuery ML models to Vertex AI for real time predictions. Learn more in this video about “ML Ops in BigQuery using Vertex AI.”Import BigQuery data into Vertex AIIf you’re using Google Cloud, chances are you have some data stored in BigQuery. When you’re ready to use this data to train a machine learning model, you can upload your BigQuery data directly into Vertex AI with a few steps in the console:You can also do this with the Vertex AI SDK:code_block[StructValue([(u'code', u'from google.cloud import aiplatform\r\n\r\ndataset = aiplatform.TabularDataset.create(\r\n display_name="my-tabular-dataset",\r\n bq_source="bq://project.dataset.table_name",\r\n)'), (u'language', u''), (u'caption', <wagtail.wagtailcore.rich_text.RichText object at 0x3e61f5819150>)])]Notice that you didn’t need to export our BigQuery data and re-import it into Vertex AI. Thanks to this integration, you can seamlessly connect your BigQuery data to Vertex AI without moving your data from the cloud.Access BigQuery public datasets This dataset integration between Vertex AI and BigQuery means that in addition to connecting your company’s own BigQuery datasets to Vertex AI, you can also utilize the 200+ publicly available datasets in BigQuery to train your own ML models. BigQuery’s public datasets cover a range of topics, including geographic, census, weather, sports, programming, healthcare, news, and more. You can use this data on its own to experiment with training models in Vertex AI, or to augment your existing data. For example, maybe you’re building a demand forecasting model and find that weather impacts demand for your product; you can join BigQuery’s public weather dataset with your organization’s sales data to train your forecasting model in Vertex AI.Below, you’ll see an example of importing the public weather data from last year to train a weather forecasting model:Accessing BigQuery data from Vertex AI Workbench notebooksData scientists often work in a notebook environment to do exploratory data analysis, create visualizations, and perform feature engineering. Within a managed Workbench notebook instance in Vertex AI, you can directly access your BigQuery data with a SQL query, or download it as a Pandas Dataframe for analysis in Python.Below, you’ll see how you can run a SQL query on a public London bikeshare dataset, then download the results of that query as a Pandas Dataframe to use in my notebook:Analyze test prediction data in BigQueryThat covers how to use BigQuery data for training models in Vertex AI. Next, we’ll look at integrations between Vertex AI and BigQuery for exporting model predictions. When you train a model in Vertex AI using AutoML, Vertex AI will split your data into training, test, and validation sets, and evaluate how your model performs on the test data. You also have the option to export your model’s test predictions to BigQuery so you can analyze them in more detail:Then, when training completes, you can examine your test data and run queries on test predictions. This can help determine areas where your model didn’t perform as well, so you can take steps to improve your data next time you train your model.Export Vertex AI batch prediction resultsWhen you have a trained model that you’re ready to use in production, there are a few options for getting predictions on that model with Vertex AI:Deploy your model to an endpoint for online predictionExport your model assets for on-device predictionRun a batch prediction job on your modelFor cases in which you have a large number of examples you’d like to send to your model for prediction, and in which latency is less of a concern, batch prediction is a great choice. When creating a batch prediction in Vertex AI, you can specify a BigQuery table as the source and destination for your prediction job: this means you’ll have one BigQuery table with the input data you want to get predictions on, and Vertex AI will write the results of your predictions to a separate BigQuery table.With these integrations, you can access BigQuery data, and build and train models. From there Vertex AI helps you:Take these models into production Automate the repeatability of your model with managed pipelines Manage your models performance and reliability over timeTrack lineage and artifacts of your models for easy-to-manage governance Apply explainability to evaluate feature attributions What’s Next?Ready to start using your BigQuery data for model training and prediction in Vertex AI? Check out these resources:Codelab: Training an AutoML model in Vertex AICodelab: Intro to Vertex AI WorkbenchDocumentation: Vertex AI batch predictionsVideo Series: AI Simplified: Vertex AIGitHub: Example NotebooksTraining: Vertex AI: Qwik StartAre there other BigQuery and Vertex AI integrations you’d like to see? Let Sara know on Twitter at @SRobTweets.Related ArticleWhat is Vertex AI? Developer advocates share moreDeveloper Advocates Priyanka Vergadia and Sara Robinson explain how Vertex AI supports your entire ML workflow—from data management all t...Read Article

  • Curso, videos o link para sacar la gcp cloud engineer associate
    by /u/ahelord (Google Cloud Platform Certification) on February 5, 2022 at 3:26 am

    Hola quisiera preguntar cuál es el mejor curso, videos o página para aprender gcp y pasar la certificación de associate submitted by /u/ahelord [link] [comments]

  • Access role-based Google Cloud training free of charge
    by (Training & Certifications) on February 3, 2022 at 5:00 pm

    Google Cloud is now offering 30 days no-cost access to Google Cloud Skills Boost, the definitive destination for skills development, to complete role-based training. Choose from the following eight learning paths, which include interactive labs and opportunities to earn skill badges to demonstrate your cloud knowledge: Getting Started with Google Cloud, Cloud Architect, Cloud Engineer, Data Analyst, Data Engineer, DevOps Engineer, Machine Learning Engineer and Cloud Developer learning path. Read below to find out more about each learning path. Getting Started with Google CloudIn this path, you’ll learn about Google Cloud fundamentals such as core infrastructure, big data and machine learning (ML). You’ll also find out how to write gcloud commands, use Cloud Shell, deploy virtual machines, and run containerized applications on Google Kubernetes Engine (GKE).Cloud ArchitectIf you’re looking to learn how to design, develop, and manage cloud solutions, this is the path for you. You’ll learn how to perform infrastructure tasks like using Cloud Monitoring, Cloud Identity and Access Management (Cloud IAM), and more. The path will end with how to architect with Google Compute Engine and GKE. For a guided walkthrough of how to get started with Cloud IAM and Monitoring, register here to join me on February 10. You’ll also have a chance to get your questions answered live by Google Cloud experts via chat. Cloud EngineerTo learn how to plan, configure, set up, and deploy cloud solutions, take this learning path. You’ll learn how to get started with Google Compute Engine, Terraform in a cloud environment, GKE, and more. Data AnalystThis learning path will teach you how to gather and analyze data to identify trends and develop valuable insights to help solve problems. You’ll be introduced to BigQuery, Looker, LookML, BigQuery ML, and Data Catalog. Data EngineerInterested in designing and building systems that collect the data used for business decisions? Select this path. You’ll learn how to modernize data lakes and data warehouses with Google Cloud. Afterwards, you will also discover how to use Dataflow for serverless data processing and more. DevOps EngineerA DevOps Engineer is responsible for defining and implementing best practices for efficient and reliable software delivery and infrastructure management. This learning path will show you how to build an SRE culture, use Google Cloud Operations Suite for DevOps, and more. Machine Learning EngineerChoose this path for courses and labs on how to design, build, productionize, optimize, operate, and maintain ML systems. You’ll discover how to use TensorFlow, MLOps tools, VertexAI, and more. Cloud DeveloperA Cloud Developer designs, builds, analyzes, and maintains cloud-native applications. This path will teach you how to use Cloud Run and Firebase for serverless app development. You’ll also learn how to deploy to Kubernetes in Google Cloud. To learn more about the basics of Google Cloud infrastructure before getting started with a learning path, register here. Ready for your role-based training? Sign up here.Related Article2022 Resolution: Learn Google Cloud, free of chargeTechnical practitioners and developers can start 2022 with free introductory training on how to use Google Cloud.Read Article

  • General availability: Azure Database for PostgreSQL – Hyperscale (Citus) new certifications
    by Azure service updates on February 2, 2022 at 5:00 pm

    New compliance certifications are now available on Azure Database for PostgreSQL – Hyperscale (Citus), a managed service running the open-source Postgres database on Azure.

  • Does anyone have gcp exam vouchers? Or anyone knows where can we get it from?
    by /u/Aamirmir111 (Google Cloud Platform Certification) on February 1, 2022 at 11:36 am

    submitted by /u/Aamirmir111 [link] [comments]

  • Let’s have a chat about using dumps
    by /u/whooyeah (Microsoft Azure Certifications) on January 31, 2022 at 9:49 pm

    This keeps coming up recently so it’s important we have a sticky chat about it that everyone can see. Dumps are essentially cheating. They go against what the exams were designed to do in teaching you azure skills. For this reason they are also against the terms of service from Microsoft for taking the exam. It’s annoying as a professional because you will be in a job interview and hear the hiring manager say things like “MCP exams are worthless because everyone just uses dumps”. Which is heart breaking when you have spent so much time studying the subject knowledge and validating your skills with the exam. As a hiring manager it is annoying because I’ve interviewed candidates in the past with an MCSD and it was clear they had no usable information because they cheated with dumps. You will notice in the side bar rule 1. Breaking this will result in a ban. submitted by /u/whooyeah [link] [comments]

  • This year, resolve to become a certified Professional Cloud Developer – here’s how
    by (Training & Certifications) on January 28, 2022 at 5:00 pm

    Do you have a New Year’s resolution to improve your career prospects? Sign up here for 30 days no-cost access to Google Cloud Skills Boost to help you on your way to becoming a certified Professional Cloud Developer. According to third-party IT training firm Global Knowledge, two Google Cloud Certified Professional certifications topped its list of the highest-paid IT certifications in 2021. Once you register, you’ll have an opportunity to take the Cloud Developer learning path, which consists of on-demand labs and courses, coveringGoogle Cloud infrastructure fundamentals, application development in the cloud, security, monitoring and troubleshooting, Kubernetes, Cloud Run, Firebase and more. Along the way, you’ll have an opportunity to earn skill badges to demonstrate your cloud knowledge and access resources to help you prepare for the Professional Cloud Developer certification.Click to enlargeFor example, once you’ve completed the Google Cloud Fundamentals, Core Infrastructure course, in person or on-demand, you can take the Getting Started With Application Development course, where you’ll learn how to design and develop cloud-native applications that integrate managed services from Google Cloud, including Cloud Client Libraries, the Cloud SDK, and Firebase SDKs, an overview of your storage options, and best practices for using Datastore and Cloud Storage.We’re also thrilled to announce that one of the most popular trainings in the Cloud Developer path, Application Development with Cloud Run, is now available on-demand, in addition to via live instruction. This is a great chance to get up to speed on this fully-managed, serverless compute platform at your own pace. Cloud Run marries the goodness of serverless and containers, and is fast becoming one of the most powerful ways to build and run a true cloud-native application. Moving down the proposed learning path, you can show off your Google Cloud chops with skill badges that you can display as part of your Google Developer Profile alongside your membership in the Google Cloud Innovators program, on social media, and on your resumé. There are a wide variety of interesting skills badge for cloud developers like the Serverless Cloud Run Development Quest, or Deploy to Kubernetes in Google Cloud, and many of them take just a couple of hours to complete.With these classes under your belt and Skills Badges on your profile, you’ll be in a good place to start preparing for the Professional Cloud Developer certification exam, using the proposed exam guide and sample questions to show the way. Here’s to earning your certification in 2022, and to a great future!Related Article2022 Resolution: Learn Google Cloud, free of chargeTechnical practitioners and developers can start 2022 with free introductory training on how to use Google Cloud.Read Article

  • Generally available: Azure Database for PostgreSQL – Hyperscale (Citus): New certifications
    by Azure service updates on January 19, 2022 at 5:00 pm

    New compliance certifications are now available on Azure Database for PostgreSQL – Hyperscale (Citus), a managed service running the open-source Postgres database on Azure.

  • Technical Training Made Easy and Accessible, the Google Cloud way
    by (Training & Certifications) on January 14, 2022 at 12:40 pm

    Cloud engineers face a constant barrage of new cloud services, products, and innovations. By late 2021, Google Cloud alone had released thousands of new features across hundreds of services. Couple this with other technologies and service releases, and it quickly becomes a herculean task for engineers to navigate, consume, and stay current on the ever changing technology landscape. We have heard from engineers this often leads to anxiety and frustration as engineers struggle to keep up. They are faced with a plethora of training options but often lack the time and funding. Google Cloud has reinvigorated technical training to make it more informative and applicable to public sector customers and partners. We aim to maximize your training experience so you can get targeted training when you need it. The Google Cloud Public Sector Technical Learning Series addresses customer feedback and provides fun and practical training. Sessions are currently running every two weeks. “Short and sweet” technical topics geared to subjects you care aboutGeneric training doesn't always resonate with public sector technologists. Our new curriculum targets specific public sector use cases, is delivered by customer engineers, and can be accomplished in less than two hours.  This means participants can apply the learnings directly to real-life challenges quickly. Easy to find, easy to enroll Training opportunities should always be at your fingertips. Our automated training platform will ensure that you only need to enroll once. The system will automatically notify you of upcoming sessions so you can plan in advance and at your convenience. Sessions will be offered on a recurring basis to meet the needs of your organization.Fun and engagingTypical training sessions often include a sea of glazed eyes, unresponsive to basic prompts, falling asleep at our desks, we have all been there. But it doesn't have to be this way. Our goal is to infuse Google culture into our training through interactive exchanges and tangible rewards to keep participants inspired and engaged.Traditional technology training doesn’t always help you navigate the nuts and bolts of how to effectively introduce a product into an organization. But we know that technology doesn’t operate in isolation; it supports and becomes part of a living organism, managed by humans and confined by other components of an organization’s structure (e.g. existing systems or decentralized business units). Part of a larger community of like-minded engineersLearning with - and from - a community of peers is one way to overcome the challenges and complexities of applying new technology within a complex organization. We created the Public Sector Connect community for this very reason. It is one example of how we surface best practices for public sector innovators. During weekly “Coffee Hours” and working sessions, our community members share their journey and lessons learned with each other. We know that innovation evolves through iteration and diverse perspectives, and Public Sector Connect is committed to helping surface critical challenges and solutions, and connecting those who are solving similar problems. Join the community today.

  • 2022 Resolution: Learn Google Cloud, free of charge
    by (Training & Certifications) on January 12, 2022 at 5:00 pm

    Start your 2022 New Year’s resolutions by learning at no cost how to use Google Cloud with the following training opportunities:30 day access to Google Cloud Skills Boost Register by January 31, 2022 and claim 30 days free access to Google Cloud Skills Boost to complete the Getting Started with Google Cloud learning path. Google Cloud Skills Boost is the definitive destination for skills development where you can personalize learning paths, track progress, and validate your newly-earned expertise with skill badges. The Getting Started with Google Cloud learning path will give you the opportunity to earn three skill badges after you complete hands-on labs and courses designed for aspiring cloud engineers and architects. It covers the fundamentals of Google Cloud including core infrastructure, big data and ML, writing gcloud commands, using Cloud Shell, deploying virtual machines, and running containerized applications on GKE.Cloud OnBoard: half day training on getting started with Google Cloud fundamentalsAttend the Getting Started Cloud OnBoard on January 20 for a comprehensive Google Cloud orientation. Google Cloud experts will show you how to execute your compute, available storage options, how to secure your data, and available Google Cloud managed services. Cloud Study Jam: expert-guided hands-on labGoogle Cloud experts will walk you through a hands-on lab included in Google Cloud Skill Boost’s Getting Started with Google Cloud learning path when you join our Cloud Study Jam on January 27. Google Cloud experts will also answer questions live via chat during this event.Related ArticleBuild your data analytics skills with the latest no cost BigQuery trainingsTo help you make the most of BigQuery, we’re offering no cost, on-demand training opportunitiesRead Article

  • Google Cloud doubles-down on ecosystem in 2022 to meet customer demand
    by (Training & Certifications) on January 11, 2022 at 3:00 pm

    Google Cloud has been a partner-focused business from day one. As we reflect on 2021 and look forward to what’s ahead, I want to say “thank you” to our ecosystem for all of the amazing innovations and services you provided our mutual customers over the last year. In 2021, we faced unprecedented demand from businesses as they turned to the cloud to digitally transform their organizations. This surge in cloud deployments meant we increasingly turned to our ecosystem to help customers create customized implementations with our systems integrators (SIs), build packaged solutions with our independent software vendors (ISVs), or coach employees how to best use new cloud technologies with our consulting and training firms.To continue meeting growing customer demand in 2022 and beyond, I am pleased to share that we are bringing together our ecosystem and channel sales teams into a single partner organization to bring a more streamlined go-to-market approach for our partners and customers. In support of this change, we plan to more than double our spend in support of our partner ecosystem over the next few years, including rolling out increased co-innovation resources for partners, more incentives and co-marketing funds, and a larger commitment to training and enablement—all with a goal of continuing our joint momentum in the market.Providing leads and new go-to-market programs for consulting partnersThe need for highly-skilled partners to accelerate digital transformation for customers has never been greater, and our ecosystem of services partners continues to gain tremendous opportunities to deliver high-value implementation and professional services, industry solutions, and digital transformation expertise. In 2022, we are investing in our SIs by:Moving to a partner-led, partner-delivered approach for professional services needed by our customers, particularly through expanded work with partners. This will include new programs for lead generation and lead sharing with our SI partners.Increasing our investment with SIs in deploying go-to-market programs for industry-specific SI solutions, as well as creating more pre-integrated industry ISV and Google Cloud AI solutions together with our SI partners.Accelerating critical training, specialization, and certification programs in support of our goal of training 40 million new people on Google Cloud. This includes new programs for experienced practitioners, and a hybrid learning modality that combines online and in-person learning supported by Google mentors. Accelerating growth for ISV partners with more resourcesIn 2021, our ISV partners helped build unique integrations with Google Cloud capabilities in AI, ML, data, analytics, and security for our mutual customers. In fact, our marketplace third-party transaction value was up more than 500% YoY from 2020 (Q1-Q3). In 2022, we are deepening our commitment to our ISV partners’ success by:Making significant investments in new Google Cloud Marketplace functionality, including adding new technical resources that will help accelerate how ISVs distribute their apps and solutions. Coupled with this, we’re also lowering the Marketplace rate to 3% for eligible solutions, helping drive more adoption with customers. Expanding our regional sales and technical teams who are dedicated to supporting ISVs, and at the same time increasing market development funds (MDF) to drive further sales growth for our ISVs.Dedicating additional technical resources to help ISVs move to more modern SaaS delivery models, as well as to optimize and supercharge their apps for their customers by leveraging Google Cloud technologies.Creating new monetization models for ISVs using Google Distributed Cloud to deliver products across hybrid environments, multiple clouds, and at the network edge. ISVs will be able to build industry-specific 5G and edge solutions leveraging our ecosystem of telecommunication providers and 140+ Google network edge locations.Increasing funds for ISVs to accelerate customer cloud migrations by offsetting infrastructure costs during migration (ISV Cloud Acceleration Program).Launching new program incentives to drive a thriving channelSince the launch of our Partner Advantage program, we have increased funds for our channel partners tenfold. In 2021, to extend this momentum, we expanded our incentive portfolio for resellers to support their long-term growth and profitability. In 2022, we are increasing our investment in partner programs even further, including:Significantly expanding incentives to reward partners who source and grow customer engagements, and for those who deliver exceptional customer experiences and critical implementation services.Evolving to industry-standard compensation plans for our direct sellers, and rewarding our channel partners for implementation (vs. reselling) for larger enterprise customers.Significantly increasing co-marketing funding for our channel partners to accelerate demand generation and time-to-close.Growing our learning resources, including launching more than 10 new Expertises and Specializations, and expanding our certification programs for partners to deliver the highest levels of Google Cloud expertise to customers.Launching a new program for resellers to support customers via offerings on the Google Cloud Marketplace.Sharing a toolkit to bring the best of Google’s diversity, equity, and inclusion (DEI) resources to our ecosystem of partners, including programs to develop inclusive marketing strategies and deploy DEI training within their own organizations.As we kick off 2022, it’s clear that the trend of digital transformation will only continue to drive customer demand for the cloud and, more importantly, a need for services, support, and solutions from our partners. We believe that by centralizing our partner groups into a single organization and by more than doubling our spend in support of our partner ecosystem over the next few years, we will help accelerate our joint momentum in the market around the world. For more information on these new programs and resources, please reach out to your Partner Account Manager or login to your Partner Advantage portal at partneradvantage.goog.

  • Are you a multicloud engineer yet? The case for building skills on more than one cloud
    by (Training & Certifications) on January 7, 2022 at 5:00 pm

    Over the past few months, I made the choice to move from the AWS ecosystem to Google Cloud — both great clouds! — and I think it’s made me a stronger, more well-rounded technologist.But I’m just one data point in a big trend. Multicloud is an inevitability in medium-to-large organizations at this point, as I and others have been saying for awhile now. As IT footprints get more complex, you should expect to see a broader range of cloud provider requirements showing up where you work and interview. Ready or not, multicloud is happening.In fact, Hashicorp’s recent State of Cloud Strategy Survey found 76% of employers are already using multiple clouds in some fashion, with more than 50% flagging lack of skills among their employees as a top challenge to survival in the cloud.That spells opportunity for you as an engineer. But with limited time and bandwidth, where do you place your bets to ensure that you’re staying competitive in this ever-cloudier world?You could pick one cloud to get good at and stick with it; that’s a perfectly valid career bet. (And if you do bet your career on one cloud, you should totally pick Google Cloud! I have reasons!) But in this post I’m arguing that expanding your scope of professional fluency to at least two of the three major US cloud providers (Google Cloud, AWS, Microsoft Azure) opens up some unique, future-optimized career options.What do I mean by ‘multicloud fluency’? For the sake of this discussion, I’m defining “multicloud fluency” as a level of familiarity with each cloud that would enable you to, say, pass the flagship professional-level certification offered by that cloud provider–for example, Google Cloud’s Professional Cloud Architect certification or AWS’s Certified Solutions Architect Professional. Notably, I am not saying that multicloud fluency implies experience maintaining production workloads on more than one cloud, and I’ll clarify why in a minute.How does multicloud fluency make you a better cloud engineer?I asked the cloud community on Twitter to give me some examples of how knowledge of multiple clouds has helped their careers, and dozens of engineers responded with a great discussion.Turns out that even if you never incorporate services from multiple clouds in the same project — and many people don’t! — there’s still value in understanding how the other cloud lives.Learning the lingua franca of cloudI like this framing of the different cloud providers as “Romance languages” — as with human languages in the same family tree, clouds share many of the same conceptual building blocks. Adults learn primarily by analogy to things we’ve already encountered. Just as learning one programming language makes it easier to learn more, learning one cloud reduces your ramp-up time on others.More than just helping you absorb new information faster, understanding the strengths and tradeoffs of different cloud providers can help you make the best choice of services and architectures for new projects. I actually remember struggling with this at times when I worked for a consulting shop that focused exclusively on AWS. A client would ask “What if we did this on Azure?” and I really didn’t have the context to be sure. But if you have a solid foundational understanding of the landscape across the major providers, you can feel confident — and inspire confidence! — in your technical choices.Becoming a unicornTo be clear, this level of awareness isn’t common among engineering talent. That’s why people with multicloud chops are often considered “unicorns'' in the hiring market. Want to stand out in 2022? Show that you’re conversant in more than just one cloud. At the very least, it expands the market for your skills to include companies that focus on each of the clouds you know.Taking that idea to its extreme, some of the biggest advocates for the value of a multicloud resumé are consultants, which makes sense given that they often work on different clouds depending on the client project of the week. Lynn Langit, an independent consultant and one of the cloud technologists I most respect, estimates that she spends about 40% of her consulting time on Google Cloud, 40% on AWS, and 20% on Azure. Fluency across providers lets her select the engagements that are most interesting to her and allows her to recommend the technology that provides the greatest value.But don’t get me wrong: multicloud skills can also be great for your career progression if you work on an in-house engineering team. As companies’ cloud posture becomes more complex, they need technical leaders and decision-makers who comprehend their full cloud footprint. Want to become a principal engineer or engineering manager at a mid-to-large-sized enterprise or growing startup? Those roles require an organization-wide understanding of your technology landscape, and that’s probably going to include services from more than one cloud. How to multicloud-ify your careerWe’ve established that some familiarity with multiple clouds expands your career options. But learning one cloud can seem daunting enough, especially if it’s not part of your current day job. How do you chart a multicloud career path that doesn’t end with you spreading yourself too thin to be effective at anything?Get good at the core conceptsYes, all the clouds are different. But they share many of the same basic approaches to IAM, virtual networking, high availability, and more. These are portable fundamentals that you can move between clouds as needed. If you’re new to cloud, an associate-level solutions architect certification will help you cover the basics. Make sure to do hands-on labs to help make the concepts real, though — we learn much more by doing than by reading.Go deep on your primary cloudFundamentals aside, it’s really important that you have a native level of fluency in one cloud provider. You may have the opportunity to pick up multicloud skills on the job, but to get a cloud engineering role you’re almost certainly going to need to show significant expertise on a specific cloud.Note: If you’re brand new to cloud and not sure which provider to start with, my biased (but informed) recommendation is to give Google Cloud a try. It has a free tier that won’t bill you until you give permission, and the nifty project structure makes it really easy to spin up and tear down different test environments.It’s worth noting that engineering teams specialize, too; everybody has loose ends, but they’ll often try to standardize on one cloud provider as much as they can. If you work on such a team, take advantage of the opportunity to get as much hands-on experience with their preferred cloud as possible.Go broad on your secondary cloudYou may have heard of the concept of T-shaped skills. A well-rounded developer is broadly familiar with a range of relevant technologies (the horizontal part of the “T”), and an expert in a deep, specific niche. You can think of your skills on your primary cloud provider as the deep part of your “T”. (Actually, let’s be real — even a single cloud has too many services for any one person to hold in their heads at an expert level. Your niche is likely to be a subset of your primary cloud’s services: say, security or data.)We could put this a different way: build on your primary cloud, get certified on your secondary. This gives you hirable expertise on your “native” cloud and situational awareness of the rest of the market. As opportunities come up to build on that secondary cloud, you’ll be ready.I should add that several people have emphasized to me that they sense diminishing returns when keeping up with more than one secondary cloud. At some point the cognitive switching gets overwhelming and the additional learning doesn’t add much value. Perhaps the sweet spot looks like this: 1< 2 > 3.Bet on cloud-native services and multicloud toolingThe whole point of building on the cloud is to take advantage of what the cloud does best — and usually that means leveraging powerful, native managed services like Spanner and Vertex AI. On the other hand, the cloud ecosystem has now matured to the point where fantastic, open-source multicloud management tooling for wrangling those provider-specific services is readily available. (Doing containers on cloud? Probably using Kubernetes! Looking for a DevOps role? The team is probably looking for Terraform expertise no matter what cloud they major on.) By investing learning time in some of these cross-cloud tools, you open even more doors to build interesting things with the team of your choice.Multicloud and youWhen I moved into the Google Cloud world after years of being an AWS Hero, I made sure to follow a new set of Google Cloud voices like Stephanie Wong and Richard Seroter. But I didn’t ghost my AWS-using friends, either! I’m a better technologist (and a better community member) when I keep up with both ecosystems. “But I can hardly keep up with the firehose of features and updates coming from Cloud A. How will I be able to add in Cloud B?” Accept that you can’t know everything. Nobody does. Use your broad knowledge of cloud fundamentals as an index, read the docs frequently for services that you use a lot, and keep your awareness of your secondary cloud fresh:Follow a few trusted voices who can help you filter the signal from the noiseAttend a virtual event once a quarter or so; it’s never been easier to access live learningBuild a weekend side project that puts your skills into practiceUltimately, you (not your team or their technology choices!) are responsible for the trajectory of your career. If this post has raised career questions that I can help answer, please feel free to hit me up on Twitter. Let’s continue the conversation.Related ArticleFive do’s and don’ts of multicloud, according to the expertsWe talked with experts about why to do multicloud, and how to do it right. Here is what we learned.Read Article

  • How to become a certified cloud professional
    by (Training & Certifications) on December 15, 2021 at 6:00 pm

    Achieving a certification is seen as a stamp of approval validating one's skills and expertise to perform a given job role. Google Cloud Certification program brings a framework to help equip organizations develop talent for the future. These certifications are not just about Google Cloud technologies. Just like the real-world, examinees are expected to know the vast array of technologies they may encounter in their day-to-day jobs. The question you might be asking yourself is: How do I become a certified cloud professional? First, let us share some tips with you on gaining hands-on experience with Google Cloud by introducing skill badges. Watch this video to learn more:The more skill badges you achieve, the stronger your readiness becomes.The next question you may be asking yourself is: should I go for the associate or the professional level exam?The associate level certification is focused on the fundamental skills of deploying, monitoring, and maintaining projects on Google Cloud. This certification is a good starting point for those new to cloud and can be used as a path to professional level certifications. Watch this video to learn about the Associate Cloud Engineer exam by Google Cloud.Professional certifications span key technical job functions and assess advanced skills in design, implementation, and management. These certifications are recommended for individuals with industry experience and familiarity with Google Cloud products and solutions.We’d recommend you start with reviewing the certification exam website and look for the descriptions of the role you think is most appropriate for you. The exam guide in particular is a helpful resource because it outlines the domains covered by the exam. As an example, check out the exam guide and the introduction video for the Professional Cloud Developer certification.Setting a goal of achieving a certification is a personal and professional milestone! As much as we wish all of you interested in Google Cloud certification best of luck in earning them, we have one final reminder: please study to learn, not just to pass. The learning mindset is what keeps the technology exploration journey interesting. Happy learning and send your questions our way on LinkedIn to Magda Jary and Priyanka Vergadia.

  • Azure Database for PostgreSQL – Hyperscale (Citus): New toolkit certifications generally available
    by Azure service updates on December 15, 2021 at 5:00 pm

    New Toolkit certifications are now available on Azure Database for PostgreSQL – Hyperscale (Citus), a managed service running the open-source Postgres database on Azure.

  • Azure VMware Solution achieves FedRAMP High Authorization
    by Azure service updates on September 15, 2021 at 11:53 pm

    With this certification, U.S. government and public sector customers can now use Azure VMware Solution as a compliant FedRAMP cloud computing environment, ensuring it meets the demanding standards for security and information protection.

  • Azure expands HITRUST certification across 51 Azure regions
    by Azure service updates on August 23, 2021 at 9:38 pm

    Azure expands offering and region coverage to Azure customers with its 2021 HITRUST validated assessment.

  • Azure Database for PostgreSQL - Hyperscale (Citus) now compliant with additional certifications
    by Azure service updates on June 9, 2021 at 4:00 pm

    New certifications are now available for Hyperscale (Citus) on Azure Database for PostgreSQL, a managed service running the open-source Postgres database on Azure.

  • Azure expands PCI DSS certification
    by Azure service updates on March 15, 2021 at 5:02 pm

    You can now leverage Azure’s Payment Card Industry Data Security Standard (PCI DSS) certification across all live Azure regions.

  • 172 Azure offerings achieve HITRUST certification
    by Azure service updates on February 3, 2021 at 10:24 pm

    Azure expands its depth of offerings to Azure customers with its latest independent HITRUST assessment.

  • Azure achieves its first PCI 3DS certification
    by Azure service updates on February 3, 2021 at 10:24 pm

    Azure’s PCI 3DS Attestation of Compliance, PCI 3DS Shared Responsibility Matrix, and PCI 3DS whitepaper are now available.

  • Azure Databricks Achieves FedRAMP High Authorization on Microsoft Azure Government
    by Azure service updates on November 25, 2020 at 5:00 pm

    With this certification, customers can now use Azure Databricks to process the U.S. government’s most sensitive, unclassified data in cloud computing environments, including data that involves the protection of life and financial assets.

  • New SAP HANA Certified Memory-Optimized Virtual Machines now available
    by Azure service updates on November 12, 2020 at 5:01 pm

    We are expanding our SAP HANA certifications, enabling you to run production SAP HANA workloads on the Edsv4 virtual machines sizes.

  • Azure achieves Service Organization Controls compliance for 14 additional services
    by Azure service updates on November 11, 2020 at 5:10 pm

    Azure gives you some of the industry’s broadest certifications for the critical SOC 1, 2, and 3 compliance offering, which is widely used around the world.

  • Announcing the unified Azure Certified Device program
    by Azure service updates on September 22, 2020 at 4:05 pm

    A unified and enhanced Azure Certified Device program was announced at Microsoft Ignite, expanding on previous Microsoft certification offerings that validate IoT devices meet specific capabilities and are built to run on Azure. This program offers a low-cost opportunity for device builders to increase visibility of their products while making it easy for solution builders and end customers to find the right device for their IoT solutions.

  • IoT Security updates for September 2020
    by Azure service updates on September 22, 2020 at 4:05 pm

    New Azure IoT Security product updates include improvements around monitoring, edge nesting and the availability of Azure Defender for IoT.

  • Azure Certified for Plug and Play is now available
    by Azure service updates on August 27, 2020 at 12:21 am

    IoT Plug and Play device certification is now available from Microsoft as part of the Azure Certified device program.

  • Azure France has achieved GSMA accreditation
    by Azure service updates on August 6, 2020 at 5:45 pm

    Azure has added an important compliance offering for telecommunications in France, the Global System for Mobile Communications Association (GSMA) Security Accreditation Scheme for Subscription Management (SAS-SM).

  • Azure Red Hat OpenShift is now ISO 27001 certified
    by Azure service updates on July 21, 2020 at 4:00 pm

    To help you meet your compliance obligations across regulated industries and markets worldwide, Azure Red Hat OpenShift is now ISO 27001 certified.

  • Azure Lighthouse updates—April 2020
    by Azure service updates on June 1, 2020 at 4:00 pm

    Several critical updates have been made to Azure Lighthouse, including FEDRAMP certification, delegation opt-out, and Azure Backup reports.

  • Azure NetApp Files—New certifications, increased SLA, expanded regional availability
    by Azure service updates on May 19, 2020 at 4:00 pm

    The SLA guarantee for Azure NetApp Files has increased to 99.99 percent. In addition, NetApp Files is now HIPAA and FedRAMP certified, and regional availability has been increased.

  • Kubernetes on Azure Stack Hub in GA
    by Azure service updates on February 25, 2020 at 5:00 pm

    We now support Kubernetes cluster deployment on Azure Stack Hub, a certified Kubernetes Cloud Provider. Install Kubernetes using Azure Resource Manager templates generated by ACS Engine on Azure Stack Hub.

  • Azure Firewall Spring 2020 updates
    by Azure service updates on February 19, 2020 at 5:00 pm

    Excerpt: Azure Firewall is now ICSA Labs certified. In addition, several key Azure Firewall capabilities have recently been released into general availability (GA) and preview.

  • Azure IoT C# and Java SDKs release new long-term support (LTS) branches
    by Azure service updates on February 14, 2020 at 5:00 pm

    The Azure IoT Java and C# SDKs have each now released new long-term support (LTS) branches.

  • HPC Cache receives ISO certifications, adds stopping feature, and new region
    by Azure service updates on February 11, 2020 at 5:00 pm

    Azure HPC Cache has received new SO27001, 27018 and 27701 certifications, adds new features to manage storage caching in performance-driven workloads and expands service access to Korea Central.

  • Azure Blueprint for FedRAMP High now available in new regions
    by Azure service updates on February 3, 2020 at 5:00 pm

    The Azure Blueprint for FedRAMP High is now available in both Azure Government and Azure Public regions. This is in addition to the Azure Blueprint for FedRAMP Moderate released in November, 2019.

  • Azure Databricks Is now HITRUST certified
    by Azure service updates on January 22, 2020 at 5:01 pm

    Azure Databricks is now certified for the HITRUST Common Security Framework (HITRUST CSF®), the most widely coveted security accreditation for the healthcare industry. With this certification, health care customers can now use volumes of clinical data to drive innovation using Azure Databricks, without any worry about security and risk.

  • Microsoft plans to establish new cloud datacenter region in Qatar
    by Azure service updates on December 11, 2019 at 8:00 pm

    Microsoft recently announced plans to establish a new cloud datacenter region in Qatar to deliver its intelligent, trusted cloud services and expand the Microsoft global cloud infrastructure to 55 cloud regions in 20 countries.

  • Azure NetApp Files HANA certification and new region availability
    by Azure service updates on November 4, 2019 at 5:00 pm

    Azure NetApp Files , one of the fastest growing bare-metal Azure services, has achieved SAP HANA certification for both scale-up and scale-out deployments.

  • Azure achieves TrueSight certification
    by Azure service updates on September 23, 2019 at 5:00 pm

    Azure achieved certification for TruSight, an industry-backed, best-practices third-party assessment utility.

  • IoT Plug and Play Preview is now available
    by Azure service updates on August 21, 2019 at 4:00 pm

    With IoT Plug and Play Preview, solution developers can start using Azure IoT Central to build solutions that integrate seamlessly with IoT devices enabled with IoT Plug and Play.

  • View linked GitHub activity from the Kanban board
    by Azure service updates on June 21, 2019 at 5:00 pm

    We continue to enhance the Azure Boards integration with GitHub. Now you can get information of your linked GitHub commits, pull requests and issues on your Kanban board. This information will give you a quick sense of where an item is at and allow you to directly navigate out to the GitHub commit, pull request, or issue for more details.

  • Video Indexer is now ISO, SOC, HiTRUST, FedRAMP, HIPAA, PCI certified
    by Azure service updates on April 2, 2019 at 9:08 pm

    Video Indexer has received new certifications to fit with enterprise certification requirements.

  • Video Indexer is now ISO, SOC, HiTRUST, FedRAMP, HIPAA, PCI certified
    by Azure service updates on March 26, 2019 at 9:06 pm

    Video Indexer has received new certifications to fit with enterprise certification requirements.

  • Azure South Africa regions are now available
    by Azure service updates on March 7, 2019 at 6:00 pm

    Azure services are available from new cloud regions in Johannesburg (South Africa North) and Cape Town (South Africa West), South Africa. The launch of these regions is a milestone for Microsoft.

  • Azure DevOps Roadmap update for 2019 Q1
    by Azure service updates on February 14, 2019 at 8:22 pm

    We updated the Features Timeline to provide visibility on our key investments for this quarter.

  • Kubernetes on Azure Stack in preview
    by Azure service updates on November 1, 2018 at 7:00 pm

    We now support Kubernetes cluster deployment on Azure Stack, a certified Kubernetes Cloud Provider. Install Kubernetes using Azure Resource Manager templates generated by ACS-Engine on Azure Stack.

  • Azure Stack—FedRAMP High documentation now available
    by Azure service updates on November 1, 2018 at 7:00 pm

    FedRAMP High documentation is now available for Azure Stack customers.

  • Azure Stack Infrastructure—compliance certification guidance
    by Azure service updates on November 1, 2018 at 7:00 pm

    We have created documentation to describe how Azure Stack infrastructure satisfies regulatory technical controls for PCI-DSS and CSA-CCM.

  • Logic Apps is ISO, HIPAA, CSA STAR, PCI DSS, SOC, and EU Model Clauses compliant
    by Azure service updates on July 18, 2017 at 5:05 pm

    The Logic Apps feature of Azure App Service is now ISO/IEC 27001, ISO/IEC 27018, HIPAA, CSA STAR, PCI DSS, SOC, and EU Model Clauses compliant.

  • Apache Kafka on HDInsight with Azure Managed Disks
    by Azure service updates on June 30, 2017 at 3:44 pm

    We're pleased to announce Apache Kafka with Azure Managed Disks Preview on the HDInsight platform. Users will now be able to deploy Kafka clusters with managed disks straight from the Azure portal, with no signup necessary.

  • Azure Backup for Windows Server system state
    by Azure service updates on June 14, 2017 at 10:54 pm

    Customers will now be able to to perform comprehensive, secure, and reliable Windows Server recoveries. We Will be extending the data backup capabilities of the Azure Backup agent so that it will now integrate with the Windows Server Backup feature, available natively on every Windows Server.

  • Azure Data Catalog is ISO, CSA STAR, HIPAA, EU Model Clauses compliant
    by Azure service updates on March 7, 2017 at 12:00 am

    Azure Data Catalog is ISO/IEC 27001, ISO/IEC 27018, HIPAA, CSA STAR, and EU Model Clauses compliant.

  • Azure compliance: Azure Cosmos DB certified for ISO 27001, HIPAA, and the EU Model Clauses
    by Azure service updates on March 25, 2016 at 10:00 am

    The Azure Cosmos DB team is excited to announce that Azure Cosmos DB is ISO 27001, HIPAA, and EU Model Clauses compliant.

  • Compliance updates for Azure public cloud
    by Azure service updates on March 16, 2016 at 9:24 pm

    We’re adding more certification coverage to our Azure portfolio, so regulated customers can take advantage of new services.

  • Protect and recover your production workloads in Azure
    by Azure service updates on October 2, 2014 at 5:00 pm

    With Azure Site Recovery, you can protect and recover your production workloads while saving on capital and operational expenditures.

  • ISO Certification expanded to include more Azure services
    by Azure service updates on January 17, 2014 at 1:00 am

    Azure ISO Certification expanded to include SQL Database, Active Directory, Traffic Manager, Web Sites, BizTalk Services, Media Services, Mobile Services, Service Bus, Multi-Factor Authentication, and HDInsight.


Top-paying Cloud certifications:

Google Certified Professional Cloud Architect — $175,761/year
AWS Certified Solutions Architect – Associate — $149,446/year
Azure/Microsoft Cloud Solution Architect – $141,748/yr
Google Cloud Associate Engineer – $145,769/yr
AWS Certified Cloud Practitioner — $131,465/year
Microsoft Certified: Azure Fundamentals — $126,653/year
Microsoft Certified: Azure Administrator Associate — $125,993/year

Djamgatech: Multilingual and Platform Independent Cloud Certification and Education App for AWS, Azure, Google Cloud

Djamgatech: AI Driven Continuing Education and Certification Preparation Platform

The Cloud Education Certification App is an EduFlix App for AWS, Azure, Google Cloud Certification Prep [Android, iOS]

Technology is changing and is moving towards the cloud. The cloud will power most businesses in the coming years and is not taught in schools. How do we ensure that our kids and youth and ourselves are best prepared for this challenge?

Building mobile educational apps that work offline and on any device can help greatly in that sense.

2022 AWS Cloud Practitioner Exam Preparation

The ability to tab on a button and learn the cloud fundamentals and take quizzes is a great opportunity to help our children and youth to boost their job prospects and be more productive at work.

The App covers the following certifications :
AWS Cloud Practitioner Exam Prep CCP CLF-C01, Azure Fundamentals AZ 900 Exam Prep, AWS Certified Solution Architect Associate SAA-C02 Exam Prep, AWS Certified Developer Associate DVA-C01 Exam Prep, Azure Administrator AZ 104 Exam Prep, Google Associate Cloud Engineer Exam Prep, Data Analytics for AWS DAS-C01, Machine Learning for AWS and Google, AWS Certified Security – Specialty (SCS-C01), AWS Certified Machine Learning – Specialty (MLS-C01), Google Cloud Professional Machine Learning Engineer and more… [Android, iOS]

[appbox googleplay com.cloudeducation.free]
[appbox appstore 1560083470-iphone screenshots]

The App covers the following cloud categories:

AWS Technology, AWS Security and Compliance, AWS Cloud Concepts, AWS Billing and Pricing , AWS Design High Performing Architectures, AWS Design Cost Optimized Architectures, AWS Specify Secure Applications And Architectures, AWS Design Resilient Architecture, Development With AWS, AWS Deployment, AWS Security, AWS Monitoring, AWS Troubleshooting, AWS Refactoring, Azure Pricing and Support, Azure Cloud Concepts , Azure Identity, governance, and compliance, Azure Services , Implement and Manage Azure Storage, Deploy and Manage Azure Compute Resources, Configure and Manage Azure Networking Services, Monitor and Backup Azure Resources, GCP Plan and configure a cloud solution, GCP Deploy and implement a cloud solution, GCP Ensure successful operation of a cloud solution, GCP Configure access and security, GCP Setting up a cloud solution environment, AWS Incident Response, AWS Logging and Monitoring, AWS Infrastructure Security, AWS Identity and Access Management, AWS Data Protection, AWS Data Engineering, AWS Exploratory Data Analysis, AWS Modeling, AWS Machine Learning Implementation and Operations, GCP Frame ML problems, GCP Architect ML solutions, GCP Prepare and process data, GCP Develop ML models, GCP Automate & orchestrate ML pipelines, GCP Monitor, optimize, and maintain ML solutions, etc.. [Android, iOS]

Cloud Education and Certification

The App covers the following Cloud Services, Framework and technologies:

AWS: VPC, S3, DynamoDB, EC2, ECS, Lambda, API Gateway, CloudWatch, CloudTrail, Code Pipeline, Code Deploy, TCO Calculator, SES, EBS, ELB, AWS Autoscaling , RDS, Aurora, Route 53, Amazon CodeGuru, Amazon Bracket, AWS Billing and Pricing, Simply Monthly Calculator, cost calculator, Ec2 pricing on-demand, IAM, AWS Pricing, Pay As You Go, No Upfront Cost, Cost Explorer, AWS Organizations, Consolidated billing, Instance Scheduler, on-demand instances, Reserved instances, Spot Instances, CloudFront, Workspace, S3 storage classes, Regions, Availability Zones, Placement Groups, Amazon lightsail, Redshift, EC2 G4ad instances, DAAS, PAAS, IAAS, SAAS, NAAS, Machine Learning, Key Pairs, AWS CloudFormation, Amazon Macie, Amazon Textract, Glacier Deep Archive, 99.999999999% durability, AWS Codestar, Amazon Neptune, S3 Bucket, EMR, SNS, Desktop As A Service, Emazon EC2 for Mac, Aurora Postgres SQL, Kubernetes, Containers, Cluster.

Azure: Virtual Machines, Azure App Services, Azure Container Instances (ACI), Azure Kubernetes Service (AKS), and Windows Virtual Desktop, Virtual Networks, VPN Gateway, Virtual Network peering, and ExpressRoute, Container (Blob) Storage, Disk Storage, File Storage, and storage tiers, Cosmos DB, Azure SQL Database, Azure Database for MySQL, Azure Database for PostgreSQL, and SQL Managed Instance, Azure Marketplace, Azure consumption-based mode, management groups, resources and RG, Geographic distribution concepts such as Azure regions, region pairs, and AZ Internet of Things (IoT) Hub, IoT Central, and Azure Sphere, Azure Synapse Analytics, HDInsight, and Azure Databricks, Azure Machine Learning, Cognitive Services and Azure Bot Service, Serverless computing solutions that include Azure Functions and Logic Apps, Azure DevOps, GitHub, GitHub Actions, and Azure DevTest Labs, Azure Mobile, Azure Advisor, Azure Resource Manager (ARM) templates, Azure Security, Privacy and Workloads, General security and network security, Azure security features, Azure Security Centre, policy compliance, security alerts, secure score, and resource hygiene, Key Vault, Azure Sentinel, Azure Dedicated Hosts, Concept of defense in depth, NSG, Azure Firewall, Azure DDoS protection, Identity, governance, Conditional Access, Multi-Factor Authentication (MFA), and Single Sign-On (SSO),Azure Services, Core Azure architectural components, Management Groups, Azure Resource Manager,


Save 65% on select product(s) with promo code 65ZDS44X on Amazon.com

Google Cloud Platform: Compute Engine, App Engine, BigQuery, Bigtable, Pub/Sub, flow logs, CORS, CLI, pod, Firebase, Cloud Run, Cloud Firestore, Cloud CDN, Cloud Storage, Persistent Disk, Kubernetes engine, Container registry, Cloud Load Balancing, Cloud Dataflow, gsutils, Cloud SQL,

2022 AWS Cloud Practitioner Exam Preparation

Cloud Education Certification: Eduflix App for Cloud Education and Certification (AWS, Azure, Google Cloud) [Android, iOS]

Features:
– Practice exams
– 1000+ Q&A updated frequently.
– 3+ Practice exams per Certification
– Scorecard / Scoreboard to track your progress
– Quizzes with score tracking, progress bar, countdown timer.
– Can only see scoreboard after completing the quiz.
– FAQs for most popular Cloud services
– Cheat Sheets
– Flashcards
– works offline

Note and disclaimer: We are not affiliated with AWS, Azure, Microsoft or Google. The questions are put together based on the certification study guide and materials available online. The questions in this app should help you pass the exam but it is not guaranteed. We are not responsible for any exam you did not pass.

Important: To succeed with the real exam, do not memorize the answers in this app. It is very important that you understand why a question is right or wrong and the concepts behind it by carefully reading the reference documents in the answers.

CyberSecurity 101 and Top 25 AWS Certified Security Specialty Questions and Answers Dumps

AWS Certified Security – Specialty Questions and Answers Dumps

Almost 4.57 billion people were active internet users as of July 2020, encompassing 59 percent of the global population.  94% of enterprises use cloud. 77% of organizations worldwide have at least one application running on the cloud. This results in an exponential growth of cyber attacks. Therefore, CyberSecurity is one  the biggest challenge to individuals and organizations worldwide:  158,727 cyber attacks per hour, 2,645 per minute and 44 every second of every day.  

In this blog, we cover the Top 25 AWS Certified Security Specialty Questions and Answers Dumps and all latest and relevant information about CyberSecurity including:

I- The AWS Certified Security – Specialty (SCS-C01) examination is intended for  individuals who perform a security role. This exam validates an examinee’s ability to effectively demonstrate knowledge about securing the AWS platform.

It validates an examinee’s ability to demonstrate:

2022 AWS Cloud Practitioner Exam Preparation

An understanding of specialized data classifications and AWS data protection mechanisms.

An understanding of data-encryption methods and AWS mechanisms to implement them.

An understanding of secure Internet protocols and AWS mechanisms to implement them.

A working knowledge of AWS security services and features of services to provide a secure production environment.

Competency gained from two or more years of production deployment experience using AWS security services and features.

The ability to make tradeoff decisions with regard to cost, security, and deployment complexity given a set of application requirements.

AWS Certified Security Specialty
AWS Certified Security Specialty

An understanding of security operations and risks.

Below are the Top 25 AWS Certified Security Specialty Questions and Answers Dumps including Notes, Hint and References:


Save 65% on select product(s) with promo code 65ZDS44X on Amazon.com

Question 1:  When requested through an STS API call, credentials are returned with what three components?

A)  Security Token, Access Key ID, Signed URL
B) Security Token, Access Key ID, Secret Access Key
C) Signed URL, Security Token, Username
D) Security Token, Secret Access Key, Personal Pin Code
 

ANSWER1:

B

Notes/Hint1:

Security Token, Access Key ID, Secret Access Key

Reference1: Security Token, Access Key ID, Secret Access Key

Get mobile friendly version of the quiz @ the App Store

Back to Top

Question 2: A company has AWS workloads in multiple geographical locations. A Developer has created an Amazon Aurora database in the us-west-1 Region. The database is encrypted using a customer-managed AWS KMS key. Now the Developer wants to create the same encrypted database in the us-east-1 Region. Which approach should the Developer take to accomplish this task?

A) Create a snapshot of the database in the us-west-1 Region. Copy the snapshot to the us-east-1 Region and specify a KMS key in the us-east-1 Region. Restore the database from the copied snapshot.
B) Create an unencrypted snapshot of the database in the us-west-1 Region. Copy the snapshot to the useast-1 Region. Restore the database from the copied snapshot and enable encryption using the KMS key from the us-east-1 Region
C) Disable encryption on the database. Create a snapshot of the database in the us-west-1 Region. Copy the snapshot to the us-east-1 Region. Restore the database from the copied snapshot.
D) In the us-east-1 Region, choose to restore the latest automated backup of the database from the us-west1 Region. Enable encryption using a KMS key in the us-east-1 Region
 

ANSWER2:

A

Notes/Hint2:

If a user copies an encrypted snapshot, the copy of the snapshot must also be encrypted. If a user copies an encrypted snapshot across Regions, users cannot use the same AWS KMS encryption key for the copy as used for the source snapshot, because KMS keys are Region specific. Instead, users must specify a KMS key that is valid in the destination Region

Reference2: copies an encrypted snapshot, KMS Keys are Region-specific

Get mobile friendly version of the quiz @ the App Store

Question 3: A corporate cloud security policy states that communication between the company’s VPC and KMS must travel entirely within the AWS network and not use public service endpoints. Which combination of the following actions MOST satisfies this requirement? (Select TWO.) 

A) Add the aws:sourceVpce condition to the AWS KMS key policy referencing the company’s VPC endpoint ID.
 
B) Remove the VPC internet gateway from the VPC and add a virtual private gateway to the VPC to prevent direct, public internet connectivity.
 
C) Create a VPC endpoint for AWS KMS with private DNS enabled.
 
D) Use the KMS Import Key feature to securely transfer the AWS KMS key over a VPN. E) Add the following condition to the AWS KMS key policy: “aws:SourceIp”: “10.0.0.0/16“.
 

ANSWER3:

A and C

Notes/Hint3: 

An IAM policy can deny access to AWS KMS except through your VPC endpoint with the following condition statement: 
“Condition”:  {
     “StringNotEquals”: { 
             “aws:sourceVpce”: “vpce-0295a3caf8414c94a” 
                 } 
}
 If you select the Enable Private DNS Name option, the standard AWS KMS DNS hostname resolves to your VPC endpoint.

Reference3: AWS KMS


Get mobile friendly version of the quiz @ the App Store

Question 4: An application team is designing a solution with two applications. The security team wants the applications’ logs to be captured in two different places, because one of the applications produces logs with sensitive data. Which solution meets the requirement with the LEAST risk and effort? 

A) Use Amazon CloudWatch Logs to capture all logs, write an AWS Lambda function that parses the log file, and move sensitive data to a different log.
 
B) Use Amazon CloudWatch Logs with two log groups, with one for each application, and use an AWS IAM policy to control access to the log groups, as required.
 
C) Aggregate logs into one file, then use Amazon CloudWatch Logs, and then design two CloudWatch metric filters to filter sensitive data from the logs.
 
 D) Add logic to the application that saves sensitive data logs on the Amazon EC2 instances’ local storage, and write a batch script that logs into the Amazon EC2 instances and moves sensitive logs to a secure location.
 

ANSWER4:

B

Notes/Hint4: 

Each application’s log can be configured to send the log to a specific Amazon CloudWatch Logs log group.

Reference4: Amazon CloudWatch Logs log group.

Get mobile friendly version of the quiz @ the App Store

Question 5: A security engineer must set up security group rules for a three-tier application: 

  • Presentation tier – Accessed by users over the web, protected by the security group presentation-sg
  • Logic tier – RESTful API accessed from the presentation tier through HTTPS, protected by the security group logic-sg
  • Data tier – SQL Server database accessed over port 1433 from the logic tier, protected by the security group data-sg
Which combination of the following security group rules will allow the application to be secure and functional? (Select THREE.)
 
A) presentation-sg: Allow ports 80 and 443 from 0.0.0.0/0
B) data-sg: Allow port 1433 from presentation-sg
C) data-sg: Allow port 1433 from logic-sg
D) presentation-sg: Allow port 1433 from data-sg
 E) logic-sg: Allow port 443 from presentation-sg
F) logic-sg: Allow port 443 from 0.0.0.0/0
 

ANSWER5:

A C and E

Notes/Hint5: 

In an n-tier architecture, each tier’s security group allows traffic from the security group sending it traffic only. The presentation tier opens traffic for HTTP and HTTPS from the internet. Since security groups are stateful, only inbound rules are required.

Reference5: n-tier architecture

Get mobile friendly version of the quiz @ the App Store

Question 6: A security engineer is working with a product team building a web application on AWS. The application uses Amazon S3 to host the static content, Amazon API Gateway to provide RESTful services, and Amazon DynamoDB as the backend data store. The users already exist in a directory that is exposed through a SAML identity provider. Which combination of the following actions should the engineer take to enable users to be authenticated into the web application and call APIs? (Select THREE). 

A) Create a custom authorization service using AWS Lambda.
 
B) Configure a SAML identity provider in Amazon Cognito to map attributes to the Amazon Cognito user pool attributes.
 
C) Configure the SAML identity provider to add the Amazon Cognito user pool as a relying party.
 
D) Configure an Amazon Cognito identity pool to integrate with social login providers.
 
E) Update DynamoDB to store the user email addresses and passwords.
 
F) Update API Gateway to use an Amazon Cognito user pool authorizer.

ANSWER6:

B, C and F

Notes/Hint6: 

When Amazon Cognito receives a SAML assertion, it needs to be able to map SAML attributes to user pool attributes. When configuring Amazon Cognito to receive SAML assertions from an identity provider, you need ensure that the identity provider is configured to have Amazon Cognito as a relying party. Amazon API Gateway will need to be able to understand the authorization being passed from Amazon Cognito, which is a configuration step.

Reference6: user pool attributes Amazon API Gateway 

Get mobile friendly version of the quiz @ the App Store

Question 7: A company is hosting a web application on AWS and is using an Amazon S3 bucket to store images. Users should have the ability to read objects in the bucket. A security engineer has written the following bucket policy to grant public read access:

Attempts to read an object, however, receive the error: “Action does not apply to any resource(s) in statement.” What should the engineer do to fix the error? 
 
A) Change the IAM permissions by applying PutBucketPolicy permissions.
 
B) Verify that the policy has the same name as the bucket name. If not, make it the same.
 
C) Change the resource section to “arn:aws:s3:::appbucket/*”.
 
D) Add an s3:ListBucket action.
 

ANSWER7:

C

Notes/Hint7: 

The resource section should match with the type of operation. Change the ARN to include /* at the end, as it is an object operation.

Reference7: IAM Policy – Access to S3 bucket

Get mobile friendly version of the quiz @ the App Store

Question 8: A company decides to place database hosts in its own VPC, and to set up VPC peering to different VPCs containing the application and web tiers. The application servers are unable to connect to the database. Which network troubleshooting steps should be taken to resolve the issue? (Select TWO.)

 A) Check to see if the application servers are in a private subnet or public subnet.
B) Check the route tables for the application server subnets for routes to the VPC peering connection.
C) Check the NACLs for the database subnets for rules that allow traffic from the internet.
D) Check the database security groups for rules that allow traffic from the application servers.
E) Check to see if the database VPC has an internet gateway.
 

ANSWER8:

B and D

Notes/Hint8: 

You must configure the route tables in each VPC to route to each other through the peering connection. You also must add rules to the security group for the databases to accept requests from the application server security group in the other VPC. 

Reference8: route tables ,  rules to the security groupsecurity group in the other VPC

Get mobile friendly version of the quiz @ the App Store

Question 9: A company is building a data lake on Amazon S3. The data consists of millions of small files containing sensitive information. The security team has the following requirements for the architecture: 

  • Data must be encrypted in transit. 
  • Data must be encrypted at rest. 
  • The bucket must be private, but if the bucket is accidentally made public, the data must remain confidential. 
Which combination of steps would meet the requirements? (Select TWO.) 
 
A) Enable AES-256 encryption using server-side encryption with Amazon S3-managed encryption keys (SSE-S3) on the S3 bucket.
 
B) Enable default encryption with server-side encryption with AWS KMS-managed keys (SSE-KMS) on the S3 bucket.
 
C) Add a bucket policy that includes a deny if a PutObject request does not include aws:SecureTransport.
 
D) Add a bucket policy with aws:SourceIp to allow uploads and downloads from the corporate intranet only.
 
E) Enable Amazon Macie to monitor and act on changes to the data lake’s S3 bucket.

ANSWER9:

B and C

Notes/Hint9: 

Bucket encryption using KMS will protect both in case disks are stolen as well as if the bucket is public. This is because the AWS KMS key would need to have privileges granted to it for users outside of AWS. HTTPS will protect data in transit.

Reference9: Bucket encryption using KMS, privileges granted data in transit

Get mobile friendly version of the quiz @ the App Store

Question 10: A security engineer must ensure that all API calls are collected across all company accounts, and that they are preserved online and are instantly available for analysis for 90 days. For compliance reasons, this data must be restorable for 7 years. Which steps must be taken to meet the retention needs in a scalable, cost-effective way? 

A) Enable AWS CloudTrail logging across all accounts to a centralized Amazon S3 bucket with versioning enabled. Set a lifecycle policy to move the data to Amazon Glacier daily, and expire the data after 90 days.
 
B) Enable AWS CloudTrail logging across all accounts to S3 buckets. Set a lifecycle policy to expire the data in each bucket after 7 years.
 
C) Enable AWS CloudTrail logging across all accounts to Amazon Glacier. Set a lifecycle policy to expire the data after 7 years.
 
D) Enable AWS CloudTrail logging across all accounts to a centralized Amazon S3 bucket. Set a lifecycle policy to move the data to Amazon Glacier after 90 days, and expire the data after 7 years.
 

ANSWER10:

D

Notes/Hint10: 

Meets all requirements and is cost effective by using lifecycle policies to transition to Amazon Glacier.

Reference10: lifecycle policies

Get mobile friendly version of the quiz @ the App Store

Question 11: A security engineer has been informed that a user’s access key has been found on GitHub. The engineer must ensure that this access key cannot continue to be used, and must assess whether the access key was used to perform any unauthorized activities. Which steps must be taken to perform these tasks? 

A) Review the user’s IAM permissions and delete any unrecognized or unauthorized resources.
B) Delete the user, review Amazon CloudWatch Logs in all regions, and report the abuse.
C) Delete or rotate the user’s key, review the AWS CloudTrail logs in all regions, and delete any unrecognized or unauthorized resources.
D) Instruct the user to remove the key from the GitHub submission, rotate keys, and re-deploy any instances that were launched.
 

ANSWER11:

C

Notes/Hint11: 

 Removes keys and audits the environment for malicious activities.

Reference11: malicious activities

Get mobile friendly version of the quiz @ the App Store

Question 12: You have a CloudFront distribution configured with the following path patterns: When users request objects that start with ‘static2/’, they are receiving 404 response codes. What might be the problem?

A) CloudFront distributions cannot have multiple different origin types

B) The ‘*’ path pattern must appear after the ‘static2/*’ path

C) CloudFront distributions cannot have origins in different AWS regions
 
D) The ‘*’ path pattern must appear before ‘static1/*’ path
        

ANSWER12:

C

Notes/Hint12: 

CloudFront distributions cannot have origins in different AWS regions

Reference12: CloudFront

Get mobile friendly version of the quiz @ the App Store

Question 13: An application running on EC2 instances processes sensitive information stored on Amazon S3. The information is accessed over the Internet. The security team is concerned that the Internet connectivity to Amazon S3 is a security risk. Which solution will resolve the security concern?

A) Access the data through an Internet Gateway.”,
B) Access the data through a VPN connection.”,
C) Access the data through a NAT Gateway.”,
D) Access the data through a VPC endpoint for Amazon S3″,
 

ANSWER13:

D

Notes/Hint13: 

VPC endpoints for Amazon S3 provide secure connections to S3 buckets that do not require a gateway or NAT instances. NAT Gateways and Internet Gateways still route traffic over the Internet to the public endpoint for Amazon S3. There is no way to connect to Amazon S3 via VPN.

Reference13: S3 VPC Endpoints

Get mobile friendly version of the quiz @ the App Store

Question 14: An organization is building an Amazon Redshift cluster in their shared services VPC. The cluster will host sensitive data. How can the organization control which networks can access the cluster?

A) Run the cluster in a different VPC and connect through VPC peering
B) Create a database user inside the Amazon Redshift cluster only for users on the network
 C) Define a cluster security group for the cluster that allows access from the allowed networks
  D) Only allow access to networks that connect with the shared services network via VPN
 

ANSWER14:

C

Notes/Hint14: 

A security group can grant access to traffic from the allowed networks via the CIDR range for each network. VPC peering and VPN are connectivity services and cannot control traffic for security. Amazon Redshift user accounts address authentication and authorization at the user level and have no control over network traffic

Reference14: AWS Security best practice

Get mobile friendly version of the quiz @ the App Store

Question 15: From a security perspective, what is a principal?

A) An identity
B) An anonymous user
C) An authenticated user
D) A resource
 

ANSWER15:

B and C

Notes/Hint15: 

An anonymous user falls under the definition of a principal. A principal can be an anonymous user acting on a system.  An authenticated user falls under the definition of a principal. A principal can be an authenticated user acting on a system

Reference15: IAM

Get mobile friendly version of the quiz @ the App Store

Question 16: A company is storing an access key (access key ID and secret access key) in a text file on a custom AMI. The company uses the access key to access DynamoDB tables from instances created from the AMI. The security team has mandated a more secure solution. Which solution will meet the security team’s mandate?

A) Put the access key in an S3 bucket, and retrieve the access key on boot from the instance.
B) Pass the access key to the instances through instance user data.
C) Obtain the access key from a key server launched in a private subnet
D) Create an IAM role with permissions to access the table, and launch all instances with the new role
 

ANSWER16:

D

Notes/Hint16: 

IAM roles for EC2 instances allow applications running on the instance to access AWS resources without having to create and store any access keys. Any solution involving the creation of an access key then introduces the complexity of managing that secret

Reference16: IAM Roles for EC2

Get mobile friendly version of the quiz @ the App Store

Question 17: While signing in REST/ Query requests, for additional security, you should transmit your requests using Secure Sockets Layer (SSL) by using ____.”,

A) HTTP
B) Internet Protocol Security(IPsec)
C) TLS (Transport Layer Security)
D) HTTPS
 

ANSWER17:

D

Notes/Hint17: 

REST/ Query requests should use HTTPS

Reference17: Rest API

Get mobile friendly version of the quiz @ the App Store

Question 18: You are using AWS Envelope Encryption for encrypting all sensitive data. Which of the followings is True with regards to Envelope Encryption?

A) Data is encrypted be encrypting Data key which is further encrypted using encrypted Master Key.
B) Data is encrypted by plaintext Data key which is further encrypted using encrypted Master Key.
C) Data is encrypted by encrypted Data key which is further encrypted using plaintext Master Key.
D) Data is encrypted by plaintext Data key which is further encrypted using plaintext Master Key.”,
 

ANSWER18:

D

Notes/Hint18:

With Envelope Encryption, unencrypted data is encrypted using plaintext Data key. This Data is further encrypted using plaintext Master key. This plaintext Master key is securely stored in AWS KMS & known as Customer Master Keys.

Reference18: KMS

Get mobile friendly version of the quiz @ the App Store

Question 19: Your company has developed a web application and is hosting it in an Amazon S3 bucket configured for static website hosting. The users can log in to this app using their Google/Facebook login accounts. The application is using the AWS SDK for JavaScript in the browser to access data stored in an Amazon DynamoDB table. How can you ensure that API keys for access to your data in DynamoDB are kept secure?

A) Create an Amazon S3 role in IAM with access to the specific DynamoDB tables, and assign it to the bucket hosting your website
B) Configure S3 bucket tags with your AWS access keys for your bucket hosting your website so that the application can query them for access.
C) Configure a web identity federation role within IAM to enable access to the correct DynamoDB resources and retrieve temporary credentials
D) Store AWS keys in global variables within your application and configure the application to use these credentials when making requests.
 

ANSWER2:

C

Notes/Hint19: 

With web identity federation, you don’t need to create custom sign-in code or manage your own user identities. Instead, users of your app can sign in using a well-known identity provider (IdP) —such as Login with Amazon, Facebook, Google, or any other OpenID Connect (OIDC)-compatible IdP, receive an authentication token, and then exchange that token for temporary security credentials in AWS that map to an IAM role with permissions to use the resources in your AWS account. Using an IdP helps you keep your AWS account secure, because you don’t have to embed and distribute long-term security credentials with your application. Option A is invalid since Roles cannot be assigned to S3 buckets Options B and D are invalid since the AWS Access keys should not be used

Reference19: About Web Identity Federation

Get mobile friendly version of the quiz @ the App Store

Question 20: Your application currently makes use of AWS Cognito for managing user identities. You want to analyze the information that is stored in AWS Cognito for your application. Which of the following features of AWS Cognito should you use for this purpose?

A) Cognito Data
B) Cognito Events
C) Cognito Streams
D) Cognito Callbacks
 

ANSWER20:

C

Notes/Hint20: 

Amazon Cognito Streams gives developers control and insight into their data stored in Amazon Cognito. Developers can now configure a Kinesis stream to receive events as data is updated and synchronized. Amazon Cognito can push each dataset change to a Kinesis stream you own in real time. All other options are invalid since you should use Cognito Streams

Reference20: Cognito Streams

Question 21: Which of the following statements is correct in relation to kMS / (Choose 2)
A) KMS Encryption keys are regional
B) You cannot export your customer master key
C) You can export your customer master key.
D) KMS encryption Keys are global”,
 

ANSWER21:

A and B

Notes/Hint21:

AWS Key Management Service FAQs: You cannot export your customer master key, KMS Encryption keys are regional

Reference21: AWS Key Management Service FAQs

Question 22: Which of the following statements are correct? (Choose 2)

A) The Customer Master Key is used to encrypt and decrypt the Envelope Key or Data Key
B) The Envelope Key or Data Key is used to encrypt and decrypt plain text files.
C) The envelope Key or Data Key is used to encrypt and decrypt the Customer Master Key.
D) The Customer MasterKey is used to encrypt and decrypt plain text files.
 

ANSWER22:

A and B

Notes/Hint22:

AWS Key Management Service Concepts: The Customer Master Key is used to encrypt and decrypt the Envelope Key or Data Key, The Envelope Key or Data Key is used to encrypt and decrypt plain text files.

Reference22: KMS

Question 23: Which of the following is an encrypted key used by KMS to encrypt your data
A) Customer Managed Key
 B) Encryption Key
C) Envelope Key
D) Customer Master Key
 

ANSWER23:

C

Notes/Hint23:

Your Data key also known as the Enveloppe key is encrypted using the master key. This approach is known as Envelope encryption. Envelope encryption is the practice of encrypting plaintext data with a data key, and then encrypting the data key under another key

Reference23: Envelope encryption

Question 24: Which command can you use to encrypt a plain text file using CMK?

A) aws kms-encrypt
B) aws iam encrypt
C) aws kms encrypt
D) aws encrypt
 

ANSWER24:

C

Notes/Hint24:

aws kms encrypt –key-id 1234abcd-12ab-34cd-56ef-1234567890ab —plaintext fileb://ExamplePlaintextFile –output text –query CiphertextBlob > C:\\Temp\\ExampleEncryptedFile.base64

Reference24: AWS CLI Encrypt

Question 25: If an EC2 instance uses an instance role, key rotation is automatic and handled by __.

A) A script containing a valid IAM username and password stored on the EC2 instance.
B) ssh-keygen on the EC2 instance
C) The EC2 service
D) IAM/STS
 

ANSWER25:

D

Notes/Hint25:

Instance role key rotation is handled by IAM/STS.

Reference25: IAM/STS

Get mobile friendly version of the quiz @ the App Store

Back to Top

II- SOURCES:

0- Djamga Cloud Security Playlist on Youtube:

1- Developer Certified Exam Prep Pro App

2- Prepare for Your AWS Certification Exam

Back to Top

CYBERSECURITY KEY TERMS

1- Security Key Terms:

    • Cryptography:  Practice and study of techniques for secure communication in the presence of third parties called adversaries.
    • Hacking: catch-all term for any type of misuse of a computer to break the security of another computing system to steal data, corrupt systems or files, commandeer the environment or disrupt data-related activities in any way.
    • Cyberwarfare: Uuse of technology to attack a nation, causing comparable harm to actual warfare. There is significant debate among experts regarding the definition of cyberwarfare, and even if such a thing exists
    • Penetration testing: Colloquially known as a pen test, pentest or ethical hacking, is an authorized simulated cyberattack on a computer system, performed to evaluate the security of the system. Not to be confused with a vulnerability assessment.
      • Malwares: Any software intentionally designed to cause damage to a computer, server, client, or computer network. A wide variety of malware types exist, including computer viruses, worms, Trojan horses, ransomware, spyware, adware, rogue software, and scareware. 
    • Malware Analysis Tool: Any .Run Malware hunting with live access to the heart of an incident https://any.run/Malware Analysis Total:  VirusTotal – Analyze suspicious files and URLs to detect types of malware, automatically share them with the security community https://www.virustotal.com/gui/
    • VPN: A virtual private network (VPN) extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Applications running across a VPN may therefore benefit from the functionality, security, and management of the private network. Encryption is a common, although not an inherent, part of a VPN connection.
    • Antivirus: Antivirus software, or anti-virus software (abbreviated to AV software), also known as anti-malware, is a computer program used to prevent, detect, and remove malware.
    • DDos: A distributed denial-of-service (DDoS) attack is one of the most powerful weapons on the internet. When you hear about a website being “brought down by hackers,” it generally means it has become a victim of a DDoS attack.
    • Fraud Detection: Set of activities undertaken to prevent money or property from being obtained through false pretenses. Fraud detection is applied to many industries such as banking or insurance. In banking, fraud may include forging checks or using stolen credit cards.
    • Spywares: Spyware describes software with malicious behavior that aims to gather information about a person or organization and send such information to another entity in a way that harms the user; for example by violating their privacy or endangering their device’s security.
    • Spoofing: Disguising a communication from an unknown source as being from a known, trusted source
    • Pharming: Malicious websites that look legitimate and are used to gather usernames and passwords.
    • Catfishing: Creating a fake profile for fraudulent or deceptive purposes
    • SSL: Stands for secure sockets layer. Protocol for web browsers and servers that allows for the authentication, encryption and decryption of data sent over the Internet.
    • Phishing emails: Disguised as trustworthy entity to lure someone into providing sensitive information
    • Intrusion detection System: Device or software application that monitors a network or systems for malicious activity or policy violations. Any intrusion activity or violation is typically reported either to an administrator or collected centrally using a security information and event management system.
    • Encryption: Encryption is the method by which information is converted into secret code that hides the information’s true meaning. The science of encrypting and decrypting information is called cryptography. In computing, unencrypted data is also known as plaintext, and encrypted data is called ciphertext.
    • MFA: Multi-factor authentication (MFA) is defined as a security mechanism that requires an individual to provide two or more credentials in order to authenticate their identity. In IT, these credentials take the form of passwords, hardware tokens, numerical codes, biometrics, time, and location.
    • Vulnerabilities:vulnerability is a hole or a weakness in the application, which can be a design flaw or an implementation bug, that allows an attacker to cause harm to the stakeholders of an application. Stakeholders include the application owner, application users, and other entities that rely on the application.
    • SQL injections: SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution.
    • Cyber attacks: In computers and computer networks an attack is any attempt to expose, alter, disable, destroy, steal or gain unauthorized access to or make unauthorized use of an asset.
    • Confidentiality: Confidentiality involves a set of rules or a promise usually executed through confidentiality agreements that limits access or places restrictions on certain types of information.
    • Secure channel: In cryptography, a secure channel is a way of transferring data that is resistant to overhearing and tampering. A confidential channel is a way of transferring data that is resistant to overhearing, but not necessarily resistant to tampering.
    • Tunneling: Communications protocol that allows for the movement of data from one network to another. It involves allowing private network communications to be sent across a public network through a process called encapsulation.
    • SSH: Secure Shell is a cryptographic network protocol for operating network services securely over an unsecured network. Typical applications include remote command-line, login, and remote command execution, but any network service can be secured with SSH.
    • SSL Certificates: SSL certificates are what enable websites to move from HTTP to HTTPS, which is more secure. An SSL certificate is a data file hosted in a website’s origin server. SSL certificates make SSL/TLS encryption possible, and they contain the website’s public key and the website’s identity, along with related information.
    • Phishing: Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.
    • Cybercrime: Cybercrime, or computer-oriented crime, is a crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target. Cybercrime may threaten a person, company or a nation’s security and financial health.
    • Backdoor: A backdoor is a means to access a computer system or encrypted data that bypasses the system’s customary security mechanisms. A developer may create a backdoor so that an application or operating system can be accessed for troubleshooting or other purposes.
    • Salt and Hash: A cryptographic salt is made up of random bits added to each password instance before its hashing. Salts create unique passwords even in the instance of two users choosing the same passwords. Salts help us mitigate rainbow table attacks by forcing attackers to re-compute them using the salts.
    • Password: A password, sometimes called a passcode,[1] is a memorized secret, typically a string of characters, usually used to confirm the identity of a user.[2] Using the terminology of the NIST Digital Identity Guidelines,[3] the secret is memorized by a party called the claimant while the party verifying the identity of the claimant is called the verifier. When the claimant successfully demonstrates knowledge of the password to the verifier through an established authentication protocol,[4] the verifier is able to infer the claimant’s identity.
    • Fingerprint: fingerprint is an impression left by the friction ridges of a human finger. The recovery of partial fingerprints from a crime scene is an important method of forensic science. Moisture and grease on a finger result in fingerprints on surfaces such as glass or metal.
    • Facial recognition: Facial recognition works better for a person as compared to fingerprint detection. It releases the person from the hassle of moving their thumb or index finger to a particular place on their mobile phone. A user would just have to bring their phone in level with their eye.
    • Asymmetric key ciphers versus symmetric key ciphers (Difference between symmetric and  Asymmetric encryption): The basic difference between these two types of encryption is that symmetric encryption uses one key for both encryption and decryption, and the asymmetric encryption uses public key for encryption and a private key for decryption.
    • Decryption: The conversion of encrypted data into its original form is called Decryption. It is generally a reverse process of encryption. It decodes the encrypted information so that an authorized user can only decrypt the data because decryption requires a secret key or password.
    • Algorithms: Finite sequence of well-defined, computer-implementable instructions, typically to solve a class of problems or to perform a computation.
    • DFIR: Digital forensic and incident response: Multidisciplinary profession that focuses on identifying, investigating, and remediating computer network exploitation. This can take varied forms and involves a wide variety of skills, kinds of attackers, an kinds of targets. We’ll discuss those more below.
      • OTP: One Time Password: A one-time password, also known as one-time PIN or dynamic password, is a password that is valid for only one login session or transaction, on a computer system or other digital device
    • Proxy Server and Reverse Proxy Server:A proxy server is a go‑between or intermediary server that forwards requests for content from multiple clients to different servers across the Internet. A reverse proxy server is a type of proxy server that typically sits behind the firewall in a private network and directs client requests to the appropriate backend server.

LATEST CYBER SECURITY NEWS

Cybersecurity Certification

cybersecurity certification roadmap
cybersecurity certification roadmap

WireShark Cheat Sheet

Wireshark Cheat Sheet
Wireshark Cheat Sheet

HACKING TOOLS CHEAT SHEET

hacking Cheat Sheet
hacking Cheat Sheet

Top CyberSecurity All Time Posts

Show All Around Defender Primers

Show Offensive * Exploit Database

Offensive * Exploit Database – The Exploit Database is maintained by Offensive Security, an information security training company that provides various Information Security Certifications as well as high end penetration testing services. https://www.exploit-db.com/

CYBERSECURITY NEWS

  • Krebs On Security In depth security news and investigation https://krebsonsecurity.com/
  • Dark Reading Cyber security’s comprehensive news site is now an online community for security professionals. https://www.darkreading.com/
  • The Hacker News – The Hacker News (THN) is a leading, trusted, widely-acknowledged dedicated cybersecurity news platform, attracting over 8 million monthly readers including IT professionals, researchers, hackers, technologists, and enthusiasts. https://thehackernews.com
  • SecuriTeam – A free and independent source of vulnerability information. https://securiteam.com/
  • SANS NewsBites – “A semiweekly high-level executive summary of the most important news articles that have been published on computer security during the last week. Each news item is very briefly summarized and includes a reference on the web for detailed information, if possible.” Published for free on Tuesdays and Fridays. https://www.sans.org/newsletters/newsbites

CYBERSECURITY YOUTUBE CHANNELS

YouTube Channels

This list was originally forked/curated from here: https://wportal.xyz/collection/cybersec-yt1 on (7/29/2020) Attribution and appreciation to d4rckh

CYBERSECURITY PODCASTS:

Podcasts

  • Risky Business Published weekly, the Risky Business podcast features news and in-depth commentary from security industry luminaries. Hosted by award-winning journalist Patrick Gray, Risky Business has become a must-listen digest for information security professionals. https://risky.biz/
  • Pauls Security Weekly This show features interviews with folks in the security community; technical segments, which are just that, very technical; and security news, which is an open discussion forum for the hosts to express their opinions about the latest security headlines, breaches, new exploits and vulnerabilities, “not” politics, “cyber” policies and more. https://securityweekly.com/category-shows/paul-security-weekly/
  • Security Now – Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of Spinrite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. https://twit.tv/shows/security-now
  • Daily Information Security Podcast (“StormCast”) Stormcasts are daily 5-10 minute information security threat updates. The podcast is produced each work day, and typically released late in the day to be ready for your morning commute. https://isc.sans.edu/podcast.html
  • ShadowTalk Threat Intelligence Podcast by Digital Shadow_. The weekly podcast highlights key findings of primary-source research our Intelligence Team is conducting, along with guest speakers discussing the latest threat actors, campaigns, security events and industry news. https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk
  • Don’t Panic – The Unit 42 Podcast Don’t Panic! is the official podcast from Unit 42 at Palo Alto Networks. We find the big issues that are frustrating cyber security practitioners and help simplify them so they don’t need to panic. https://unit42.libsyn.com/
  • Recorded Future Recorded Future takes you inside the world of cyber threat intelligence. We’re sharing stories from the trenches and the operations floor as well as giving you the skinny on established and emerging adversaries. We also talk current events, technical tradecraft, and offer up insights on the big picture issues in our industry. https://www.recordedfuture.com/resources/podcast/
  • The Cybrary Podcast Listen in to the Cybrary Podcast where we discuss a range topics from DevSecOps and Ransomware attacks to diversity and how to retain of talent. Entrepreneurs at all stages of their startup companies join us to share their stories and experience, including how to get funding, hiring the best talent, driving sales, and choosing where to base your business. https://www.cybrary.it/info/cybrary-podcast/
  • Cyber Life The Cyber Life podcast is for cyber security (InfoSec) professionals, people trying to break into the industry, or business owners looking to learn how to secure their data. We will talk about many things, like how to get jobs, cover breakdowns of hot topics, and have special guest interviews with the men and women “in the trenches” of the industry. https://redcircle.com/shows/cyber-life
  • Career Notes Cybersecurity professionals share their personal career journeys and offer tips and advice in this brief, weekly podcast from The CyberWire. https://www.thecyberwire.com/podcasts/career-notes

Below podcasts Added from here: https://infosec-conferences.com/cybersecurity-podcasts/

  • Down the Security Rabbithole http://podcast.wh1t3rabbit.net/ Down the Security Rabbithole is hosted by Rafal Los and James Jardine who discuss, by means of interviewing or news analysis, everything about Cybersecurity which includes Cybercrime, Cyber Law, Cyber Risk, Enterprise Risk & Security and many more. If you want to hear issues that are relevant to your organization, subscribe and tune-in to this podcast.
  • The Privacy, Security, & OSINT Show https://podcasts.apple.com/us/podcast/the-privacy-security-osint-show/id1165843330 The Privacy, Security, & OSINT Show, hosted by Michael Bazzell, is your weekly dose of digital security, privacy, and Open Source Intelligence (OSINT) opinion and news. This podcast will help listeners learn some ideas on how to stay secure from cyber-attacks and help them become “digitally invisible”.
  • Defensive Security Podcast https://defensivesecurity.org/ Hosted by Andrew Kalat (@lerg) and Jerry Bell (@maliciouslink), the Defensive Security Podcasts aims to look/discuss the latest security news happening around the world and pick out the lessons that can be applied to keeping organizations secured. As of today, they have more than 200 episodes and some of the topics discussed include Forensics, Penetration Testing, Incident Response, Malware Analysis, Vulnerabilities and many more.
  • Darknet Diaries https://darknetdiaries.com/episode/ Darknet Diaries Podcast is hosted and produced by Jack Rhysider that discuss topics related to information security. It also features some true stories from hackers who attacked or have been attacked. If you’re a fan of the show, you might consider buying some of their souvenirs here (https://shop.darknetdiaries.com/).
  • Brakeing Down Security https://www.brakeingsecurity.com/ Brakeing Down Security started in 2014 and is hosted by Bryan Brake, Brian Boettcher, and Amanda Berlin. This podcast discusses everything about the Cybersecurity world, Compliance, Privacy, and Regulatory issues that arise in today’s organizations. The hosts will teach concepts that Information Security Professionals need to know and discuss topics that will refresh the memories of seasoned veterans.
  • Open Source Security Podcast https://www.opensourcesecuritypodcast.com/ Open Source Security Podcast is a podcast that discusses security with an open-source slant. The show started in 2016 and is hosted by Josh Bressers and Kurt Siefried. As of this writing, they now posted around 190+ podcasts
  • Cyber Motherboard https://podcasts.apple.com/us/podcast/cyber/id1441708044 Ben Makuch is the host of the podcast CYBER and weekly talks to Motherboard reporters Lorenzo Franceschi-Bicchierai and Joseph Cox. They tackle topics about famous hackers and researchers about the biggest news in cybersecurity. The Cyber- stuff gets complicated really fast, but Motherboard spends its time fixed in the infosec world so we don’t have to.
  • Hak5 https://shop.hak5.org/pages/videos Hak5 is a brand that is created by a group of security professionals, hardcore gamers and “IT ninjas”. Their podcast, which is mostly uploaded on YouTube discusses everything from open-source software to penetration testing and network infrastructure. Their channel currently has 590,000 subscribers and is one of the most viewed shows when you want to learn something about security networks.
  • Threatpost Podcast Series https://threatpost.com/category/podcasts/ Threatpost is an independent news site which is a leading source of information about IT and business security for hundreds of thousands of professionals worldwide. With an award-winning editorial team produces unique and high-impact content including security news, videos, feature reports and more, with their global editorial activities are driven by industry-leading journalist Tom Spring, editor-in-chief.
  • CISO-Security Vendor Relationship Podcast https://cisoseries.com Co-hosted by the creator of the CISO/Security Vendor Relationship Series, David Spark, and Mike Johnson, in 30 minutes, this weekly program challenges the co-hosts, guests, and listeners to critique, share true stories. This podcast, The CISO/Security Vendor Relationship, targets to enlighten and educate listeners on improving security buyer and seller relationships.
  • Getting Into Infosec Podcast Stories of how Infosec and Cybersecurity pros got jobs in the field so you can be inspired, motivated, and educated on your journey. – https://gettingintoinfosec.com/
  • Unsupervised Learning Weekly podcasts and biweekly newsletters as a curated summary intersection of security, technology, and humans, or a standalone idea to provoke thought, by Daniel Miessler. https://danielmiessler.com/podcast/

SECURITY BOOKS:

CYBERSECURITY TRAINING:

Training

  • WebSecurity Academy Free online web security training from the creators of Burp Suite https://portswigger.net/web-security
  • Mosse Cyber Security Institute Introduction to cybersecurity free certification with 100+ hours of training, no expiry/renewals, https://www.mosse-institute.com/certifications/mics-introduction-to-cyber-security.html
  • BugCrowd University Free bug hunting resources and methodologies in form of webinars, education and training. https://www.bugcrowd.com/hackers/bugcrowd-university/
  • Certified Network Security Specialist Certification and training; Expires Aug 31 2020 Use coupon code #StaySafeHome during checkout to claim your free access. Offer is valid till 31/08/2020. £500.00 Value https://www.icsi.co.uk/courses/icsi-cnss-certified-network-security-specialist-covid-19
  • Metasploit Unleashed Most complete and in-depth Metasploit guide available, with contributions from the authors of the No Starch Press Metasploit Book. https://www.offensive-security.com/metasploit-unleashed/
  • AWS Cloud Certified Get skills in AWS to be more marketable. Training is quality and free. https://www.youtube.com/watch?v=3hLmDS179YE Have to create an AWS account, Exam is $100.
  • SANS Faculty Free Tools List of OSS developed by SANS staff. https://www.sans.org/media/free/free-faculty-tools.pdf?msc=sans-free-lp
  • “Using ATT&CK for Cyber Threat Intelligence Training” – 4 hour training The goal of this training is for students to understand the following: at: https://attack.mitre.org/resources/training/cti/
  • Coursera -“Coursera Together: Free online learning during COVID-19” Lots of different types of free training. https://blog.coursera.org/coursera-together-free-online-learning-during-covid-19/
  • Fortinet Security Appliance Training Free access to the FortiGate Essentials Training Course and Network Security Expert courses 1 and 2 https://www.fortinet.com/training/cybersecurity-professionals.html
  • Chief Information Security Officer (CISO) Workshop Training – The Chief Information Security Office (CISO) workshop contains a collection of security learnings, principles, and recommendations for modernizing security in your organization. This training workshop is a combination of experiences from Microsoft security teams and learnings from customers. – https://docs.microsoft.com/en-us/security/ciso-workshop/ciso-workshop
  • CLARK Center Plan C – Free cybersecurity curriculum that is primarily video-based or provide online assignments that can be easily integrated into a virtual learning environments https://clark.center/home
  • Hack.me is a FREE, community based project powered by eLearnSecurity. The community can build, host and share vulnerable web application code for educational and research purposes. It aims to be the largest collection of “runnable” vulnerable web applications, code samples and CMS’s online. The platform is available without any restriction to any party interested in Web Application Security. https://hack.me/
  • Hacker101 – Free classes for web security – https://www.hacker101.com/
  • ElasticStack – Free on-demand Elastic Stack, observability, and security courses. https://training.elastic.co/learn-from-home
  • Hoppers Roppers – Community built around a series of free courses that provide training to beginners in the security field. https://www.hoppersroppers.org/training.html
  • IBM Security Learning Academy Free technical training for IBM Security products. https://www.securitylearningacademy.com/
  • M.E. Kabay Free industry courses and course materials for students, teachers and others are welcome to use for free courses and lectures. http://www.mekabay.com/courses/index.htm
  • Open P-TECH Free digital learning on the tech skills of tomorrow. https://www.ptech.org/open-p-tech/
  • Udemy – Online learning course platform “collection from the free courses in our learning marketplace” https://www.udemy.com/courses/free/
  • Enroll Now Free: PCAP Programming Essentials in Python https://www.netacad.com/courses/programming/pcap-programming-essentials-python Python is the very versatile, object-oriented programming language used by startups and tech giants, Google, Facebook, Dropbox and IBM. Python is also recommended for aspiring young developers who are interested in pursuing careers in Security, Networking and Internet-of-Things. Once you complete this course, you are ready to take the PCAP – Certified Associate in Python programming. No prior knowledge of programming is required.
  • Packt Web Development Course Web Development Get to grips with the fundamentals of the modern web Unlock one year of free online access. https://courses.packtpub.com/pages/free?fbclid=IwAR1FtKQcYK8ycCmBMXaBGvW_7SgPVDMKMaRVwXYcSbiwvMfp75gazxRZlzY
  • Stanford University Webinar – Hacked! Security Lessons from Big Name Breaches 50 minute cyber lecture from Stanford.You Will Learn: — The root cause of key breaches and how to prevent them; How to measure your organization’s external security posture; How the attacker lifecycle should influence the way you allocate resources https://www.youtube.com/watch?v=V9agUAz0DwI
  • Stanford University Webinar – Hash, Hack, Code: Emerging Trends in Cyber Security Join Professor Dan Boneh as he shares new approaches to these emerging trends and dives deeper into how you can protect networks and prevent harmful viruses and threats. 50 minute cyber lecture from Stanford. https://www.youtube.com/watch?v=544rhbcDtc8
  • Kill Chain: The Cyber War on America’s Elections (Documentary) (Referenced at GRIMMCON), In advance of the 2020 Presidential Election, Kill Chain: The Cyber War on America’s Elections takes a deep dive into the weaknesses of today’s election technology, an issue that is little understood by the public or even lawmakers. https://www.hbo.com/documentaries/kill-chain-the-cyber-war-on-americas-elections
  • Intro to Cybersecurity Course (15 hours) Learn how to protect your personal data and privacy online and in social media, and why more and more IT jobs require cybersecurity awareness and understanding. Receive a certificate of completion. https://www.netacad.com/portal/web/self-enroll/c/course-1003729
  • Cybersecurity Essentials (30 hours) Foundational knowledge and essential skills for all cybersecurity domains, including info security, systems sec, network sec, ethics and laws, and defense and mitigation techniques used in protecting businesses. https://www.netacad.com/portal/web/self-enroll/c/course-1003733
  • Pluralsight and Microsoft Partnership to help you become an expert in Azure. With skill assessments and over 200+ courses, 40+ Skill IQs and 8 Role IQs, you can focus your time on understanding your strengths and skill gaps and learn Azure as quickly as possible.https://www.pluralsight.com/partners/microsoft/azure
  • Blackhat Webcast Series Monthly webcast of varying cyber topics. I will post specific ones in the training section below sometimes, but this is worth bookmarking and checking back. They always have top tier speakers on relevant, current topics. https://www.blackhat.com/html/webcast/webcast-home.html
  • Federal Virtual Training Environment – US Govt sponsored free courses. There are 6 available, no login required. They are 101 Coding for the Public, 101 Critical Infrastructure Protection for the Public, Cryptocurrency for Law Enforcement for the Public, Cyber Supply Chain Risk Management for the Public, 101 Reverse Engineering for the Public, Fundamentals of Cyber Risk Management. https://fedvte.usalearning.gov/public_fedvte.php
  • Harrisburg University CyberSecurity Collection of 18 curated talks. Scroll down to CYBER SECURITY section. You will see there are 4 categories Resource Sharing, Tools & Techniques, Red Team (Offensive Security) and Blue Teaming (Defensive Security). Lot of content in here; something for everyone. https://professionaled.harrisburgu.edu/online-content/
  • OnRamp 101-Level ICS Security Workshop Starts this 4/28. 10 videos, Q&A / discussion, bonus audio, great links. Get up to speed fast on ICS security. It runs for 5 weeks. 2 videos per week. Then we keep it open for another 3 weeks for 8 in total. https://onramp-3.s4xevents.com
  • HackXOR WebApp CTF Hackxor is a realistic web application hacking game, designed to help players of all abilities develop their skills. All the missions are based on real vulnerabilities I’ve personally found while doing pentests, bug bounty hunting, and research. https://hackxor.net/
  • Suricata Training 5-part training module using a simulation as a backdrop to teach how to use Suricata. https://rangeforce.com/resource/suricata-challenge-reg/
  • flAWS System Through a series of levels you’ll learn about common mistakes and gotchas when using Amazon Web Services (AWS). Multiple levels, “Buckets” of fun. http://flaws.cloud/
  • Stanford CS 253 Web Security A free course from Stanford providing a comprehensive overview of web security. The course begins with an introduction to the fundamentals of web security and proceeds to discuss the most common methods for web attacks and their countermeasures. The course includes video lectures, slides, and links to online reading assignments. https://web.stanford.edu/class/cs253
  • Linux Journey A free, handy guide for learning Linux. Coverage begins with the fundamentals of command line navigation and basic text manipulation. It then extends to more advanced topics, such as file systems and networking. The site is well organized and includes many examples along with code snippets. Exercises and quizzes are provided as well. https://linuxjourney.com
  • Ryan’s Tutorials A collection of free, introductory tutorials on several technology topics including: Linux command line, Bash scripting, creating and styling webpages with HTML and CSS, counting and converting between different number systems, and writing regular expressions. https://ryanstutorials.net
  • The Ultimate List of SANS Cheat Sheets Massive collection of free cybersecurity cheat sheets for quick reference (login with free SANS account required for some penetration testing resources). https://www.sans.org/blog/the-ultimate-list-of-sans-cheat-sheets/
  • CYBER INTELLIGENCE ANALYTICS AND OPERATIONS Learn:The ins and outs of all stages of the intelligence cycle from collection to analysis from seasoned intel professionals. How to employ threat intelligence to conduct comprehensive defense strategies to mitigate potential compromise. How to use TI to respond to and minimize impact of cyber incidents. How to generate comprehensive and actionable reports to communicate gaps in defenses and intelligence findings to decision makers. https://www.shadowscape.io/cyber-intelligence-analytics-operat
  • Linux Command Line for Beginners 25 hours of training – In this course, you’ll learn from one of Fullstack’s top instructors, Corey Greenwald, as he guides you through learning the basics of the command line through short, digestible video lectures. Then you’ll use Fullstack’s CyberLab platform to hone your new technical skills while working through a Capture the Flag game, a special kind of cybersecurity game designed to challenge participants to solve computer security problems by solving puzzles. Finally, through a list of carefully curated resources through a series of curated resources, we’ll introduce you to some important cybersecurity topics so that you can understand some of the common language, concepts and tools used in the industry. https://prep.fullstackacademy.com/
  • Hacking 101 6 hours of free training – First, you’ll take a tour of the world and watch videos of hackers in action across various platforms (including computers, smartphones, and the power grid). You may be shocked to learn what techniques the good guys are using to fight the bad guys (and which side is winning). Then you’ll learn what it’s like to work in this world, as we show you the different career paths open to you and the (significant) income you could make as a cybersecurity professional. https://cyber.fullstackacademy.com/prepare/hacking-101
  • Choose Your Own Cyber Adventure Series: Entry Level Cyber Jobs Explained YouTube Playlist (videos from my channel #simplyCyber) This playlist is a collection of various roles within the information security field, mostly entry level, so folks can understand what different opportunities are out there. https://www.youtube.com/playlist?list=PL4Q-ttyNIRAqog96mt8C8lKWzTjW6f38F
  • NETINSTRUCT.COM Free Cybersecurity, IT and Leadership Courses – Includes OS and networking basics. Critical to any Cyber job. https://netinstruct.com/courses
  • HackerSploit – HackerSploit is the leading provider of free and open-source Infosec and cybersecurity training. https://hackersploit.org/
  • Resources for getting started (Free and Paid)Practice
    • DetectionLab (Free)
    • LetsDefend.io (Free/Paid)
    • DetectionLabELK (Free)

    Log Analysis

    Network Monitoring

    Linux Distributions

    Memory Analysis Tools

    Professional Training

    • FOR578: Cyber Threat Intelligence (Paid)
    • SEC511: Continuous Monitoring & Security Operations (Paid)
    • SEC445: SIEM Design & Implementation (Paid)
    • AEGIS Certification (Paid)

    Conferences

CYBERSECURITY COURSES: (Multi-week w/Enrollment)

College Courses

  • Computer Science courses with video lectures Intent of this list is to act as Online bookmarks/lookup table for freely available online video courses. Focus would be to keep the list concise so that it is easy to browse. It would be easier to skim through 15 page list, find the course and start learning than having to read 60 pages of text. If you are student or from non-CS background, please try few courses to decide for yourself as to which course suits your learning curve best. https://github.com/Developer-Y/cs-video-courses?utm_campaign=meetedgar&utm_medium=social&utm_source=meetedgar.com
  • Cryptography I -offered by Stanford University – Rolling enrollment – Cryptography is an indispensable tool for protecting information in computer systems. In this course you will learn the inner workings of cryptographic systems and how to correctly use them in real-world applications. The course begins with a detailed discussion of how two parties who have a shared secret key can communicate securely when a powerful adversary eavesdrops and tampers with traffic. We will examine many deployed protocols and analyze mistakes in existing systems. The second half of the course discusses public-key techniques that let two parties generate a shared secret key. https://www.coursera.org/learn/crypto
  • Software Security Rolling enrollment -offered by University of Maryland, College Park via Coursera – This course we will explore the foundations of software security. We will consider important software vulnerabilities and attacks that exploit them — such as buffer overflows, SQL injection, and session hijacking — and we will consider defenses that prevent or mitigate these attacks, including advanced testing and program analysis techniques. Importantly, we take a “build security in” mentality, considering techniques at each phase of the development cycle that can be used to strengthen the security of software systems. https://www.coursera.org/learn/software-security
  • Intro to Information Security Georgia Institute of Technology via Udacity – Rolling Enrollment. This course provides a one-semester overview of information security. It is designed to help students with prior computer and programming knowledge — both undergraduate and graduate — understand this important priority in society today. Offered at Georgia Tech as CS 6035 https://www.udacity.com/course/intro-to-information-security–ud459
  • Cyber-Physical Systems Security Georgia Institute of Technology via Udacity – This course provides an introduction to security issues relating to various cyber-physical systems including industrial control systems and those considered critical infrastructure systems. 16 week course – Offered at Georgia Tech as CS 8803 https://www.udacity.com/course/cyber-physical-systems-security–ud279
  • Finding Your Cybersecurity Career Path – University of Washington via edX – 4 weeks long – self paced – In this course, you will focus on the pathways to cybersecurity career success. You will determine your own incoming skills, talent, and deep interests to apply toward a meaningful and informed exploration of 32 Digital Pathways of Cybersecurity. https://www.edx.org/course/finding-your-cybersecurity-career-path
  • Building a Cybersecurity Toolkit – University of Washington via edX – 4 weeks self-paced The purpose of this course is to give learners insight into these type of characteristics and skills needed for cybersecurity jobs and to provide a realistic outlook on what they really need to add to their “toolkits” – a set of skills that is constantly evolving, not all technical, but fundamentally rooted in problem-solving. https://www.edx.org/course/building-a-cybersecurity-toolkit
  • Cybersecurity: The CISO’s View – University of Washington via edX – 4 weeks long self-paced – This course delves into the role that the CISO plays in cybersecurity operations. Throughout the lessons, learners will explore answers to the following questions: How does cybersecurity work across industries? What is the professionals’ point of view? How do we keep information secure https://www.edx.org/course/cybersecurity-the-cisos-view
  • Introduction to Cybersecurity – University of Washington via edX – In this course, you will gain an overview of the cybersecurity landscape as well as national (USA) and international perspectives on the field. We will cover the legal environment that impacts cybersecurity as well as predominant threat actors. – https://www.edx.org/course/introduction-to-cybersecurity
  • Cyber Attack Countermeasures New York University (NYU) via Coursera – This course introduces the basics of cyber defense starting with foundational models such as Bell-LaPadula and information flow frameworks. These underlying policy enforcements mechanisms help introduce basic functional protections, starting with authentication methods. Learners will be introduced to a series of different authentication solutions and protocols, including RSA SecureID and Kerberos, in the context of a canonical schema. – https://www.coursera.org/learn/cyber-attack-countermeasures
  • Introduction to Cyber Attacks New York University (NYU) via Coursera – This course provides learners with a baseline understanding of common cyber security threats, vulnerabilities, and risks. An overview of how basic cyber attacks are constructed and applied to real systems is also included. Examples include simple Unix kernel hacks, Internet worms, and Trojan horses in software utilities. Network attacks such as distributed denial of service (DDOS) and botnet- attacks are also described and illustrated using real examples from the past couple of decades. https://www.coursera.org/learn/intro-cyber-attacks
  • Enterprise and Infrastructure Security New York University (NYU) via Coursera – This course introduces a series of advanced and current topics in cyber security, many of which are especially relevant in modern enterprise and infrastructure settings. The basics of enterprise compliance frameworks are provided with introduction to NIST and PCI. Hybrid cloud architectures are shown to provide an opportunity to fix many of the security weaknesses in modern perimeter local area networks. https://www.coursera.org/learn/enterprise-infrastructure-security
  • Network Security Georgia Institute of Technology via Udacity – This course provides an introduction to computer and network security. Students successfully completing this class will be able to evaluate works in academic and commercial security, and will have rudimentary skills in security research. The course begins with a tutorial of the basic elements of cryptography, cryptanalysis, and systems security, and continues by covering a number of seminal papers and monographs in a wide range of security areas. – https://www.udacity.com/course/network-security–ud199
  • Real-Time Cyber Threat Detection and Mitigation – New York University (NYU) via Coursera This course introduces real-time cyber security techniques and methods in the context of the TCP/IP protocol suites. Explanation of some basic TCP/IP security hacks is used to introduce the need for network security solutions such as stateless and stateful firewalls. Learners will be introduced to the techniques used to design and configure firewall solutions such as packet filters and proxies to protect enterprise assets. https://www.coursera.org/learn/real-time-cyber-threat-detection

CYBERSECURITY JOBS:

 CYBERSECURITY Cheat sheets

SANS Massive List of Cheat Sheets Curated from here: https://www.sans.org/blog/the-ultimate-list-of-sans-cheat-sheets/

General IT Security * Windows and Linux Terminals & Command Lines https://assets.contentstack.io/v3/assets/blt36c2e63521272fdc/bltea7de5267932e94b/5eb08aafcf88d36e47cf0644/Cheatsheet_SEC301-401_R7.pdf

Digital Forensics and Incident Response

Penetration Testing * Swiss Army Knife collection of PenTesting Cheatsheets https://github.com/swisskyrepo/PayloadsAllTheThings

Cloud Security Cheat sheets

CYBERSECURITY Q&A

 

‎AWS Certified Developer A. PRO

Source: What is the best cheap Wi-Fi cracking/hacking adapter?

Hey everyone, I’ve started getting into hacking, and would like to know the cheapest but best Wi-Fi cracking/deauthing/hacking adapter. I’m on a fairly tight budget of 20AUD and am willing to compromise if needed. Priority is a card with monitor mode, then cracking capabilities, then deauthing, etc. Thank you guys! By the way, if there are any beginner tips you are willing to give, please let me know!

 

 

How SSL Certificates Work

  • A browser or server attempts to connect to a website (i.e. a web server) secured with SSL. The browser/server requests that the web server identify itself.
  • The web server sends the browser/server a copy of its SSL certificate.
  • The browser/server checks to see whether or not it trusts the SSL certificate. If so, it sends a message to the web server.
  • The web server sends back a digitally signed acknowledgement to start an SSL encrypted session.
  • Encrypted data is shared between the browser/server and the web server.

diagram of how ssl certificates work

There are many benefits to using SSL certificates. Namely, SSL customers can:

  • Utilize HTTPs, which elicits a stronger Google ranking
  • Create safer experiences for your customers
  • Build customer trust and improve conversions
  • Protect both customer and internal data
  • Encrypt browser-to-server and server-to-server communication
  • Increase security of your mobile and cloud apps

Penetration Testing Terms

Penetration Testing Terms to know:

  • Authentication — The process of checking if a user is allowed to gain access to a system. eg. Login forms with username and password.
  • Authorization — Checking if the authenticated user has access to perform an action. eg. user, admin, super admin roles.
  • Audit — Conduct a complete inspection of an organization’s network to find vulnerable endpoints or malicious software.
  • Access Control List — A list that contains users and their level of access to a system.
  • Aircrack-ng — Wifi penetration testing software suite. Contains sniffing, password cracking, and general wireless attacking tools.
  • Backdoor — A piece of code that lets hackers get into the system easily after it has been compromised.
  • Burp Suite — Web application security software, helps test web apps for vulnerabilities. Used in bug bounty hunting.
  • Banner Grabbing — Capturing basic information about a server like the type of web server software (eg. apache) and services running on it.
  • Botnet — A network of computers controlled by a hacker to perform attacks such as Distributed Denial of Service.
  • Brute-Force Attack — An attack where the hacker tries different login combinations to gain access. eg. trying to crack a 9 -digit numeric password by trying all the numbers from 000000000 to 999999999
  • Buffer Overflow — When a program tries to store more information than it is allowed to, it overflows into other buffers (memory partitions) corrupting existing data.
  • Cache — Storing the response to a particular operation in temporary high-speed storage is to serve other incoming requests better. eg. you can store a database request in a cache till it is updated to reduce calling the database again for the same query.
  • Cipher — Cryptographic algorithm for encrypting and decrypting data.
  • Code Injection — Injecting malicious code into a system by exploiting a bug or vulnerability.
  • Cross-Site Scripting — Executing a script on the client-side through a legitimate website. This can be prevented if the website sanitizes user input.
  • Compliance — A set of rules defined by the government or other authorities on how to protect your customer’s data. Common ones include HIPAA, PCI-DSS, and FISMA.
  • Dictionary Attack — Attacking a system with a pre-defined list of usernames and passwords. eg. admin/admin is a common username/password combination used by amateur sysadmins.
  • Dumpster Diving — Looking into a company’s trash cans for useful information.
  • Denial of Service & Distributed Denial of Service — Exhausting a server’s resources by sending too many requests is Denial of Service. If a botnet is used to do the same, its called Distributed Denial of Service.
  • DevSecOps — Combination of development and operations by considering security as a key ingredient from the initial system design.
  • Directory Traversal — Vulnerability that lets attackers list al the files and folders within a server. This can include system configuration and password files.
  • Domain Name System (DNS) — Helps convert domain names into server IP addresses. eg. Google.com -> 216.58.200.142
  • DNS Spoofing — Trikcnig a system’s DNS to point to a malicious server. eg. when you enter ‘facebook.com’, you might be redirected to the attacker’s website that looks like Facebook.
  • Encryption — Encoding a message with a key so that only the parties with the key can read the message.
  • Exploit — A piece of code that takes advantage of a vulnerability in the target system. eg. Buffer overflow exploits can get you to root access to a system.
  • Enumeration — Mapping out all the components of a network by gaining access to a single system.
  • Footprinting — Gathering information about a target using active methods such as scanning and enumeration.
  • Flooding — Sending too many packets of data to a target system to exhaust its resources and cause a Denial of Service or similar attacks.
  • Firewall — A software or hardware filter that can be configured to prevent common types of attacks.
  • Fork Bomb — Forking a process indefinitely to exhaust system resources. Related to a Denial of Service attack.
  • Fuzzing — Sending automated random input to a software program to test its exception handling capacity.
  • Hardening — Securing a system from attacks like closing unused ports. Usually done using scripts for servers.
  • Hash Function — Mapping a piece of data into a fixed value string. Hashes are used to confirm data integrity.
  • Honey Pot — An intentionally vulnerable system used to lure attackers. This is then used to understand the attacker’s strategies.
  • HIPAA — The Health Insurance Portability and Accountability Act. If you are working with healthcare data, you need to make sure you are HIPAA compliant. This is to protect the customer’s privacy.
  • Input Validation — Checking user inputs before sending them to the database. eg. sanitizing form input to prevent SQL injection attacks.
  • Integrity — Making sure the data that was sent from the server is the same that was received by the client. This ensures there was no tampering and integrity is achieved usually by hashing and encryption.
  • Intrusion Detection System — A software similar to a firewall but with advanced features. Helps in defending against Nmap scans, DDoS attacks, etc.
  • IP Spoofing — Changing the source IP address of a packet to fool the target into thinking a request is coming from a legitimate server.
  • John The Ripper — Brilliant password cracking tool, runs on all major platforms.
  • Kerberos — Default authorization software used by Microsoft, uses a stronger encryption system.
  • KeyLogger — A software program that captures all keystrokes that a user performs on the system.
  • Logic Bombs — A piece of code (usually malicious) that runs when a condition is satisfied.
  • Light Weight Directory Access Protocol (LDAP) — Lightweight client-server protocol on Windows, central place for authentication. Stores usernames and passwords to validate users on a network.
  • Malware — Short for “Malicious Software”. Everything from viruses to backdoors is malware.
  • MAC Address — Unique address assigned to a Network Interface Card and is used as an identifier for local area networks. Easy to spoof.
  • Multi-factor Authentication — Using more than one method of authentication to access a service. eg. username/password with mobile OTP to access a bank account (two-factor authentication)
  • MD5 — Widely used hashing algorithm. Once a favorite, it has many vulnerabilities.
  • Metasploit — All in one penetration testing framework that helps to successfully exploit vulnerabilities and gain access to target systems.
  • Meterpreter — An advanced Metasploit payload that lives in memory and hard to trace.
  • Null-Byte Injection — An older exploit, uses null bytes (i.e. %00, or 0x00 in hexadecimal) to URLs. This makes web servers return random/unwanted data which might be useful for the attacker. Easily prevented by doing sanity checks.
  • Network Interface Card(NIC) — Hardware that helps a device connect to a network.
  • Network Address Translation — Utility that translates your local IP address into a global IP address. eg. your local IP might be 192.168.1.4 but to access the internet, you need a global IP address (from your router).
  • Nmap — Popular network scanning tool that gives information about systems, open ports, services, and operating system versions.
  • Netcat — Simple but powerful tool that can view and record data on a TCP or UDP network connections. Since it is not actively maintained, NCat is preferred.
  • Nikto — A popular web application scanner, helps to find over 6700 vulnerabilities including server configurations and installed web server software.
  • Nessus — Commercial alternative to NMap, provides a detailed list of vulnerabilities based on scan results.
  • Packet — Data is sent and received by systems via packets. Contains information like source IP, destination IP, protocol, and other information.
  • Password Cracking — Cracking an encrypted password using tools like John the Ripper when you don’t have access to the key.
  • Password Sniffing — Performing man-in-the-middle attacks using tools like Wireshark to find password hashes.
  • Patch — A software update released by a vendor to fix a bug or vulnerability in a software system.
  • Phishing — Building fake web sites that look remarkably similar to legitimate websites (like Facebook) to capture sensitive information.
  • Ping Sweep — A technique that tries to ping a system to see if it is alive on the network.
  • Public Key Cryptography — Encryption mechanism that users a pair of keys, one private and one public. The sender will encrypt a message using your public key which then you can decrypt using your private key.
  • Public Key Infrastructure — A public key infrastructure (PKI) is a system to create, store, and distribute digital certificates. This helps sysadmins verify that a particular public key belongs to a certain authorized entity.
  • Personally Identifiable Information (PII) — Any information that identified a user. eg. Address, Phone number, etc.
  • Payload — A piece of code (usually malicious) that performs a specific function. eg. Keylogger.
  • PCI-DSS — Payment Card Industry Data Security Standard. If you are working with customer credit cards, you should be PCI-DSS compliant.
  • Ransomware — Malware that locks your system using encryption and asks you to pay a price to get the key to unlock it.
  • Rainbow Table — Pre calculated password hashes that will help you crack password hashes of the target easily.
  • Reconnaissance — Finding data about the target using methods such as google search, social media, and other publicly available information.
  • Reverse Engineering — Rebuilding a piece of software based on its functions.
  • Role-Based Access — Providing a set of authorizations for a role other than a user. eg. “Managers” role will have a set of permissions while the “developers” role will have a different set of permissions.
  • Rootkit — A rootkit is a malware that provides unauthorized users admin privileges. Rootkits include keyloggers, password sniffers, etc.
  • Scanning — Sending packets to a system and gaining information about the target system using the packets received. This involved the 3-way-handshake.
  • Secure Shell (SSH) — Protocol that establishes an encrypted communication channel between a client and a server. You can use ssh to login to remote servers and perform system administration.
  • Session — A session is a duration in which a communication channel is open between a client and a server. eg. the time between logging into a website and logging out is a session.
  • Session Hijacking — Taking over someone else’s session by pretending to the client. This is achieved by stealing cookies and session tokens. eg. after you authenticate with your bank, an attacker can steal your session to perform financial transactions on your behalf.
  • Social Engineering — The art of tricking people into making them do something that is not in their best interest. eg. convincing someone to provide their password over the phone.
  • Secure Hashing Algorithm (SHA) — Widely used family of encryption algorithms. SHA256 is considered highly secure compared to earlier versions like SHA 1. It is also a one-way algorithm, unlike an encryption algorithm that you can decrypt. Once you hash a message, you can only compare with another hash, you cannot re-hash it to its earlier format.
  • Sniffing — performing man-in-the-middle attacks on networks. Includes wired and wireless networks.
  • Spam — Unwanted digital communication, including email, social media messages, etc. Usually tries to get you into a malicious website.
  • Syslog — System logging protocol, used by system administrators to capture all activity on a server. Usually stored on a separate server to retain logs in the event of an attack.
  • Secure Sockets Layer (SSL) — Establishes an encrypted tunnel between the client and server. eg. when you submit passwords on Facebook, only the encrypted text will be visible for sniffers and not your original password.
  • Snort — Lightweight open-source Intrusion Detection System for Windows and Linux.
  • SQL Injection — A type of attack that can be performed on web applications using SQL databases. Happens when the site does not validate user input.
  • Trojan — A malware hidden within useful software. eg. a pirated version of MS office can contain trojans that will execute when you install and run the software.
  • Traceroute — Tool that maps the route a packet takes between the source and destination.
  • Tunnel — Creating a private encrypted channel between two or more computers. Only allowed devices on the network can communicate through this tunnel.
  • Virtual Private Network — A subnetwork created within a network, mainly to encrypt traffic. eg. connecting to a VPN to access a blocked third-party site.
  • Virus — A piece of code that is created to perform a specific action on the target systems. A virus has to be triggered to execute eg. autoplaying a USB drive.
  • Vulnerability — A point of attack that is caused by a bug / poor system design. eg. lack of input validation causes attackers to perform SQL injection attacks on a website.
  • War Driving — Travelling through a neighborhood looking for unprotected wifi networks to attack.
  • WHOIS — Helps to find information about IP addresses, its owners, DNS records, etc.
  • Wireshark — Open source program to analyze network traffic and filter requests and responses for network debugging.
  • Worm — A malware program capable of replicating itself and spreading to other connected systems. eg. a worm to built a botnet. Unlike Viruses, Worms don’t need a trigger.
  • Wireless Application Protocol (WAP) — Protocol that helps mobile devices connect to the internet.
  • Web Application Firewall (WAF) — Firewalls for web applications that help with cross-site scripting, Denial of Service, etc.
  • Zero-Day — A newly discovered vulnerability in a system for which there is no patch yet. Zero-day vulnerabilities are the most dangerous type of vulnerabilities since there is no possible way to protect against one.
  • Zombie — A compromised computer, controlled by an attacker. A group of zombies is called a Botnet.

CyberSecurity Post COVID-19

How does Covid19 affect cyber risk?

  1. Increased distributed working: With organizations embracing work from home, incremental risks have been observed due to a surge in Bring Your Own Device (BYOD), Virtual Private Network (VPN), Software As A Service (SaaS), O365 and Shadow IT, as it could be exploited by various Man-in-the-Middle (MITM) attack vectors.
  2. Reimagine Business Models: Envisioning new business opportunities, modes of working, and renewed investment priorities. With reduced workforce capability, compounded with skill shortages, staff who are focusing on business as usual tasks can be victimized, via social engineering.
  3. Digital Transformation and new digital infrastructure: With the change in nature for organizations across the industrial and supply chain sector – security is deprioritized. Hardening of the industrial systems and cloud based infrastructure is crucial as cyber threats exploit these challenges via vulnerability available for unpatched systems.
  4. With an extreme volume of digital communication, security awareness is lowered with increased susceptibility. Malicious actors are using phishing techniques to exploit such situations.

Re-evaluate your approach to cyber

    • Which cyber scenarios your organization appears to be preparing for or is prepared?
    •  Is there a security scenario that your organization is currently ignoring – but shouldn’t be?
    • What would your organization need to do differently in order to win, in each of the identified cyber scenarios?
  • What capabilities, cyber security partnerships, and workforce strategies do you need to strengthen?

The organizations should reflect the following scenarios at a minimum and consider:

    • Which cyber scenarios your organization appears to be preparing for or is prepared?
    •  Is there a security scenario that your organization is currently ignoring – but shouldn’t be?
    • What would your organization need to do differently in order to win, in each of the identified cyber scenarios?
    • What capabilities, cyber security partnerships, and workforce strategies do you need to strengthen?
  • To tackle the outcome from the above scenarios, the following measures are the key:

Inoculation through education: Educate and / or remind your employees about –

    • Your organization’s defense – remote work cyber security policies and best practices
    • Potential threats to your organization and how will it attack – with a specific focus on social engineering scams and identifying COVID-19 phishing campaigns
  • Assisting remote employees with enabling MFA across the organization assets

Adjust your defenses: Gather cyber threat intelligence and execute a patching sprint:

    • Set intelligence collection priorities
    • Share threat intelligence with other organizations
    • Use intelligence to move at the speed of the threat
  • Focus on known tactics, such as phishing and C-suite fraud.
  • Prioritize unpatched critical systems and common vulnerabilities.

Enterprise recovery: If the worst happens and an attack is successful, follow a staged approach to recovering critical business operations which may include tactical items such as:

    • Protect key systems through isolation
    • Fully understand and contain the incident
    • Eradicate any malware
    • Implement appropriate protection measures to improve overall system posture
    • Identify and prioritize the recovery of key business processes to deliver operations
  • Implement a prioritized recovery plan

Cyber Preparedness and Response: It is critical to optimize the detection capability thus, re-evaluation of the detection strategy aligned with the changing landscape is crucial. Some key trends include:

    • Secure and monitor your cloud environments and remote working applications
    • Increase monitoring to identify threats from shadow IT
  • Analyze behavior patterns to improve detection content

Finding the right cyber security partner: To be ready to respond identify the right partner with experience and skillset in Social Engineering, Cyber Response, Cloud Security, and Data Security.

Critical actions to address

At this point, as the organizations are setting the direction towards the social enterprise, it is an unprecedented opportunity to lead with cyber discussions and initiatives. Organizations should immediately gain an understanding of newly introduced risks and relevant controls by:

    • Getting a seat at the table
    • Understanding the risk prioritization:
    • Remote workforce/technology performance
    • Operational and financial implications
    • Emerging insider and external threats
  • Business continuity capabilities

Assessing cyber governance and security awareness in the new operating environment

Assessing the highest areas of risk and recommend practical mitigation strategies that minimize impact to constrained resources.

Keeping leadership and the Board apprised of ever-changing risk profile

Given the complexity of the pandemic and associated cyber challenges, there is reason to believe that the recovery phase post-COVID-19 will require unprecedented levels of cyber orchestration, communication, and changing of existing configurations across the organization.

CyberSecurity: Protect Yourself on Internet

    • Use two factor authentication when possible. If not possible, use strong unique passwords that are difficult to guess or crack. This means avoiding passwords that use of common words, your birthdate, your SSN, names and birthdays of close associates, etc.
    • Make sure the devices you are using are up-to-date and have some form of reputable anti-virus/malware software installed.
    • Never open emails, attachments, programs unless they are from a trusted source (i.e., a source that can be verified). Also disregard email or web requests that ask you to share your personal or account information unless you are sure the request and requestor are legitimate.
    • Try to only use websites that are encrypted. To do this, look for either the trusted security lock symbol before the website address and/or the extra “s” at the end of http in the URL address bar.
    • Avoid using an administrator level account when using the internet.
    • Only enable cookies when absolutely required by a website.
    • Make social media accounts private or don’t use social media at all.
    • Consider using VPNs and encrypting any folders/data that contains sensitive data.
  • Stay away from using unprotected public Wi-Fi networks.
    • Social media is genetically engineered in Area 51 to harvest as much data from you as possible. Far beyond just having your name and age and photograph.

    • Never use the same username twice anywhere, or the same password twice anywhere.

    • Use Tor/Tor Browser whenever possible. It’s not perfect, but it is a decent default attempt at anonymity.

    • Use a VPN. Using VPN and Tor can be even better.

    • Search engines like DuckDuckGo offer better privacy (assuming they’re honest, which you can never be certain of) than Google which, like social media, works extremely hard to harvest every bit of data from you that they can.

    • Never give your real details anywhere. Certainly not things like your name or pictures of yourself, but even less obvious things like your age or country of origin. Even things like how you spell words and grammatical quirks can reveal where you’re from.

    • Erase your comments from websites after a few days/weeks. It might not erase them from the website’s servers, but it will at least remove them from public view. If you don’t, you can forget they exist and you never know how or when they can and will be used against you.

  • With Reddit, you can create an account fairly easily over Tor using no real information. Also, regularly nuke your accounts in case Reddit or some crazy stalker is monitoring your posts to build a profile of who you might be. Source: Reddit

 Notable Hackers

  • Adrian Lamo – gained media attention for breaking into several high-profile computer networks, including those of The New York Times, Yahoo!, and Microsoft, culminating in his 2003 arrest. Lamo was best known for reporting U.S. soldier Chelsea Manning to Army criminal investigators in 2010 for leaking hundreds of thousands of sensitive U.S. government documents to WikiLeaks.
  • Albert Gonzales – an American computer hacker and computer criminal who is accused of masterminding the combined credit card theft and subsequent reselling of more than 170 million card and ATM numbers from 2005 to 2007: the biggest such fraud in history.
  • Andrew Auernheimer (known as Weev) – Went to jail for using math against AT&T website.
  • Barnaby Jack – was a New Zealand hacker, programmer and computer security expert. He was known for his presentation at the Black Hat computer security conference in 2010, during which he exploited two ATMs and made them dispense fake paper currency on the stage. Among his other most notable works were the exploitation of various medical devices, including pacemakers and insulin pumps.
  • Benjamin Delpy – Mimikatz
  • DVD-Jon – He wrote the DeCSS software, which decodes the Content Scramble System used for DVD licensing enforcement.
  • Eric Corley (known as Emmanuel Goldstein) – 2600
  • Gary McKinnon – a Scottish systems administrator and hacker who was accused in 2002 of perpetrating the “biggest military computer hack of all time,” although McKinnon himself states that he was merely looking for evidence of free energy suppression and a cover-up of UFO activity and other technologies potentially useful to the public. 👽🛸
  • George Hotz aka geohot – “The former Facebook engineer took on the giants of the tech world by developing the first iPhone carrier-unlock techniques,” says Mark Greenwood, head of data science at Netacea, “followed a few years later by reverse engineering Sony’s PlayStation 3, clearing the way for users to run their own code on locked-down hardware. George sparked an interest in a younger generation frustrated with hardware and software restrictions being imposed on them and led to a new scene of opening up devices, ultimately leading to better security and more openness.”
  • Guccifer 2.0 – a persona which claimed to be the hacker(s) that hacked into the Democratic National Committee (DNC) computer network and then leaked its documents to the media, the website WikiLeaks, and a conference event.
  • Hector Monsegur (known as Sabu) – an American computer hacker and co-founder of the hacking group LulzSec. He Monsegur became an informant for the FBI, working with the agency for over ten months to aid them in identifying the other hackers from LulzSec and related groups.
  • Jacob Appelbaum – an American independent journalist, computer security researcher, artist, and hacker. He has been employed by the University of Washington, and was a core member of the Tor project, a free software network designed to provide online anonymity.
  • James Forshaw – one of the world’s foremost bug bounty huners
  • Jeanson James Ancheta – On May 9, 2006, Jeanson James Ancheta (born 1985) became the first person to be charged for controlling large numbers of hijacked computers or botnets.
  • Jeremy Hammond – He was convicted of computer fraud in 2013 for hacking the private intelligence firm Stratfor and releasing data to the whistle-blowing website WikiLeaks, and sentenced to 10 years in prison.
  • John Draper – also known as Captain Crunch, Crunch or Crunchman (after the Cap’n Crunch breakfast cereal mascot), is an American computer programmer and former legendary phone phreak.
  • Kevin Mitnick – Free Kevin
  • Kimberley Vanvaeck (known as Gigabyte) – a virus writer from Belgium known for a long-standing dispute which involved the internet security firm Sophos and one of its employees, Graham Cluley. Vanvaeck wrote several viruses, including Quis, Coconut and YahaSux (also called Sahay). She also created a Sharp virus (also called “Sharpei”), credited as being the first virus to be written in C#.
  • Lauri Love – a British activist charged with stealing data from United States Government computers including the United States Army, Missile Defense Agency, and NASA via computer intrusion.
  • Michael Calce (known as MafiaBoy) – a security expert from Île Bizard, Quebec who launched a series of highly publicized denial-of-service attacks in February 2000 against large commercial websites, including Yahoo!, Fifa.com, Amazon.com, Dell, Inc., E*TRADE, eBay, and CNN.
  • Mudge – Peiter C. Zatko, better known as Mudge, is a network security expert, open source programmer, writer, and a hacker. He was the most prominent member of the high-profile hacker think tank the L0pht as well as the long-lived computer and culture hacking cooperative the Cult of the Dead Cow.
  • Phineas Fisher – vigilante hacker god
  • PRAGMA – Also known as Impragma or PHOENiX, PRAGMA is the author of Snipr, one of the most prolific credential stuffing tools available online.
  • The 414s – The 414s were a group of computer hackers who broke into dozens of high-profile computer systems, including ones at Los Alamos National Laboratory, Sloan-Kettering Cancer Center, and Security Pacific Bank, in 1982 and 1983.
  • The Shadow Brokers – is a hacker group who first appeared in the summer of 2016. They published several leaks containing hacking tools from the National Security Agency (NSA), including several zero-day exploits. Specifically, these exploits and vulnerabilities targeted enterprise firewalls, antivirus software, and Microsoft products.[6] The Shadow Brokers originally attributed the leaks to the Equation Group threat actor, who have been tied to the NSA’s Tailored Access Operations unit.

Notable Viruses & Worms

History

  • The Strange History of Ransomware
    The first ransomware virus predates e-mail, even the Internet as we know it, and was distributed on floppy disk by the postal service. It sounds quaint, but in some ways this horse-and-buggy version was even more insidious than its modern descendants. Contemporary ransomware tends to bait victims using legitimate-looking email attachments — a fake invoice from UPS, or a receipt from Delta airlines. But the 20,000 disks dispatched to 90 countries in December of 1989 were masquerading as something far more evil: AIDS education software.

How to protect sensitive data for its entire lifecycle in AWS

How to protect sensitive data for its entire lifecycle in AWS
How to protect sensitive data for its entire lifecycle in AWS

You can protect data in-transit over individual communications channels using transport layer security (TLS), and at-rest in individual storage silos using volume encryption, object encryption or database table encryption. However, if you have sensitive workloads, you might need additional protection that can follow the data as it moves through the application stack. Fine-grained data protection techniques such as field-level encryption allow for the protection of sensitive data fields in larger application payloads while leaving non-sensitive fields in plaintext. This approach lets an application perform business functions on non-sensitive fields without the overhead of encryption, and allows fine-grained control over what fields can be accessed by what parts of the application. Read m ore here…

Cybersecurity Breaking News – Top Stories

  • NSO Confirms Pegasus Spyware Used by at least 5 European Countries
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on June 27, 2022 at 6:14 am

    The beleaguered Israeli surveillanceware vendor NSO Group this week admitted to the European Union lawmakers that its Pegasus tool was used by at least five countries in the region. "We're trying to do the right thing and that's more than other companies working in the industry," Chaim Gelfand, the company's general counsel and chief compliance officer, said, according to a report from Politico.

  • Multiple Backdoored Python Libraries Caught Stealing AWS Secrets and Keys
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on June 27, 2022 at 5:58 am

    Researchers have discovered a number of malicious Python packages in the official third-party software repository that are engineered to exfiltrate AWS credentials and environment variables to a publicly exposed endpoint. The list of packages includes loglib-modules, pyg-modules, pygrata, pygrata-utils, and hkg-sol-utils, according to Sonatype security researcher Ax Sharma. The packages and as

  • Google Says ISPs Helped Attackers Infect Targeted Smartphones with Hermit Spyware
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on June 27, 2022 at 5:57 am

    A week after it emerged that a sophisticated mobile spyware dubbed Hermit was used by the government of Kazakhstan within its borders, Google said it has notified Android users of infected devices. Additionally, necessary changes have been implemented in Google Play Protect — Android's built-in malware defense service — to protect all users, Benoit Sevens and Clement Lecigne of Google Threat

  • Hackers Exploit Mitel VoIP Zero-Day in Likely Ransomware Attack
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on June 27, 2022 at 5:55 am

    A suspected ransomware intrusion attempt against an unnamed target leveraged a Mitel VoIP appliance as an entry point to achieve remote code execution and gain initial access to the environment. The findings come from cybersecurity firm CrowdStrike, which traced the source of the attack to a Linux-based Mitel VoIP device sitting on the network perimeter, while also identifying a previously

  • Learn NIST Inside Out With 21 Hours of Training @ 86% OFF
    by noreply@blogger.com (The Hacker News) (The Hacker News) on June 25, 2022 at 10:30 am

    In cybersecurity, many of the best jobs involve working on government projects. To get a security clearance, you need to prove that you meet NIST standards. Cybersecurity firms are particularly interested in people who understand the RMF, or Risk Management Framework — a U.S. government guideline for taking care of data. The NIST Cybersecurity & Risk Management Frameworks Course helps you

  • New 'Quantum' Builder Lets Attackers Easily Create Malicious Windows Shortcuts
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on June 25, 2022 at 4:05 am

    A new malware tool that enables cybercriminal actors to build malicious Windows shortcut (.LNK) files has been spotted for sale on cybercrime forums. Dubbed Quantum Lnk Builder, the software makes it possible to spoof any extension and choose from over 300 icons, not to mention support UAC and Windows SmartScreen bypass as well as "multiple payloads per .LNK" file. Also offered are capabilities

  • State-Backed Hackers Using Ransomware as a Decoy for Cyber Espionage Attacks
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on June 25, 2022 at 4:04 am

    A China-based advanced persistent threat (APT) group is possibly deploying short-lived ransomware families as a decoy to cover up the true operational and tactical objectives behind its campaigns. The activity cluster, attributed to a hacking group dubbed Bronze Starlight by Secureworks, involves the deployment of post-intrusion ransomware such as LockFile, Atom Silo, Rook, Night Sky, Pandora,

  • Apple and Android phones hacked by Italian spyware, Google says
    by /u/wewewawa (cybersecurity) on June 24, 2022 at 11:47 pm

    submitted by /u/wewewawa [link] [comments]

  • SMTP for Phishing service?
    by /u/Ricardoh2 (cybersecurity) on June 24, 2022 at 9:44 pm

    Hello community, I tell you that I lead ethical phishing projects and I have come across many email sending service stopers (SMTP open realy), do you know any that have served them for mass mailing and that "allow" ethical phishing exercises? submitted by /u/Ricardoh2 [link] [comments]

  • I’ve managed to get a cyber job!
    by /u/Untraveled (cybersecurity) on June 24, 2022 at 8:13 pm

    I first managed to get into an IT role around this time last year. Coming from a banking background and an accounting degree it was a bit of an uphill battle. After a couple of years of working in banking, I realised I have a passion for IT and security specifically. As I work for a massive outsourcing company, there are tons of opportunities with different career paths which allowed me to secure my first role as a service desk analyst. The role was easy enough and not too technical so I was using my free time to upskill using things like TryHackMe and YouTube. Even then, I didn’t feel like I was at a level to get into a cybersec role, regardless, I applied for a role in the SOC that my outsourcing company works for. Did a few interviews and as expected, I got rejected. I was given a training plan and was told to reapply in 6 months to a year. This was a month ago. Yesterday, I was surprised to see the head of security send me a message to have a chat today. I tempered my expectations and assumed he was checking up on how my training was going. Turns out a role has become available and I was offered the job. I can’t wait to get started even though I was told the learning curve will be practically vertical. Definitely going to be a bit of imposter syndrome in the first couple of months. I just wanted to share this and celebrate this online before I reveal to my friends! submitted by /u/Untraveled [link] [comments]

  • Binaries for RE
    by /u/Owt2getcha (cybersecurity) on June 24, 2022 at 8:05 pm

    Hello all! I am wondering if anyone knows a good resource for binaries with exploited software that I could reverse engineer and add to my summer projects? Turned out I really enjoyed doing this in school and would love to get more comfortable with it. Thank you! submitted by /u/Owt2getcha [link] [comments]

  • Has anyone here used AWS for malware analysis?
    by /u/that-gostof-de-past (cybersecurity) on June 24, 2022 at 6:37 pm

    Ive received a few phishing emails and id like to do some analysis. I don't want anything touching my home network. Has anyone used AWS for this ? submitted by /u/that-gostof-de-past [link] [comments]

  • How do password managers fit within your security model?
    by /u/Graham-1Password (cybersecurity) on June 24, 2022 at 6:10 pm

    Hey folks - I work for 1Password helping guide our product roadmap, and, even though I've browsed this sub for a while personally, I'm coming to you to get your thoughts on password managers and their place in your company's larger security model. I've got nothing to sell and have just noticed the quality of conversation in this sub, hence me wanting to see what you folks think. (Mods have approved this, so, thanks!) I work on making sure we're building the right things for our business customers, and reddit gives me that frank, honest feedback I find so useful in so many other things in my life... To that end: How much do you feel like using (or not) a password manager makes an actual difference in your company's overall security posture? For your larger IAM systems and policies, how do you try and secure access to apps/services that aren't SSO-enabled and still need a username/password? Or does SSO cover off enough of your services that you aren't too concerned with the others? Does it fall to you folks in CyberSec to create and manage policies for how other sensitive info is shared? For example, other stuff can be stored/shared in 1Password (Credit cards, developer secrets like SSH keys, ...) - would you consider this stuff part of access management, in a sense, to try and keep organized with how that stuff is securely accessed? Happy to get your thoughts (the good, the bad, and/or the ugly) about any of this stuff, and even your more general opinions on how useful password managers seem to you. We've been building this tool for 15+ years and have always tried to keep a close connection to our users, even as we've grown. I'm hoping we keep it that way, so here's to me asking all of you! submitted by /u/Graham-1Password [link] [comments]

  • IDS needed / recommendations?
    by /u/thelizardking43 (cybersecurity) on June 24, 2022 at 4:27 pm

    Are IDS's antiquated and instead Huntress, Crowsdtrike, or other threat hunting services sufficient / superior? Are there IDS's you'd recommend? submitted by /u/thelizardking43 [link] [comments]

  • A daily updated summary of the most frequent types of security incidents being reported by CISA, CERT-FR, MA-CERT, ZeroDayInitiative and IBMCloud.
    by /u/karimhabush (cybersecurity) on June 24, 2022 at 4:16 pm

    submitted by /u/karimhabush [link] [comments]

  • Best RSS feeds for your Intel
    by /u/securethelogs (cybersecurity) on June 24, 2022 at 3:24 pm

    Hey guys, I’m just wanting to know what’s your best RSS feeds in keeping up to date with the world of Security. Things like BleepingComputer or TheHackerNews. Just curious 🙂 submitted by /u/securethelogs [link] [comments]

  • SMS phishing is way too easy
    by /u/speckz (cybersecurity) on June 24, 2022 at 3:10 pm

    submitted by /u/speckz [link] [comments]

  • $100 million worth of crypto has been stolen in another major hack
    by /u/jivatman (cybersecurity) on June 24, 2022 at 3:05 pm

    submitted by /u/jivatman [link] [comments]

  • What is the best method for users to securely submit malware samples?
    by /u/tsuto (cybersecurity) on June 24, 2022 at 2:38 pm

    As the title says, I’m wondering if there are any industry standards or best practices for how to actually move malware samples, memory dumps, etc from place to place? The idea would not be an end user really but rather forensic analysts being able to transfer artifacts they’ve extracted to dedicated reverse engineering teams. Worth mentioning that the RE group would be a subcontractor and needs to have a system for submitting tickets as well as files in a secure way between organizations. Is there anything your company uses that you’d recommend? submitted by /u/tsuto [link] [comments]

  • Top cybersecurity stories for the week of 06-20-22 to 06-24-22
    by /u/CISO_Series_Producer (cybersecurity) on June 24, 2022 at 2:10 pm

    Top cybersecurity stories for the week of 06-20-22 to 06-24-22 Below are the top headlines we’ve been reporting this whole week on Cyber Security Headlines. If you’d like to hear and participate in a discussion about them, the CISO Series does a live 20-minute show every Friday at 12:30pm PT/3:30pm ET. Each week we welcome a different cyber practitioner to offer some color to the week's stories. Our guest this week is Marnie Wilking, CISO, Wayfair. If you want to get involved you can watch live and participate in the discussion on LinkedIn Live (register), or you can just subscribe to the Cyber Security Headlines podcast and get it into your feed. Here are some of the stories we'll be covering: US DoJ announces shut down of Russian RSOCKS Botnet An international police operation that involved law enforcement partners from Germany, the Netherlands, and the U.K. shut down the RSOCKS botnet which was composed of millions of compromised computers and other electronic devices around the world. This included industrial control systems, time clocks, routers, audio/video streaming devices, and smart garage door openers. It had also expanded into compromising additional types of devices, including Android devices and conventional computers. The operators behind the RSOCKS botnet offered their clients access to IP addresses assigned to the compromised devices to route internet traffic. (Security Affairs) Experts warn of a new eCh0raix ransomware campaign targeting QNAP NAS The ransomware, tracked as “QNAPCrypt” and “eCh0raix,” is written in the Go programming language and uses AES encryption to encrypt files. The malicious code appends .encrypt extension to filenames of encrypted files. It has been active since at least 2019, and we reported on the last wave of attacks back in December 2021, In May 2021, QNAP warned customers of threat actors that are targeting its NAS devices with eCh0raix ransomware attacks and exploiting a Roon Server zero-day vulnerability on devices using weak passwords. Experts are now reporting a surge in eCh0raix infections in industry forums. (Security Affairs) Chrome extensions can be used for fingerprinting There have long been ways to use browser information to fingerprint users. However a web developer who goes by ‘z0ccc’ released the site “Extension Fingerprint,” which can generate a tracking hash based on a browser’s installed Chrome extensions alone. Some extensions use a secret token that is required for external pages to view if it’s installed, but z0ccc found that comparing loading times for the protection extensions can reveal which ones are installed. Bleeping Computer found that installing 3 to 4 extensions brough the percentage of users with the same extensions to as low as 0.006%. The approach works for Chrome and Edge browsers, but not on Firefox, which use unique Firefox extension IDs for every browser instance. The developer claims that while every browser can’t be uniquely identified by extensions alone, it could be easily combined with other information to create a truly unique ID. (Bleeping Computer) Overconfidence in API security leaves orgs at high risk Radware’s 2022 State of API Security report reveals a sharp increase in API usage due to reliance on cloud infrastructure and other intersystem communications. While 92% of those surveyed believe they have adequate protection for their APIs, 62% admit a third or more of APIs are undocumented, leaving organizations vulnerable to cyber threats, such as database exposures, data breaches, and scraping attacks. Additionally, half of respondents indicated their existing tools provide only partial or minimal API protection highlighting that cyber security leaders may have a false sense of security when it comes to their APIs. Michelle McLean, Vice President at Salt Security, said the findings reinforce that API security is vastly under prioritized, and the time is now to turn the dial and incorporate adequate solutions as old tools are not enough. (Security Magazine) Daycare apps found insecure The Electronic Frontier Foundation looked into the security used by daycare apps, which are often required when enrolling children. It found that almost all apps lack any kind of 2FA, with one of the more popular Brightwheel claiming it was the “1st partner to offer this level of security.” It also found many apps had weak password policies, used undisclosed Facebook trackers, and had cleartext traffic enabled. The EFF wasn’t the first to highlight these issues, but found that many app makers lacked basic emails to send security issues to, and often were unresponsive. A previous Australian study found that just 14% of vendors responded to security issues with daycare apps. The EFF also points out that regulations like COPPA don’t apply to these applications. (EFF) DARPA finds blockchains aren’t all that decentralized A new report from the Defense Advanced Research Project looking into if blockchains are decentralized found some “unintended centralities” leading the authors to believe that many blockchains could eventually have power centralized with a few select individuals or groups. The paper found the cryptographic underpinning of blockchain “quite robust.” But it points out that three ISPs saw 60% of all Bitcoin traffic, opening the door to these providers having the ability to restrict certain transactions, letting it become a majority voice in consensus of what actually gets written to the blockchain. The report also points out that 21% of Bitcoin nodes run older versions of the Bitcoin client that are vulnerable to attacks. (Gizmodo) Cloud email threats soar 101% in a year Trend Micro announced this number as their observation of growth in email-borne cyber-threats that they blocked last year. They also note a 138% year-on-year increase in phishing emails, of which 40% were credential phishing attempts. They also blocked 3.3 million malicious files in cloud-based emails, including a 134% increase in known threats and a 221% increase in unknown malware. Another security company, Proofpoint warned in a new report of the continued dangers posed by social engineering, highlighting how many users don’t realize that threat actors may spend considerable time and effort building a rapport over email with their victims, especially if they’re trying to conduct a business email compromise (BEC) attack, it said. (Infosecurity) Microsoft's AI spots ransomware attacks before they get started Microsoft is focusing on disrupting the earliest stages of a ransomware attack with AI enhancements for Microsoft Defender for Endpoint. In what the company calls "early incrimination," they are developing machine learning (ML) algorithms to determine "malicious intent" in files, processes, user accounts, and devices. Microsoft engineers have developed three sets of AI-generated inputs that independently generate a risk score determining whether an entity is likely involved in an active ransomware attack: • Time-based and statistical analysis of security alerts at the organizational level • Graph-based aggregation of suspicious events across devices • Device-based monitoring to flag suspicious activities By correlating these datasets, Defender can detect patterns and connections that might have been missed otherwise. If a high enough confidence level is reached, it automatically blocks the files and entities involved in the ransomware. (ZDNet) submitted by /u/CISO_Series_Producer [link] [comments]

  • Ferret: Automatically finding RFC compliance bugs in DNS nameservers
    by /u/speckz (cybersecurity) on June 24, 2022 at 12:52 pm

    submitted by /u/speckz [link] [comments]

  • State-Backed Hackers Using Ransomware as a Decoy for Cyber Espionage Attacks
    by /u/Cultural_Budget6627 (cybersecurity) on June 24, 2022 at 11:29 am

    submitted by /u/Cultural_Budget6627 [link] [comments]

  • Cybersecurity career path podcast
    by /u/gormami (cybersecurity) on June 24, 2022 at 10:53 am

    Suzanne Gorman (no relation) and some friends did a great podcast talking about some of the different careers within the cybersecurity field. For a lot of the folks here that are asking about what to expect in the field, or thinking about it without a strong understanding of what the opportunities are, take a listen. It may help you understand that it is not a monolithic field, and there are many different types of opportunities for different types of thinkers and skill sets. https://lnkd.in/gnJd4dSH submitted by /u/gormami [link] [comments]

  • NSO claims 'more than 5' EU states used its Pegasus spyware
    by /u/Illustrious_Yard_576 (cybersecurity) on June 24, 2022 at 10:00 am

    submitted by /u/Illustrious_Yard_576 [link] [comments]

  • Interview catch22
    by /u/Relative_Ad197 (cybersecurity) on June 24, 2022 at 7:39 am

    Hello friend, managers and engineers, I have a dilemma. What would you do if you had a candidate you were interviewing show up to an interview for a security engineer position, and inform you that they found a vulnerability, showed you it and told you how to patch it! Would you hire them? Not hire them? Why or why not? What do you do in this situation? Insider threats are some of the biggest risks to companies. On the other hand they helped you fix something which was missed. submitted by /u/Relative_Ad197 [link] [comments]

  • Log4Shell Still Being Exploited to Hack VMWare Servers to Exfiltrate Sensitive Data
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on June 24, 2022 at 7:37 am

    The U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with the Coast Guard Cyber Command (CGCYBER), on Thursday released a joint advisory warning of continued attempts on the part of threat actors to exploit the Log4Shell flaw in VMware Horizon servers to breach target networks. "Since December 2021, multiple threat actor groups have exploited Log4Shell on unpatched,

  • Log4Shell Still Being Exploited to Hack VMWare Servers to Exfiltrate Sensitive Data
    by /u/sanket-darji (cybersecurity) on June 24, 2022 at 6:31 am

    submitted by /u/sanket-darji [link] [comments]

  • Chinese Hackers Distributing SMS Bomber Tool with Malware Hidden Inside
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on June 24, 2022 at 3:09 am

    A threat cluster with ties to a hacking group called Tropic Trooper has been spotted using a previously undocumented malware coded in Nim language to strike targets as part of a newly discovered campaign. The novel loader, dubbed Nimbda, is "bundled with a Chinese language greyware 'SMS Bomber' tool that is most likely illegally distributed in the Chinese-speaking web," Israeli cybersecurity

  • Leaving military role
    by /u/grillle (cybersecurity) on June 24, 2022 at 1:30 am

    After leaving the service I find myself in a weird position where I have to sell my current military specific training and experience (not that much, and probably outdated) to a completely new market of employers. Any tips on how I can hit the ground running in this new world? Should I focus my energy on certifications like OSCP or CISSP, maybe get a degree in cyber security or the like? One last question, how do you find a skill tree to focus on out of the multitude of things. do you guys just gorge on certs and experience and flow into a path? Thanks if you read this far 🙂 submitted by /u/grillle [link] [comments]

  • Daily Cyber Brief
    by /u/RandyMarsh_Lorde (cybersecurity) on June 24, 2022 at 12:58 am

    submitted by /u/RandyMarsh_Lorde [link] [comments]

  • What is it like to to be an Cybersecuirty engineer for a major defense contractor?
    by /u/Mr_Hexx (cybersecurity) on June 23, 2022 at 8:19 pm

    I start my internship next week and wanted to know what I'm getting myself into (what it's like working for a defense contractor in cyber) and wanted some advice. From my understanding they have secure cloud platform and that'll be where most of my work comes from. I'll be most likely doing a lot of risk assessments since he mention that in the interview along with my experiences with STIGs and crypto key management . I interned at a manufacturing company for a year and a half prior to this as a mainframe systems admin. I picked up any work that was security related with my typical duties, setting up Splunk for the z/os environment and the z/os TPM for a hardware migration to name the big ones. ​ What is the culture and work flow like? And pro's and con's? Tips for someone starting a cybersecurity engineer role? submitted by /u/Mr_Hexx [link] [comments]

  • Asking workers for once: why is there a cybersecurity skills gap?
    by /u/ChelseaJumbo2022 (cybersecurity) on June 23, 2022 at 4:23 pm

    I am doing a research project on this issue right now— looking at cybersecurity capacity building efforts in the US, UK, Australia, and Israel. Everyone agrees that there’s a skills gap. Very few propose scalable solutions or offer reasons that fully explain the issue. I’m dismayed that there are so many surveys asking employers what they need from workers but very little out there (that I’ve found) on what workers are experiencing re barriers to entry, retention, upskilling, etc. Please share your thoughts, experiences, and any resources you think I should look into. Thank you! EDIT: wow, thank you for all the replies! To assuage any doubt, I’m not planning on using comments as ‘research’. This is just me dicking around on Reddit. Apologies that that wasn’t said from the start. Thank you everyone who replied!! submitted by /u/ChelseaJumbo2022 [link] [comments]

  • CISA warns over software flaws in industrial control systems
    by /u/kugkug (cybersecurity) on June 23, 2022 at 4:08 pm

    submitted by /u/kugkug [link] [comments]

  • Entry level opportunity
    by /u/TheRealBuzz128 (cybersecurity) on June 23, 2022 at 2:32 pm

    Right now I’m about to graduate and get my BS in IT from a legit school. I currently got a part job as an IT Help Specialist at a small corporation to get some work experience before I graduate. This corporation has a small IT team so I’m working next to the IT director and the systems administrator. They include me for everything, even all the meetings with programmers, vendors etc, I’m there sitting and listening and giving my views. I got my sec+ a few weeks ago and with the little knowledge I have I wrote a proposal to have a phishing server and some security awareness training done. To my surprise my boss called me in and tells me that they loved my idea and that should be my big project for the next quarter, and also I got an extra work station assigned to me just to do that. My boss also gave me 90 mins every day I work to train and learn about any subject related to cyber security and he is willing to pay for learning material. We have a meeting every week, and so far they have made some changes based on my advice such as encrypting emails, using bitlocker, and to setup a dns sinkhole. Why am I writing all this? Well after reading a very interesting post here on reddit, I feel like I might have found a place were I can start my entry level cybersecurity career? The pay is not good at the moment, and we are going to talk about a full time job once I graduate this December, but this has me thinking, maybe I should stay at my current job, where they allow me to gain cybersecurity experience and then after some time try to get that next level dream job? Instead of going for a better paid IT job right after graduation that might not let me develop my security skills. submitted by /u/TheRealBuzz128 [link] [comments]

  • Manual vs. SSPM: Research on What Streamlines SaaS Security Detection & Remediation
    by noreply@blogger.com (The Hacker News) (The Hacker News) on June 23, 2022 at 11:07 am

    When it comes to keeping SaaS stacks secure, IT and security teams need to be able to streamline the detection and remediation of misconfigurations in order to best protect their SaaS stack from threats. However, while companies adopt more and more apps, their increase in SaaS security tools and staff has lagged behind, as found in the 2022 SaaS Security Survey Report.  The survey report,

  • New ToddyCat Hacker Group on Experts' Radar After Targeting MS Exchange Servers
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on June 23, 2022 at 10:34 am

    An advanced persistent threat (APT) actor codenamed ToddyCat has been linked to a string of attacks aimed at government and military entities in Europe and Asia since at least December 2020. The relatively new adversarial collective is said to have commenced its operations by targeting Microsoft Exchange servers in Taiwan and Vietnam using an unknown exploit to deploy the China Chopper web shell

  • Critical PHP Vulnerability Exposes QNAP NAS Devices to Remote Attacks
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on June 23, 2022 at 6:36 am

    QNAP, Taiwanese maker of network-attached storage (NAS) devices, on Wednesday said it's in the process of fixing a critical three-year-old PHP vulnerability that could be abused to achieve remote code execution. "A vulnerability has been reported to affect PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24, and 7.3.x below 7.3.11 with improper nginx config," the hardware vendor said in an

  • Russian Hackers Exploiting Microsoft Follina Vulnerability Against Ukraine
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on June 23, 2022 at 6:19 am

    The Computer Emergency Response Team of Ukraine (CERT-UA) has cautioned of a new set of spear-phishing attacks exploiting the "Follina" flaw in the Windows operating system to deploy password-stealing malware. Attributing the intrusions to a Russian nation-state group tracked as APT28 (aka Fancy Bear or Sofacy), the agency said the attacks commence with a lure document titled "Nuclear Terrorism

  • Europol Busts Phishing Gang Responsible for Millions in Losses
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on June 23, 2022 at 6:18 am

    Europol on Tuesday announced the dismantling of an organized crime group that dabbled in phishing, fraud, scams, and money laundering activities. The cross-border operation, which involved law enforcement authorities from Belgium and the Netherlands, saw the arrests of nine individuals in the Dutch nation. The suspects are men between the ages of 25 and 36 from Amsterdam, Almere, Rotterdam, and

  • Researchers Disclose 56 Vulnerabilities Impacting OT Devices from 10 Vendors
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on June 23, 2022 at 6:18 am

    Nearly five dozen security vulnerabilities have been disclosed in devices from 10 operational technology (OT) vendors due to what researchers call are "insecure-by-design practices." Collectively dubbed OT:ICEFALL by Forescout, the 56 issues span as many as 26 device models from Bently Nevada, Emerson, Honeywell, JTEKT, Motorola, Omron, Phoenix Contact, Siemens, and Yokogawa. "Exploiting these

  • Researchers Uncover Ways to Break the Encryption of 'MEGA' Cloud Storage Service
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on June 22, 2022 at 3:05 pm

    A new piece of research from academics at ETH Zurich has identified a number of critical security issues in the MEGA cloud storage service that could be leveraged to break the confidentiality and integrity of user data. In a paper titled "MEGA: Malleable Encryption Goes Awry," the researchers point out how MEGA's system does not protect its users against a malicious server, thereby enabling a

  • Newly Discovered Magecart Infrastructure Reveals the Scale of Ongoing Campaign
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on June 22, 2022 at 10:08 am

    A newly discovered Magecart skimming campaign has its roots in a previous attack activity going all the way back to November 2021. To that end, it has come to light that two malware domains identified as hosting credit card skimmer code — "scanalytic[.]org" and "js.staticounter[.]net" — are part of a broader infrastructure used to carry out the intrusions, Malwarebytes said in a Tuesday analysis

  • RIG Exploit Kit Now Infects Victims' PCs With Dridex Instead of Raccoon Stealer
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on June 22, 2022 at 5:41 am

    The operators behind the Rig Exploit Kit have swapped the Raccoon Stealer malware for the Dridex financial trojan as part of an ongoing campaign that commenced in January 2022. The switch in modus operandi, spotted by Romanian company Bitdefender, comes in the wake of Raccoon Stealer temporarily closing the project after one of its team members responsible for critical operations passed away in

  • Former Amazon Employee Found Guilty in 2019 Capital One Data Breach
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on June 21, 2022 at 1:05 pm

    A 36-year-old former Amazon employee was convicted of wire fraud and computer intrusions in the U.S. for her role in the theft of personal data of no fewer than 100 million people in the 2019 Capital One breach. Paige Thompson, who operated under the online alias "erratic" and worked for the tech giant till 2016, was found guilty of wire fraud, five counts of unauthorized access to a protected

  • Mitigate Ransomware in a Remote-First World
    by noreply@blogger.com (The Hacker News) (The Hacker News) on June 21, 2022 at 11:34 am

    Ransomware has been a thorn in the side of cybersecurity teams for years. With the move to remote and hybrid work, this insidious threat has become even more of a challenge for organizations everywhere. 2021 was a case study in ransomware due to the wide variety of attacks, significant financial and economic impact, and diverse ways that organizations responded. These attacks should be seen as a

  • New NTLM Relay Attack Lets Attackers Take Control Over Windows Domain
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on June 21, 2022 at 9:05 am

    A new kind of Windows NTLM relay attack dubbed DFSCoerce has been uncovered that leverages the Distributed File System (DFS): Namespace Management Protocol (MS-DFSNM) to seize control of a domain. "Spooler service disabled, RPC filters installed to prevent PetitPotam and File Server VSS Agent Service not installed but you still want to relay [Domain Controller authentication to [Active Directory

  • Google Researchers Detail 5-Year-Old Apple Safari Vulnerability Exploited in the Wild
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on June 21, 2022 at 6:18 am

    A security flaw in Apple Safari that was exploited in the wild earlier this year was originally fixed in 2013 and reintroduced in December 2016, according to a new report from Google Project Zero. The issue, tracked as CVE-2022-22620 (CVSS score: 8.8), concerns a case of a use-after-free vulnerability in the WebKit component that could be exploited by a piece of specially crafted web content to

  • Do You Have Ransomware Insurance? Look at the Fine Print
    by noreply@blogger.com (The Hacker News) (The Hacker News) on June 20, 2022 at 1:34 pm

    Insurance exists to protect the insured party against catastrophe, but the insurer needs protection so that its policies are not abused – and that's where the fine print comes in. However, in the case of ransomware insurance, the fine print is becoming contentious and arguably undermining the usefulness of ransomware insurance. In this article, we'll outline why, particularly given the current

  • BRATA Android Malware Gains Advanced Mobile Threat Capabilities
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on June 20, 2022 at 6:18 am

    The operators behind BRATA have once again added more capabilities to the Android mobile malware in an attempt to make their attacks against financial apps more stealthy. "In fact, the modus operandi now fits into an Advanced Persistent Threat (APT) activity pattern," Italian cybersecurity firm Cleafy said in a report last week. "This term is used to describe an attack campaign in which

  • Over a Dozen Flaws Found in Siemens' Industrial Network Management System
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on June 20, 2022 at 5:11 am

    Cybersecurity researchers have disclosed details about 15 security flaws in Siemens SINEC network management system (NMS), some of which could be chained by an attacker to achieve remote code execution on affected systems. "The vulnerabilities, if exploited, pose a number of risks to Siemens devices on the network including denial-of-service attacks, credential leaks, and remote code execution

Big Data and Data Analytics 101 – Top 50 AWS Certified Data Analytics – Specialty Questions and Answers Dumps

AWS Certified Security – Specialty Questions and Answers Dumps

In this blog, we talk about big data and data analytics; we also give you the last updated top 50 AWS Certified Data Analytics – Specialty Questions and Answers Dumps

The AWS Certified Data Analytics – Specialty (DAS-C01) examination is intended for individuals who perform in a data analytics-focused role. This exam validates an examinee’s comprehensive understanding of using AWS services to design, build, secure, and maintain analytics solutions that provide insight from data.

The AWS Certified Data Analytics – Specialty (DAS-C01) covers the following domains:

Domain 1: Collection 18%

Domain 2: Storage and Data Management 22%

2022 AWS Cloud Practitioner Exam Preparation

Domain 3: Processing 24%

Domain 4: Analysis and Visualization 18%

Domain 5: Security 18%

data analytics specialty
data analytics specialty

Below are the Top 20 AWS Certified Data Analytics – Specialty Questions and Answers Dumps and References

Top 100 Data Science and Data Analytics Interview Questions and Answers

[appbox appstore 1604021741-iphone screenshots]
[appbox googleplay com.dataanalyticsexamprep.app]
[appbox microsoftstore 9NWSDDCMCF6X-mobile screenshots]
 

Question1: What combination of services do you need for the following requirements: accelerate petabyte-scale data transfers, load streaming data, and the ability to create scalable, private connections. Select the correct answer order.

A) Snowball, Kinesis Firehose, Direct Connect

B) Data Migration Services, Kinesis Firehose, Direct Connect

C) Snowball, Data Migration Services, Direct Connect


Save 65% on select product(s) with promo code 65ZDS44X on Amazon.com

D) Snowball, Direct Connection, Kinesis Firehose

ANSWER1:

A

Notes/Hint1:

AWS has many options to help get data into the cloud, including secure devices like AWS Import/Export Snowball to accelerate petabyte-scale data transfers, Amazon Kinesis Firehose to load streaming data, and scalable private connections through AWS Direct Connect.

Reference1: Big Data Analytics Options 

 

ANSWER2:

C

Notes/Hint2:

Reference1: Relationalize PySpark

 

Question 3: There is a five-day car rally race across Europe. The race coordinators are using a Kinesis stream and IoT sensors to monitor the movement of the cars. Each car has a sensor and data is getting back to the stream with the default stream settings. On the last day of the rally, data is sent to S3. When you go to interpret the data in S3, there is only data for the last day and nothing for the first 4 days. Which of the following is the most probable cause of this?

A) You did not have versioning enabled and would need to create individual buckets to prevent the data from being overwritten.

B) Data records are only accessible for a default of 24 hours from the time they are added to a stream.


C) One of the sensors failed, so there was no data to record.

D) You needed to use EMR to send the data to S3; Kinesis Streams are only compatible with DynamoDB.

ANSWER3:

B

Notes/Hint3: 

Streams support changes to the data record retention period of your stream. An Amazon Kinesis stream is an ordered sequence of data records, meant to be written to and read from in real-time. Data records are therefore stored in shards in your stream temporarily. The period from when a record is added to when it is no longer accessible is called the retention period. An Amazon Kinesis stream stores records for 24 hours by default, up to 168 hours.

Reference3: Kinesis Extended Reading

 

 

Question 4:  A publisher website captures user activity and sends clickstream data to Amazon Kinesis Data Streams. The publisher wants to design a cost-effective solution to process the data to create a timeline of user activity within a session. The solution must be able to scale depending on the number of active sessions.
Which solution meets these requirements?

A) Include a variable in the clickstream data from the publisher website to maintain a counter for the number of active user sessions. Use a timestamp for the partition key for the stream. Configure the consumer application to read the data from the stream and change the number of processor threads based upon the counter. Deploy the consumer application on Amazon EC2 instances in an EC2 Auto Scaling group.

B) Include a variable in the clickstream to maintain a counter for each user action during their session. Use the action type as the partition key for the stream. Use the Kinesis Client Library (KCL) in the consumer application to retrieve the data from the stream and perform the processing. Configure the consumer application to read the data from the stream and change the number of processor threads based upon the
counter. Deploy the consumer application on AWS Lambda.

C) Include a session identifier in the clickstream data from the publisher website and use as the partition key for the stream. Use the Kinesis Client Library (KCL) in the consumer application to retrieve the data from the stream and perform the processing. Deploy the consumer application on Amazon EC2 instances in an
EC2 Auto Scaling group. Use an AWS Lambda function to reshard the stream based upon Amazon CloudWatch alarms.

D) Include a variable in the clickstream data from the publisher website to maintain a counter for the number of active user sessions. Use a timestamp for the partition key for the stream. Configure the consumer application to read the data from the stream and change the number of processor threads based upon the counter. Deploy the consumer application on AWS Lambda.

ANSWER4:

C

Notes/Hint4: 

Partitioning by the session ID will allow a single processor to process all the actions for a user session in order. An AWS Lambda function can call the UpdateShardCount API action to change the number of shards in the stream. The KCL will automatically manage the number of processors to match the number of shards. Amazon EC2 Auto Scaling will assure the correct number of instances are running to meet the processing load.

Reference4: UpdateShardCount API

 

Question 5: Your company has two batch processing applications that consume financial data about the day’s stock transactions. Each transaction needs to be stored durably and guarantee that a record of each application is delivered so the audit and billing batch processing applications can process the data. However, the two applications run separately and several hours apart and need access to the same transaction information. After reviewing the transaction information for the day, the information no longer needs to be stored. What is the best way to architect this application?

A) Use SQS for storing the transaction messages; when the billing batch process performs first and consumes the message, write the code in a way that does not remove the message after consumed, so it is available for the audit application several hours later. The audit application can consume the SQS message and remove it from the queue when completed.

B)  Use Kinesis to store the transaction information. The billing application will consume data from the stream and the audit application can consume the same data several hours later.

C) Store the transaction information in a DynamoDB table. The billing application can read the rows while the audit application will read the rows then remove the data.

D) Use SQS for storing the transaction messages. When the billing batch process consumes each message, have the application create an identical message and place it in a different SQS for the audit application to use several hours later.

SQS would make this more difficult because the data does not need to persist after a full day.

ANSWER5:

B

Notes/Hint5: 

Kinesis appears to be the best solution that allows multiple consumers to easily interact with the records.

Reference5: Amazon Kinesis

Get mobile friendly version of the quiz @ the App Store

[appbox appstore 1604021741-iphone screenshots]
[appbox googleplay com.dataanalyticsexamprep.app]
[appbox microsoftstore 9NWSDDCMCF6X-mobile screenshots]

Question 6: A company is currently using Amazon DynamoDB as the database for a user support application. The company is developing a new version of the application that will store a PDF file for each support case ranging in size from 1–10 MB. The file should be retrievable whenever the case is accessed in the application.
How can the company store the file in the MOST cost-effective manner?

A) Store the file in Amazon DocumentDB and the document ID as an attribute in the DynamoDB table.

B) Store the file in Amazon S3 and the object key as an attribute in the DynamoDB table.

C) Split the file into smaller parts and store the parts as multiple items in a separate DynamoDB table.

D) Store the file as an attribute in the DynamoDB table using Base64 encoding.

ANSWER6:

B

Notes/Hint6: 

Use Amazon S3 to store large attribute values that cannot fit in an Amazon DynamoDB item. Store each file as an object in Amazon S3 and then store the object path in the DynamoDB item.

Reference6: S3 Storage Cost –  DynamODB Storage Cost

[appbox googleplay com.dataanalytics.app]
[appbox microsoftstore 9NWSDDCMCF6X-mobile screenshots]
 

Question 7: Your client has a web app that emits multiple events to Amazon Kinesis Streams for reporting purposes. Critical events need to be immediately captured before processing can continue, but informational events do not need to delay processing. What solution should your client use to record these types of events without unnecessarily slowing the application?

A) Log all events using the Kinesis Producer Library.

B) Log critical events using the Kinesis Producer Library, and log informational events using the PutRecords API method.

C) Log critical events using the PutRecords API method, and log informational events using the Kinesis Producer Library.

D) Log all events using the PutRecords API method.

ANSWER2:

C

Notes/Hint7: 

The PutRecords API can be used in code to be synchronous; it will wait for the API request to complete before the application continues. This means you can use it when you need to wait for the critical events to finish logging before continuing. The Kinesis Producer Library is asynchronous and can send many messages without needing to slow down your application. This makes the KPL ideal for the sending of many non-critical alerts asynchronously.

Reference7: PutRecords API

 

Question 8: You work for a start-up that tracks commercial delivery trucks via GPS. You receive coordinates that are transmitted from each delivery truck once every 6 seconds. You need to process these coordinates in near real-time from multiple sources and load them into Elasticsearch without significant technical overhead to maintain. Which tool should you use to digest the data?

A) Amazon SQS

B) Amazon EMR

C) AWS Data Pipeline

D) Amazon Kinesis Firehose

ANSWER8:

D

Notes/Hint8: 

Amazon Kinesis Firehose is the easiest way to load streaming data into AWS. It can capture, transform, and load streaming data into Amazon S3, Amazon Redshift, and Amazon Elasticsearch Service, enabling near real-time analytics with existing business intelligence tools and dashboards.

Reference8: Amazon Kinesis Firehose

 

Question 9: A company needs to implement a near-real-time fraud prevention feature for its ecommerce site. User and order details need to be delivered to an Amazon SageMaker endpoint to flag suspected fraud. The amount of input data needed for the inference could be as much as 1.5 MB.
Which solution meets the requirements with the LOWEST overall latency?

A) Create an Amazon Managed Streaming for Kafka cluster and ingest the data for each order into a topic. Use a Kafka consumer running on Amazon EC2 instances to read these messages and invoke the Amazon SageMaker endpoint.

B) Create an Amazon Kinesis Data Streams stream and ingest the data for each order into the stream. Create an AWS Lambda function to read these messages and invoke the Amazon SageMaker endpoint.

C) Create an Amazon Kinesis Data Firehose delivery stream and ingest the data for each order into the stream. Configure Kinesis Data Firehose to deliver the data to an Amazon S3 bucket. Trigger an AWS Lambda function with an S3 event notification to read the data and invoke the Amazon SageMaker endpoint.

D) Create an Amazon SNS topic and publish the data for each order to the topic. Subscribe the Amazon SageMaker endpoint to the SNS topic.


ANSWER9:

A

Notes/Hint9: 

An Amazon Managed Streaming for Kafka cluster can be used to deliver the messages with very low latency. It has a configurable message size that can handle the 1.5 MB payload.

Reference9: Amazon Managed Streaming for Kafka cluster

 

Question 10: You need to filter and transform incoming messages coming from a smart sensor you have connected with AWS. Once messages are received, you need to store them as time series data in DynamoDB. Which AWS service can you use?

A) IoT Device Shadow Service

B) Redshift

C) Kinesis

D) IoT Rules Engine

ANSWER10:

D

Notes/Hint10: 

The IoT rules engine will allow you to send sensor data over to AWS services like DynamoDB

Reference10: The IoT rules engine

Get mobile friendly version of the quiz @ the App Store

Question 11: A media company is migrating its on-premises legacy Hadoop cluster with its associated data processing scripts and workflow to an Amazon EMR environment running the latest Hadoop release. The developers want to reuse the Java code that was written for data processing jobs for the on-premises cluster.
Which approach meets these requirements?

A) Deploy the existing Oracle Java Archive as a custom bootstrap action and run the job on the EMR cluster.

B) Compile the Java program for the desired Hadoop version and run it using a CUSTOM_JAR step on the EMR cluster.

C) Submit the Java program as an Apache Hive or Apache Spark step for the EMR cluster.

D) Use SSH to connect the master node of the EMR cluster and submit the Java program using the AWS CLI.


ANSWER11:

B

Notes/Hint11: 

A CUSTOM JAR step can be configured to download a JAR file from an Amazon S3 bucket and execute it. Since the Hadoop versions are different, the Java application has to be recompiled.

Reference11:  Automating analytics workflows on EMR

Question 12: You currently have databases running on-site and in another data center off-site. What service allows you to consolidate to one database in Amazon?

A) AWS Kinesis

B) AWS Database Migration Service

C) AWS Data Pipeline

D) AWS RDS Aurora

ANSWER12:

B

Notes/Hint12: 

AWS Database Migration Service can migrate your data to and from most of the widely used commercial and open source databases. It supports homogeneous migrations such as Oracle to Oracle, as well as heterogeneous migrations between different database platforms, such as Oracle to Amazon Aurora. Migrations can be from on-premises databases to Amazon RDS or Amazon EC2, databases running on EC2 to RDS, or vice versa, as well as from one RDS database to another RDS database.

Reference12: DMS

 

 

Question 13:  An online retail company wants to perform analytics on data in large Amazon S3 objects using Amazon EMR. An Apache Spark job repeatedly queries the same data to populate an analytics dashboard. The analytics team wants to minimize the time to load the data and create the dashboard.
Which approaches could improve the performance? (Select TWO.)
A) Copy the source data into Amazon Redshift and rewrite the Apache Spark code to create analytical reports by querying Amazon Redshift.

B) Copy the source data from Amazon S3 into Hadoop Distributed File System (HDFS) using s3distcp.

C) Load the data into Spark DataFrames.

D) Stream the data into Amazon Kinesis and use the Kinesis Connector Library (KCL) in multiple Spark jobs to perform analytical jobs.

E) Use Amazon S3 Select to retrieve the data necessary for the dashboards from the S3 objects.

ANSWER13:

C and E

Notes/Hint13: 

One of the speed advantages of Apache Spark comes from loading data into immutable dataframes, which can be accessed repeatedly in memory. Spark DataFrames organizes distributed data into columns. This makes summaries and aggregates much quicker to calculate. Also, instead of loading an entire large Amazon S3 object, load only what is needed using Amazon S3 Select. Keeping the data in Amazon S3 avoids loading the large dataset into HDFS.

Reference13: Spark DataFrames 

 

Question 14: You have been hired as a consultant to provide a solution to integrate a client’s on-premises data center to AWS. The customer requires a 300 Mbps dedicated, private connection to their VPC. Which AWS tool do you need?

A) VPC peering

B) Data Pipeline

C) Direct Connect

D) EMR

ANSWER14:

C

Notes/Hint14: 

Direct Connect will provide a dedicated and private connection to an AWS VPC.

Reference14: Direct Connect

 

Question 15: Your organization has a variety of different services deployed on EC2 and needs to efficiently send application logs over to a central system for processing and analysis. They’ve determined it is best to use a managed AWS service to transfer their data from the EC2 instances into Amazon S3 and they’ve decided to use a solution that will do what?

A) Installs the AWS Direct Connect client on all EC2 instances and uses it to stream the data directly to S3.

B) Leverages the Kinesis Agent to send data to Kinesis Data Streams and output that data in S3.

C) Ingests the data directly from S3 by configuring regular Amazon Snowball transactions.

D) Leverages the Kinesis Agent to send data to Kinesis Firehose and output that data in S3.

ANSWER15:

D

Notes/Hint15: 

Kinesis Firehose is a managed solution, and log files can be sent from EC2 to Firehose to S3 using the Kinesis agent.

Reference15: Kinesis Firehose

 

Question 16: A data engineer needs to create a dashboard to display social media trends during the last hour of a large company event. The dashboard needs to display the associated metrics with a latency of less than 1 minute.
Which solution meets these requirements?

A) Publish the raw social media data to an Amazon Kinesis Data Firehose delivery stream. Use Kinesis Data Analytics for SQL Applications to perform a sliding window analysis to compute the metrics and output the results to a Kinesis Data Streams data stream. Configure an AWS Lambda function to save the stream data to an Amazon DynamoDB table. Deploy a real-time dashboard hosted in an Amazon S3 bucket to read and display the metrics data stored in the DynamoDB table.

B) Publish the raw social media data to an Amazon Kinesis Data Firehose delivery stream. Configure the stream to deliver the data to an Amazon Elasticsearch Service cluster with a buffer interval of 0 seconds. Use Kibana to perform the analysis and display the results.

C) Publish the raw social media data to an Amazon Kinesis Data Streams data stream. Configure an AWS Lambda function to compute the metrics on the stream data and save the results in an Amazon S3 bucket. Configure a dashboard in Amazon QuickSight to query the data using Amazon Athena and display the results.

D) Publish the raw social media data to an Amazon SNS topic. Subscribe an Amazon SQS queue to the topic. Configure Amazon EC2 instances as workers to poll the queue, compute the metrics, and save the results to an Amazon Aurora MySQL database. Configure a dashboard in Amazon QuickSight to query the data in Aurora and display the results.


ANSWER16:

A

Notes/Hint16: 

Amazon Kinesis Data Analytics can query data in a Kinesis Data Firehose delivery stream in near-real time using SQL. A sliding window analysis is appropriate for determining trends in the stream. Amazon S3 can host a static webpage that includes JavaScript that reads the data in Amazon DynamoDB and refreshes the dashboard.

Reference16: Amazon Kinesis Data Analytics can query data in a Kinesis Data Firehose delivery stream in near-real time using SQL

 

Question 17: A real estate company is receiving new property listing data from its agents through .csv files every day and storing these files in Amazon S3. The data analytics team created an Amazon QuickSight visualization report that uses a dataset imported from the S3 files. The data analytics team wants the visualization report to reflect the current data up to the previous day. How can a data analyst meet these requirements?

A) Schedule an AWS Lambda function to drop and re-create the dataset daily.

B) Configure the visualization to query the data in Amazon S3 directly without loading the data into SPICE.

C) Schedule the dataset to refresh daily.

D) Close and open the Amazon QuickSight visualization.

ANSWER17:

B

Notes/Hint17:

Datasets created using Amazon S3 as the data source are automatically imported into SPICE. The Amazon QuickSight console allows for the refresh of SPICE data on a schedule.

Reference17: Amazon QuickSight and SPICE

 

Question 18: You need to migrate data to AWS. It is estimated that the data transfer will take over a month via the current AWS Direct Connect connection your company has set up. Which AWS tool should you use?

A) Establish additional Direct Connect connections.

B) Use Data Pipeline to migrate the data in bulk to S3.

C) Use Kinesis Firehose to stream all new and existing data into S3.

D) Snowball

ANSWER18:

D

Notes/Hint18:

As a general rule, if it takes more than one week to upload your data to AWS using the spare capacity of your existing Internet connection, then you should consider using Snowball. For example, if you have a 100 Mb connection that you can solely dedicate to transferring your data and need to transfer 100 TB of data, it takes more than 100 days to complete a data transfer over that connection. You can make the same transfer by using multiple Snowballs in about a week.

Reference18: Snowball

 

Question 19: You currently have an on-premises Oracle database and have decided to leverage AWS and use Aurora. You need to do this as quickly as possible. How do you achieve this?

A) It is not possible to migrate an on-premises database to AWS at this time.

B) Use AWS Data Pipeline to create a target database, migrate the database schema, set up the data replication process, initiate the full load and a subsequent change data capture and apply, and conclude with a switchover of your production environment to the new database once the target database is caught up with the source database.

C) Use AWS Database Migration Services and create a target database, migrate the database schema, set up the data replication process, initiate the full load and a subsequent change data capture and apply, and conclude with a switch-over of your production environment to the new database once the target database is caught up with the source database.

D) Use AWS Glue to crawl the on-premises database schemas and then migrate them into AWS with Data Pipeline jobs.

https://aws.amazon.com/dms/faqs/

ANSWER2:

C

Notes/Hint19: 

DMS can efficiently support this sort of migration using the steps outlined. While AWS Glue can help you crawl schemas and store metadata on them inside of Glue for later use, it isn’t the best tool for actually transitioning a database over to AWS itself. Similarly, while Data Pipeline is great for ETL and ELT jobs, it isn’t the best option to migrate a database over to AWS.

Reference19: DMS

 

Question 20: A financial company uses Amazon EMR for its analytics workloads. During the company’s annual security audit, the security team determined that none of the EMR clusters’ root volumes are encrypted. The security team recommends the company encrypt its EMR clusters’ root volume as soon as possible.
Which solution would meet these requirements?

A) Enable at-rest encryption for EMR File System (EMRFS) data in Amazon S3 in a security configuration. Re-create the cluster using the newly created security configuration.

B) Specify local disk encryption in a security configuration. Re-create the cluster using the newly created security configuration.

C) Detach the Amazon EBS volumes from the master node. Encrypt the EBS volume and attach it back to the master node.

D) Re-create the EMR cluster with LZO encryption enabled on all volumes.

ANSWER20:

B

Notes/Hint20: 

Local disk encryption can be enabled as part of a security configuration to encrypt root and storage volumes.

Reference20: EMR Cluster Local disk encryption

Question 21: A company has a clickstream analytics solution using Amazon Elasticsearch Service. The solution ingests 2 TB of data from Amazon Kinesis Data Firehose and stores the latest data collected within 24 hours in an Amazon ES cluster. The cluster is running on a single index that has 12 data nodes and 3 dedicated master nodes. The cluster is configured with 3,000 shards and each node has 3 TB of EBS storage attached. The Data Analyst noticed that the query performance of Elasticsearch is sluggish, and some intermittent errors are produced by the Kinesis Data Firehose when it tries to write to the index. Upon further investigation, there were occasional JVMMemoryPressure errors found in Amazon ES logs.

What should be done to improve the performance of the Amazon Elasticsearch Service cluster?

A) Improve the cluster performance by increasing the number of master nodes of Amazon Elasticsearch.
 
B) Improve the cluster performance by increasing the number of shards of the Amazon Elasticsearch index.
       
C) Improve the cluster performance by decreasing the number of data nodes of Amazon Elasticsearch.
 
D) Improve the cluster performance by decreasing the number of shards of the Amazon Elasticsearch index.
 
ANSWER21:
D
 
Notes/Hint21:
“Amazon Elasticsearch Service (Amazon ES) is a managed service that makes it easy to deploy, operate, and scale Elasticsearch clusters in AWS Cloud. Elasticsearch is a popular open-source search and analytics engine for use cases such as log analytics, real-time application monitoring, and clickstream analysis. With Amazon ES, you get direct access to the Elasticsearch APIs; existing code and applications work seamlessly with the service.
 
Each Elasticsearch index is split into some number of shards. You should decide the shard count before indexing your first document. The overarching goal of choosing a number of shards is to distribute an index evenly across all data nodes in the cluster. However, these shards shouldn’t be too large or too numerous.
 
A good rule of thumb is to try to keep a shard size between 10 – 50 GiB. Large shards can make it difficult for Elasticsearch to recover from failure, but because each shard uses some amount of CPU and memory, having too many small shards can cause performance issues and out of memory errors. In other words, shards should be small enough that the underlying Amazon ES instance can handle them, but not so small that they place needless strain on the hardware. Therefore the correct answer is: Improve the cluster performance by decreasing the number of shards of Amazon Elasticsearch index.
 
Reference:  ElasticsSearch
 

Djamga Data Sciences Big Data – Data Analytics Youtube Playlist

2- Prepare for Your AWS Certification Exam

3- LinuxAcademy

Big Data – Data Analytics Jobs:

 

Big Data – Data Analytics – Data Sciences Latest News:

DATA ANALYTICS Q&A: