What are the Top 10 AWS jobs you can get with an AWS certification in 2022 plus AWS Interview Questions

AWS Certified Cloud Practitioner Exam Preparation

You can translate the content of this page by selecting a language in the select box.

What are the Top 10 AWS jobs you can get with an AWS certification in 2022 plus AWS Interview Questions

AWS certifications are becoming increasingly popular as the demand for AWS-skilled workers continues to grow. AWS certifications show that an individual has the necessary skills to work with AWS technologies, which can be beneficial for both job seekers and employers. AWS-certified individuals can often command higher salaries and are more likely to be hired for AWS-related positions. So, what are the top 10 AWS jobs that you can get with an AWS certification?

1. AWS Solutions Architect / Cloud Architect:

AWS solutions architects are responsible for designing, implementing, and managing AWS solutions. They work closely with other teams to ensure that AWS solutions are designed and implemented correctly.

AWS Architects, AWS Cloud Architects, and AWS solutions architects spend their time architecting, building, and maintaining highly available, cost-efficient, and scalable AWS cloud environments. They also make recommendations regarding AWS toolsets and keep up with the latest in cloud computing.

Professional AWS cloud architects deliver technical architectures and lead implementation efforts, ensuring new technologies are successfully integrated into customer environments. This role works directly with customers and engineers, providing both technical leadership and an interface with client-side stakeholders.

What are the Top 10 AWS jobs you can get with an AWS certification in 2022 plus AWS Interview Questions
AWS SAA-C02 SAA-C03 Exam Prep

Average yearly salary: $148,000-$158,000 USD

2. AWS SysOps Administrator / Cloud System Administrators:

AWS sysops administrators are responsible for managing and operating AWS systems. They work closely with AWS developers to ensure that systems are running smoothly and efficiently.

A Cloud Systems Administrator, or AWS SysOps administrator, is responsible for the effective provisioning, installation/configuration, operation, and maintenance of virtual systems, software, and related infrastructures. They also maintain analytics software and build dashboards for reporting.

Average yearly salary: $97,000-$107,000 USD

3. AWS DevOps Engineer:

AWS devops engineers are responsible for designing and implementing automated processes for Amazon Web Services. They work closely with other teams to ensure that processes are efficient and effective.

AWS DevOps engineers design AWS cloud solutions that impact and improve the business. They also perform server maintenance and implement any debugging or patching that may be necessary. Among other DevOps things!

Average yearly salary: $118,000-$138,000 USD

What are the Top 10 AWS jobs you can get with an AWS certification in 2022 plus AWS Interview Questions
AWS Developer Associate DVA-C01 Exam Prep

4. AWS Cloud Engineer:

AWS cloud engineers are responsible for designing, implementing, and managing cloud-based solutions using AWS technologies. They work closely with other teams to ensure that solutions are designed and implemented correctly.

If you are looking for an all-in-one solution to help you prepare for the AWS Cloud Practitioner Certification Exam, look no further than this AWS Cloud Practitioner CCP CLFC01 book below.


5. AWS Network Engineer:

AWS network engineers are responsible for designing, implementing, and managing networking solutions using AWS technologies. They work closely with other teams to ensure that networking solutions are designed and implemented correctly.

Cloud network specialists, engineers, and architects help organizations successfully design, build, and maintain cloud-native and hybrid networking infrastructures, including integrating existing networks with AWS cloud resources.

Invest in your future today by enrolling in this Azure Fundamentals - Microsoft Azure Certification and Training ebook below. This Azure Fundamentals Exam Prep Book will prepare you for the Azure Fundamentals AZ900 Certification Exam.


Average yearly salary: $107,000-$127,000 USD

6. AWS Security Engineer:

AWS security engineers are responsible for ensuring the security of Amazon Web Services environments. They work closely with other teams to identify security risks and implement controls to mitigate those risks.

Cloud security engineers provide security for AWS systems, protect sensitive and confidential data, and ensure regulatory compliance by designing and implementing security controls according to the latest security best practices.

Average yearly salary: $132,000-$152,000 USD

What are the Top 10 AWS jobs you can get with an AWS certification in 2022 plus AWS Interview Questions
AWS Certified Security Specialty

7. AWS Database administrator:

As a database administrator on Amazon Web Services (AWS), you’ll be responsible for setting up, maintaining, and securing databases hosted on the Amazon cloud platform. You’ll work closely with other teams to ensure that databases are properly configured and secured.

8. Cloud Support Engineer:

Support engineers are responsible for providing technical support to AWS customers. They work closely with customers to troubleshoot problems and provide resolution within agreed upon SLAs.

9. Sales Engineer:

Sales engineers are responsible for working with sales teams to generate new business opportunities through the use of AWS products and services .They must have a deep understanding of AWS products and how they can be used by potential customers to solve their business problems .

10. Cloud Developer

An AWS Developer builds software services and enterprise-level applications. Generally, previous experience working as a software developer and a working knowledge of the most common cloud orchestration tools is required to get and succeed at an AWS cloud developer job

Average yearly salary: $132,000 USD

11. Cloud Consultant

Cloud consultants provide organizations with technical expertise and strategy in designing and deploying AWS cloud solutions or in consulting on specific issues such as performance, security, or data migration.

With average increases in salary of over 25% for certified individuals, you’re going to be in a much better position to secure your dream job or promotion if you earn your AWS Certified Solutions Architect Associate our Cloud Practitioner certification. Get the books below to for real practice exams:

Use the promo codes: W6XM9XP4TWN9 or T6K9P4J9JPPR or 9LWMYKJ7TWPN or TN4NTERJYHY4 for AWS CCP eBook at Apple iBook store.


Use Promo Codes XKPHAATA6LRL 4XJRP9XLT9XL or LTFFY6JA33EL or HKRMTMTHFMAM or 4XHAFTWT4FN6 for AWS SAA-C03 eBook at Apple iBook store



Use Promo Codes EF46PT44LXPN or L6L9R9LKEFFR or TWELPA4JFJWM for Azure Fundamentals eBook at Apple iBook store.

Average yearly salary: $104,000-$124,000

12. Cloud Data Architect

Cloud data architects and data engineers may be cloud database administrators or data analytics professionals who know how to leverage AWS database resources, technologies, and services to unlock the value of enterprise data.

Average yearly salary: $130,000-$140,000 USD

What are the Top 10 AWS jobs you can get with an AWS certification in 2022 plus AWS Interview Questions
AWS Data analytics DAS-C01 Exam Prep

Getting a job after getting an AWS certification

The field of cloud computing will continue to grow and even more different types of jobs will surface in the future.

AWS certified professionals are in high demand across a variety of industries. AWS certs can open the door to a number of AWS jobs, including cloud engineer, solutions architect, and DevOps engineer.


We know you like your hobbies and especially coding, We do too, but you should find time to build the skills that’ll drive your career into Six Figures. Cloud skills and certifications can be just the thing you need to make the move into cloud or to level up and advance your career. 85% of hiring managers say cloud certifications make a candidate more attractive. Start your cloud journey with these excellent books below:

Through studying and practice, any of the listed jobs could becoming available to you if you pass your AWS certification exams. Educating yourself on AWS concepts plays a key role in furthering your career and receiving not only a higher salary, but a more engaging position.

Source: 8 AWS jobs you can get with an AWS certification

AWS Tech Jobs  Interview Questions in 2022

Graphs

1) Process Ordering – LeetCode link…

2) Number of Islands – LeetCode link…

3) k Jumps on Grid – Loading…)

Sort

1) Finding Prefix in Dictionary – LeetCode Link…

Tree

1) Binary Tree Top Down View – LeetCode link…

2) Traversing binary tree in an outward manner.

3) Diameter of a binary tree [Path is needed] – Diameter of a Binary Tree – GeeksforGeeks

Sliding window

1) Contains Duplicates III – LeetCode link…

2) Minimum Window Substring [Variation of this question] – LeetCode link..

Linked List

1) Reverse a Linked List II – LeetCode link…

2) Remove Loop From Linked List – Remove Loop in Linked List

3) Reverse a Linked List in k-groups – LeetCode link…

Binary Search

1) Search In rotate sorted Array – LeetCode link…

Solution:

def pivotedBinarySearch(arr, n, key):
 
    pivot = findPivot(arr, 0, n-1)
 
    # If we didn't find a pivot,
    # then array is not rotated at all
    if pivot == -1:
        return binarySearch(arr, 0, n-1, key)
 
    # If we found a pivot, then first
    # compare with pivot and then
    # search in two subarrays around pivot
    if arr[pivot] == key:
        return pivot
    if arr[0] <= key:
        return binarySearch(arr, 0, pivot-1, key)
    return binarySearch(arr, pivot + 1, n-1, key)
 
 
# Function to get pivot. For array
# 3, 4, 5, 6, 1, 2 it returns 3
# (index of 6)
def findPivot(arr, low, high):
 
    # base cases
    if high < low:
        return -1
    if high == low:
        return low
 
    # low + (high - low)/2;
    mid = int((low + high)/2)
 
    if mid < high and arr[mid] > arr[mid + 1]:
        return mid
    if mid > low and arr[mid] < arr[mid - 1]:
        return (mid-1)
    if arr[low] >= arr[mid]:
        return findPivot(arr, low, mid-1)
    return findPivot(arr, mid + 1, high)
 
# Standard Binary Search function
def binarySearch(arr, low, high, key):
 
    if high < low:
        return -1
 
    # low + (high - low)/2;
    mid = int((low + high)/2)
 
    if key == arr[mid]:
        return mid
    if key > arr[mid]:
        return binarySearch(arr, (mid + 1), high,
                            key)
    return binarySearch(arr, low, (mid - 1), key)
 
# Driver program to check above functions
# Let us search 3 in below array
if __name__ == '__main__':
    arr1 = [5, 6, 7, 8, 9, 10, 1, 2, 3]
    n = len(arr1)
    key = 3
    print("Index of the element is : ", \
          pivotedBinarySearch(arr1, n, key))
 
# This is contributed by Smitha Dinesh Semwal

Arrays

1) Max bandWidth [Priority Queue, Sorting] – Loading…

2) Next permutation – Loading…

3) Largest Rectangle in Histogram – Loading…

Content by – Sandeep Kumar

#AWS #interviews #leetcode #questions #array #sorting #queue #loop #tree #graphs #amazon #sde —-#interviewpreparation #coding #computerscience #softwareengineer

You can translate the content of this page by selecting a language in the select box.

Do you want to become a Professional DevOps Engineer, a cloud Solutions Architect, a Cloud Engineer or a modern Developer or IT Professional, a versatile Product Manager, a hip Project Manager? Therefore Cloud skills and certifications can be just the thing you need to make the move into cloud or to level up and advance your career.

85% of hiring managers say cloud certifications make a candidate more attractive.

Build the skills that’ll drive your career into six figures.

In this blog, we are going to feed you with AWS Azure and GCP Cloud Certification testimonials and Frequently Asked Questions and Answers Dumps.

#djamgatech #aws #azure #gcp #ccp #az900 #saac02 #saac03 #az104 #azai #dasc01 #mlsc01 #scsc01 #azurefundamentals #awscloudpractitioner #solutionsarchitect #datascience #machinelearning #azuredevops #awsdevops #az305 #ai900


Get it on Apple Books
Get it on Apple Books

  • [Official Azure campaign] Looking to learn Kusto Query Language or brush up on your skills? Check out the Kusto Detective Agency - win prizes and Credly badges, get a free Kusto cluster
    by /u/wittykitty (Microsoft Azure Certifications) on September 30, 2022 at 4:18 pm

    ​ https://reddit.com/link/xs5id9/video/1i6amoazt0r91/player Kusto Detective Agency is launching its next case for any big data detectives! The first case is also live now for anyone to try. Using Azure Data Explorer (Kusto), entrants can use data to solve cases and win prizes. Lots of fun and a great way of sharpening query skills or just learning about Kusto Query Language. You can sign up for a free Kusto cluster there too. detective.kusto.io [Full disclosure] I helped build it - any questions let me know in replies 🙂 submitted by /u/wittykitty [link] [comments]

  • What is the next easiest exam to take?
    by /u/trojanpizza (Microsoft Azure Certifications) on September 30, 2022 at 4:07 pm

    Hi everyone I have done AZ900 DP900 AI900 and SC900. I am just starting out in my career as a software developer but I don't actually use Azure at work. I am on a team that is developing an app and will be doing databases, angular, Java, and testing. A little bit with everyone to learn. So I was wondering what exam would be the next easiest to take as I am unsure where I want to go e.g AI or data or devops or architect etc. Not interested in security though! And as I don't work with azure I would like to know which exam would be easiest for me to do next. Thanks so much! submitted by /u/trojanpizza [link] [comments]

  • Become Azure Cloud Architect
    by /u/tempmailTVB (Microsoft Azure Certifications) on September 30, 2022 at 9:15 am

    Hi. I'm senior/lead .NET software engineer with over 11 years XP. I have the following Azure certifications: AZ-104, AZ-204, AZ-900, DP-900, PL-900. My next exam will be on 5 October 2022 which is the AZ-400 DevOps. I'd like to move to cloud software architect but for the moment, no company accept to give me a chance. I've almost found a company but they finally took someone on-site instead of full remote and I'm living in another region. ​ With the new skills challenge, AZ-305 voucher will be available for free so I'll try to achieve this exam to complete the certification Azure Cloud Architect. After that, could you tell me if it will be easy to find a job as Cloud Architect? My profil for the moment (in French companies) is too closest to developer and they prefer bullshiters who have only 1-2 XP of coding (French mindset managers prefer bullshiters instead of technical profile). How can I sell myself for applications and interviews with my current profile? Thanks submitted by /u/tempmailTVB [link] [comments]

  • SC - 100 Does anyone have any study advice?
    by /u/MySoulLongeth (Microsoft Azure Certifications) on September 30, 2022 at 2:22 am

    Does anyone have any advice? Practice exam links or study material? Thanks! submitted by /u/MySoulLongeth [link] [comments]

  • DP-900 tomorrow
    by /u/HavenHexed (Microsoft Azure Certifications) on September 29, 2022 at 11:45 pm

    I am sitting for the DP-900 tomorrow. Watched the virtual training days to get a free voucher for it. I have been through the modules, watched John Savill's exam cram, and Scott Duffy's course on it. Of course, I am feeling like I am going to fail it but got to give it a shot anyway. I will probably try to go back through Savill's video in the morning again before the exam. Any last minute tips? submitted by /u/HavenHexed [link] [comments]

  • Udemy Course recs?
    by /u/Diumonsu (Microsoft Azure Certifications) on September 29, 2022 at 6:03 pm

    Hello! I was looking into studying for the AZ-900 azure fundamentals certification and was wondering if anyone have a udemy course they would recommend for me to learn from and take notes? Thanks! submitted by /u/Diumonsu [link] [comments]

  • Passed AZ-900, SC-900, AI-900, and DP-900 within 6 weeks!
    by /u/benjamin2112 (Microsoft Azure Certifications) on September 29, 2022 at 3:25 pm

    What an exciting journey. I think AZ-900 is the hardest probably because it is my first Microsoft certification. Afterwards, the others are fair enough. AI-900 is the easiest. I generally used Microsoft Virtual Training Day, Cloud Ready Skills, Measureup and John Savill's videos. Having built a fundamental knowledge of the Cloud, I am planning to do AWS CCP next. Wish me luck! submitted by /u/benjamin2112 [link] [comments]

  • Question/experience re: online exams
    by /u/IT_ISNT101 (Microsoft Azure Certifications) on September 29, 2022 at 2:16 pm

    Hey Everyone, I have a couple of questions that I don't seem to be able to find an answer for but will ask here on the off-chance. Some exams have topology displays (exhibits) that can contain a fair bit of data. I like to be able to draw on paper the highlights so I don't have to keep going back and forth between the exhibits etc and even then scrolling on the exhibits page on a 13" MBP is stressful I find. How do you guys and girls cope with it? I cant even take notes as paper isn't allowed. The only alternative that I can see is going to the test centre but not been to one in three years or so (And also time and cost of getting there). Cheers. submitted by /u/IT_ISNT101 [link] [comments]

  • I'm still having trouble with understanding the Az-104 study guide topics
    by /u/redditacct320 (Microsoft Azure Certifications) on September 29, 2022 at 1:38 pm

    I am still having trouble narrowing down the information to study for each topic on the Az-104. For example, the first topic " Create users and groups". To me this means I should be able to go to the portal and be able to create a user. So all I need to know is the steps Manage > Users > all users > New User > create new users. However after reading what others have said about taking the test there were know questions where you had to use portal or explain the process like this. If I'm inocorrect on what this topic is saying what is it really asking? I also, went to the sample questions and tried to work backwards by getting the answer and finding it in the documentation page they posted. I looked at example 2and found the answer in the documentation they listed(see below). The issue is the documentation page that had the answer had pages and pages of roles. Do we have to memorize all of these roles? I don't think we do but how would we know how many of these to memorize? Also, what about the rest of the sections on the left(least privleged roles, custom role permissions, azure ad service limits, etc. )? Lastly, just knowing what sections in the documentation to find the answer aren't always straight forward. How do you narrow down search for this test and make sure you studying what you need to know and not getting bogged down in unnecessary information? https://preview.redd.it/35sff24uusq91.png?width=1152&format=png&auto=webp&s=7b65c0d7fb8990ca1b5be0f6216c39ec538631e7 submitted by /u/redditacct320 [link] [comments]

  • Google launches new Data Service Datastream
    by /u/Ok_Public9992 (Google Cloud Platform Certification) on September 29, 2022 at 11:07 am

    New Tool for Seamless Replication from Databases to BigQuery https://medium.com/p/88fdef635c48 submitted by /u/Ok_Public9992 [link] [comments]

  • DP 203 Azure Data Engineer Certification - First 20 FREE, Then 50% OFF - Hope it helps!
    by /u/Successful-Aide3077 (Microsoft Azure Certifications) on September 28, 2022 at 9:38 pm

    submitted by /u/Successful-Aide3077 [link] [comments]

  • Using Measure Up test practices to pass AZ-900
    by /u/rwarken (Microsoft Azure Certifications) on September 28, 2022 at 8:12 pm

    Hi. I am currently studying for AZ-900, mostly reading the official Learning Path and watching a few videos of John Savill on youtube. I can understand basically all concepts and most scenarios involving Azure (for AZ-900), but still struggling a bit with scenarios which are asked to know in which tier whatever software fits: "Basic", "Standard", "Premium" etc tiers, some small issues with networking and Azure AD. Meanwhile I am practicing with Measure Up, since the company is a heavy Microsoft products user and have Measure Up available. Usually I am reaching between 60% to 70% of correct answers, scheduling tests between 40 and 50 questions in 40 to 50 minutes. Any thoughts about if that is a good grade to schedule the test and finally go for it? I've heard that Measure Up is harder than the official exam itself. Thanks in advance! submitted by /u/rwarken [link] [comments]

  • Microsoft Ignite | Cloud Skills Challenge
    by /u/Mwangala (Microsoft Azure Certifications) on September 28, 2022 at 6:50 pm

    Microsoft has released the Ignite Cloud Skills Challenge rules and a list of 8 exams eligible for free certification vouchers. https://www.microsoft.com/en-US/cloudskillschallenge/ignite/officialrules/2022?ocid=ignite22_csc_digitalvenue_wwl submitted by /u/Mwangala [link] [comments]

  • Cloud Skills Challenge 2022 [Free voucher opportunity]
    by /u/teriaavibes (Microsoft Azure Certifications) on September 28, 2022 at 6:26 pm

    submitted by /u/teriaavibes [link] [comments]

  • New AWS Power Hour: Specialty Certification starts October 3
    by Lauren Cutlip (AWS Training and Certification Blog) on September 28, 2022 at 3:55 pm

    Join us for six, all-new Twitch training series focused on each of the domain areas corresponding to the specialty-level AWS Certifications, starting October 3 on Mondays and Fridays. And, sign up for our Get AWS Certified: Specialty Challenge and get a 50% off exam voucher.

  • AZ-104 or AZ-204? to get to "Azure Solutions Architect" AZ-305
    by /u/KebabKaBaap (Microsoft Azure Certifications) on September 28, 2022 at 1:03 pm

    Hello all, I am a little confused on this, I am an experienced dotnet dev and have been working on azure for various companies for now. Very much never cared and neglected certs but I found out they are very helpful in many ways. Some of my colleagues are AZ305 certified and I want to be able to at a level playing field with them. I did a bit of research and started my prep for AZ-900 (Fundamentals). However, I am a bit confused on AZ-204, is it a new exam/course or has it always been there? My plan was AZ900 > AZ204 > AZ305. However if I check requirements for AZ305, AZ104 is listed. I am not an admin, nor have taken up any sysadmin/devops admin roles. I managed a lot of azure ci/cd VMs agents etc but not things like creating VPNs etc. Should I even be taking AZ104? Is AZ900 > AZ204 > AZ305 a valid path? Thanks! submitted by /u/KebabKaBaap [link] [comments]

  • Change from Passthrough Auth to Password Hash?
    by /u/Quick_Care_3306 (Microsoft Azure Certifications) on September 28, 2022 at 3:58 am

    Any advice for changing from PTA to PHA? I was going to validate password policies in AD and AAD are the same, set up AD expiration accounts to disable, and ensure deprovisioned AD accounts are blocked in AAD. After that, can you just select the Password Hash Sync tick box in AD sync? Edited for clarity. submitted by /u/Quick_Care_3306 [link] [comments]

  • what to lab? AZ 104 preparation
    by /u/karmaine54 (Microsoft Azure Certifications) on September 27, 2022 at 6:29 pm

    Hello, I am used to working with AWS but have requirement to take AZ104. I have Scott Duffy udemy course. I did the videos for az 900 and now have the az 104 course. Are the videos enough to pass? I have a azure dev account provided by my company. My question is what should I be labbing or how did you determine what to practice labbing? I appreciate any insight you have. submitted by /u/karmaine54 [link] [comments]

  • Failed the AZ-104 with 670!!! I’m so disappointed ☹️
    by /u/zain26- (Microsoft Azure Certifications) on September 27, 2022 at 5:45 pm

    I studied a lot but the questions were completely different from whizlabs and other test drops… If anyone passed and had better advice on where to study please drop a comment submitted by /u/zain26- [link] [comments]

  • New digital courses from AWS Training and Certification in September 2022
    by Training and Certification Blog Editor (AWS Training and Certification Blog) on September 27, 2022 at 4:11 pm

    Learn about new free, digital courses from Amazon Web Services (AWS) Training and Certification released in September 2022. New fundamental-level courses help you learn about threat modeling, AWS Fargate, Amazon Elastic Container Service (Amazon ECS), Amazon Neptune, and Amazon Keyspaces. New intermediate-level courses focus on AWS Cloud Game Development, AWS for Games – Databases, and the AWS Transfer Family.

  • Get a head start with no-cost learning challenges before Next ‘22
    by (Training & Certifications) on September 27, 2022 at 4:00 pm

    Google Cloud Next is just two weeks away, taking place October 11-13. We’re giving developers across the globe the chance to get a head start with no-cost learning opportunities. By registering now for Next ‘22, you’ll get early access to #GoogleClout challenges designed for Next attendees, including the recently announced Google Cloud Fly Cup challenge. Already registered? Then you can dive straight in. Explore the Next ‘22 agenda and navigate to the Developer Zone, the hub for all developer experiences at Next. Check out the latest #GoogleClout challenges with opportunities to win great prizes, take your cloud skills to the next level with the Google Cloud Fly Cup Challenge, then tune in for Google Cloud certification sessions and the Innovators Hive livestream. Flex your #GoogleClout and win the hottest book in cloud Test your cloud knowledge against participants worldwide in the #GoogleClout challenge—a no-cost, 20-minute competition posted each Wednesday. Race the clock to see how fast you can complete the challenge. The faster you go, the higher your score. How it works:Register for Google Cloud NextRace to complete the six challenges in the #GoogleClout game before time runs out on October 13 Share your scores on social media using the #GoogleClout hashtagComplete the six challenges by October 13 to earn a special digital badge, plus an e-copy of Priyanka Vergadia’s bestselling book “Visualizing Google Cloud”.Take your data analytics skills to new heights with Drone League Racing The Google Cloud Fly Cup Challenge is a new three stage developer focused competition to help boost cloud skills and drive innovation into the sport of Drone Racing. Using DRL race data and Google Cloud analytics tools, developers of any skill level will be able to predict race outcomes and provide tips to DRL pilots to help enhance their season performance. Compete for the chance to win an expenses-paid trip to the season finale of the DRL 2022-23 World Championship and be celebrated on stage. Tune in for Innovators Hive broadcast and Google Cloud certification sessions at Next Innovators Hive is broadcasting from Germany, India, Japan and the USA. You’ll hear from Google Cloud executives and engineers about new cloud technologies to help you build more—and to do it better and faster. Or are you looking to invest in your cloud career progression? Choose from the six Google Cloud certification sessions available, whether you’re growing your career in app modernization or data, infrastructure modernization, Workspace administration, or digital transformation. Hear from certified experts about the benefits to pursuing your certification path, the best preparation resources, and unlock exclusive learning offers. Register for Next and subscribe to the playlist. Ready to start your challenge and explore Google Cloud certification? Make sure to register for Next ‘22 and check out the no-cost learning challenges in the Developer Zone today, and create a playlist to join the Google Cloud certification sessions.Related ArticleSign up for the Google Cloud Fly Cup ChallengeLearn more about how to participate in the Google Cloud Fly Cup, brought to you in partnership with The Drone Racing League.Read Article

  • Passed Azure Fundamentals
    by /u/jammy606 (Microsoft Azure Certifications) on September 27, 2022 at 11:14 am

    Hi all, ​ I passed my Azure fundamentals exam a couple of days ago, with a score of 900/1000. Been meaning to take the exam for a few months but I kept putting it off for various reasons. The exam was a lot easier than I thought and easier than the official Microsoft practice exams. Study materials; A Cloud Guru AZ-900 fundamentals course with practice exams Official Microsoft practice exams MS learning path John Savill's AZ-900 study cram, started this a day or two before my exam. (Highly Recommended) https://www.youtube.com/watch?v=tQp1YkB2Tgs&t=4s Will be taking my AZ-104 exam next submitted by /u/jammy606 [link] [comments]

  • Are Database Services really not covered/tested in AZ-900?
    by /u/Charlesssssss7 (Microsoft Azure Certifications) on September 27, 2022 at 4:50 am

    This question serves more to bring me out of disbelief since I'm preparing for the AZ-900 (scheduled next Saturday) and just noticed the functional groups for the exam evaluation (https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE3VwUY) don't seem to cover this category of cloud services. submitted by /u/Charlesssssss7 [link] [comments]

  • What would you advise someone looking to jump into the Azure world?
    by /u/AukeyluX (Microsoft Azure Certifications) on September 26, 2022 at 12:21 pm

    I passed the Az-900 and Az-104 back in 2020 and haven't touched Azure since. I don't work in Azure and would really like to jump into the cloud world soon. I took a gamble with a full time on-prem/on-site job and I hate it. Been working in IT for 10 years now and feel like I've got nothing to show for it. Would love to start working from home full time and helping companies migrate their on-premise environments to the cloud. How would you advise someone to get started? I've forgotten most of what I learnt from Azure 2 years ago, and need to renew my cert soon. I was planning on using MS Learn/ACloudGuru for 2 months to get my knowledge up to speed before the renewal, then use the momentum to plough through a few certs like Az-500 > Az-305 > Az-400 next year. Hoping these certs would then stand me out and use the fresh knowledge to get through some interviews. A lot of places need experience which I don't have, and I can't afford to take a pay cut from my current Infrastructure Engineer position. Would be interested to hear people's opinions. submitted by /u/AukeyluX [link] [comments]

  • Passed AZ-104 with about a 6 weeks prep
    by /u/Beeblay22 (Microsoft Azure Certifications) on September 26, 2022 at 12:07 pm

    Resources = John Savill's AZ-104 Exam Cram + Master Class Tutorials Dojo Practice Exams John's content is the best out there right now for this exam IMHO. I watched the cram, then the entire master class, followed by the cram again. The Tutorials Dojo practice exams are essential. Some questions on the actual exam where almost word-for-word what I saw on the exam. Question: What's everyone using for the AZ-305? Obviously, already using John's content, and from what I've read the 305 isn't too bad. Thoughts? submitted by /u/Beeblay22 [link] [comments]

  • Exam Vouchers
    by /u/PebbleRock27 (Microsoft Azure Certifications) on September 26, 2022 at 9:30 am

    If I attend an Azure training day, e.g Azure fundamentals, and get an exam voucher for az-900, if I fail can I attend another session and get another voucher or do you only get one 'free' go? submitted by /u/PebbleRock27 [link] [comments]

  • Passed MS-100 Today
    by /u/zE0Rz (Microsoft Azure Certifications) on September 25, 2022 at 4:10 pm

    after more then a decade without any microsoft certification (did MCITP: DBA, MCITP:EA in 2008) I gave it a shot and started this week with doing certificates again (due to the new designation MCPP thing). Passed SC-300 on thursday. MS-100 today. submitted by /u/zE0Rz [link] [comments]

  • Azure Solutions Architect Expert
    by /u/TrueAlbanian101 (Microsoft Azure Certifications) on September 25, 2022 at 1:03 pm

    Sorry if this is a dumb question, wanted to be sure before going for the next cert! I currently have the AZ-104 certification and planning on taking the AZ-305 certification. Looks like when you complete these two you receive an Azure Architect Solutions Expert certification. Do you need to renew AZ-104 and AZ-305 each year when you’re an expert or does it get combined to a single test? Thank you! submitted by /u/TrueAlbanian101 [link] [comments]

  • SC-900 CERTIFICATE DESIGN CHANGED?
    by /u/Puzzleheaded_Lime234 (Microsoft Azure Certifications) on September 25, 2022 at 4:20 am

    Does the Certifcate design of SC-900 has changed? ( sep 2022) I passed my exam today, when i will recieve the credly badge? submitted by /u/Puzzleheaded_Lime234 [link] [comments]

  • Query Regarding Exam Voucher
    by /u/ahmedtm1 (Google Cloud Platform Certification) on September 24, 2022 at 9:55 am

    A few months back, I got an exam voucher and I registered for the exam. The voucher will expire on 30th Sep. But I have already used it. Now I feel like I'm not prepared well for the exam. So I want to reschedule the exam for the next month. My question is, will they charge me if I reschedule the exam for next month as the expiry date of the voucher is 30th Sep. submitted by /u/ahmedtm1 [link] [comments]

  • Best trainer for GCP - Architect?
    by /u/uuufffff (Google Cloud Platform Certification) on September 23, 2022 at 4:07 pm

    Hi, I'm aiming at Google PCA cert. For context, I'm a certified architect in both Azure and AWS. Who's the best trainer for Google Cloud? Looking for someone like John Savill for Azure. Thanks in advance. submitted by /u/uuufffff [link] [comments]

  • New Twitch show! All Things AWS, a variety-style show for the cloud-curious
    by Deborah Strickland (AWS Training and Certification Blog) on September 22, 2022 at 5:02 pm

    We’re rolling out a brand-new Twitch series called All Things AWS! This new series helps you learn cloud concepts while having a little bit of goofy fun. All Things AWS features a mix of everything that makes learning great, with informative segments, Q&As with AWS leaders, skits, spoofs, and games. Join us on Thursday, September 29, at 4:00 p.m. PT.

  • How LG CNS is creating future AI leaders with immersive machine learning training
    by (Training & Certifications) on September 22, 2022 at 4:00 pm

    As a Korean technology leader specializing in digital transformation (DX), LG CNS partners with customers to help them achieve digital growth across fields including cloud, artificial intelligence (AI), big data, smart factory, and smart logistics. Towards the end of 2020, LG CNS was investigating how to drive digital transformation and growth within their own ranks to demonstrate and extend their core competitive advantage as a consulting service and system integration service provider. By enhancing their internal teams’ AI capabilities, they would ensure they could provide even more innovation and technical expertise for their customers’ own transformation journeys to maintain their position in the market, and continue to provide creative insights and thought leadership both within Korea and overseas.After investigating several external training programs, LG CNS decided to partner with Google Cloud Learning Services to guarantee they received the right level of training and support to further elevate their world-class team. They recognized and respected Google’s global leadership in AI and machine learning (ML), and believed Google was the only partner that could elevate their company to a global level, in line with their already prominent position within the Korean market.  LG CNS’s employees participated in 5 weeks of machine learning and 1 week of machine learning operations (MLOps) training through the Advanced Solutions Lab (ASL) via ASL Virtual. This immersive learning program enabled participants to collaborate and learn directly from Google Cloud engineers and ML experts, without having to attend a Google campus. LG CNS’ participants for this transformative training program were selected based on a strict criteria. They were all considered high performers within LG CNS, and held 1-2 years practical experience in the AI/ML field. With continuous competency development and care, many will progress to become AI development leaders within the company, ensuring LG CNS can remain at the forefront of their field and collaborate with other businesses to fuel their own DX solutions.“I hope that all trainees can grow through the Google Cloud ASL program, which has the world's best AI technology, and I look forward to taking responsibility for leading AI in each division.” — SVP of LG CNSGoogle Cloud Learning services’ early involvement in the organizational stages of this training process, and agile response to LG CNS’s requirements, ensured LG CNS could add the extra week of MLOps training to their program as soon as they began the initial ASL ML course. This productive, collaborative experience demonstrated the strength and flexibility of Google Cloud Learning services, and their capacity to tailor virtual learning content to meet the needs of the specific client and their business objectives.Following the success of this first round in 2021, LG CNS has done ASL ML/MLOps training for another cohort in 2022 to cultivate even more AI and ML expert groups. This empowers LG CNS to build even more capacity within their workforce to continue advancing and developing the most breakthrough technologies to support their customers’ own digital transformation and innovation.To learn more about how you can engage business innovation in your own organization through cloud education services, visit Google Cloud Training & Certification and get started on your own learning journey.Related ArticleDrive digital transformation, get Cloud Digital Leader certifiedDiscover Google Cloud Digital Leader no-cost training and certification discount, and attend free webinar on September 15, 2022.Read Article

  • Google launches dedicated cloud training program for Ukrainians
    by (Training & Certifications) on September 21, 2022 at 4:00 pm

    Editor's note: This blog was originally published in Ukrainian on September 14. 2022.Google launches cloud technology training program to support Ukrainian businesses and IT professionals Around the world, organizations across multiple industries are in the midst of digitally transforming their businesses. And Ukrainian businesses are no different - they are looking for new ways to survive, grow and thrive digitally in an unstable and uncertain environment. The driving force behind these digital transformations for Ukrainian businesses will be people trained in the skills required to implement and maintain large-scale cloud deployments, particularly in areas like artificial intelligence, machine learning, data analytics, application development, security, and cloud architecture. We want to help Ukrainian people that are working for, and running these organizations to learn new cloud technology skills to empower them to build and grow organizations that will support the future of their country. Today we are launching the “Grow your career with Google Cloud”program for Ukrainians looking to develop world-class expertise with practical skills in cloud to fuel the rapid digital transformation of Ukraine and invest in its future with expanded job opportunities for IT professionals.It is our aim to train up to 10,000 Ukrainians in cloud technology by the end of 2023. The “Grow your career with Google Cloud” program will help IT developers and students gain the practical and in-demand skills they need to grow their careers or find new jobs. The ‘Grow your career with Google Cloud’ Ukraine Program is created for:IT specialists and developers who want to develop their cloud skills and career. IT students who will graduate next year and need cloud skills for future jobs.For effective learning, it is recommended to have at least a basic level of English.What will program participants receiveTwo months of no-cost access to Google Cloud Skills Boost, the definitive destination for Google Cloud learning.Opportunity to gain real-world hands-on experience by earning Google Cloud skill badges. Skill badges validate an individual’s cloud skills in support of reaching their cloud career goals.Individual learning paths aligned to job roles. These curated collections of content combine on-demand courses with hands-on learning. For beginners, we recommend the Getting Started with Google Cloud learning path as the content is localized in Ukrainian.Prizes for 3 and more earned skill badges.Access to cloud experts at regular Q&A sessions. More details are here.Ready to get started? Click here to register. Participants will be organized into cohorts, with the first cohort starting October 4, 2022. Once you have completed registration, you will receive an email with next steps, including information for upcoming webinars and cloud expert led Q&A sessions.  More information about the “Grow your career with Google Cloud” program is here.Related ArticleSign up for the Google Cloud Fly Cup ChallengeLearn more about how to participate in the Google Cloud Fly Cup, brought to you in partnership with The Drone Racing League.Read Article

  • New Twitch season of AWS Power Hour: Architecting starts September 27th!
    by Lauren Cutlip (AWS Training and Certification Blog) on September 20, 2022 at 3:47 pm

    AWS Power Hour: Architecting is back with six fun, engaging episodes that help you prepare for the newly updated AWS Certified Solutions Architect - Associate exam. Join us on Tuesdays at 7:30 a.m. PT from September 27 to November 1 for this live Twitch series.

  • GCP Cloud Engineer Cert practice exam choices
    by /u/phat1forever (Google Cloud Platform Certification) on September 18, 2022 at 12:52 am

    Hey, I have seen people mention Tutorial Dojo has good practice exams. Does that mean this: https://portal.tutorialsdojo.com/courses/google-certified-associate-cloud-engineer-practice-exams/#learndash-course-content Or this:https://www.udemy.com/course/google-certified-associate-cloud-engineer-practice-exams-gcp/ Currently I am using ACG and bought some practice exams on Udemy that are difficult, https://www.udemy.com/course/google-certified-associate-cloud-engineer-practice-tests-x , but I am still studying. I am open to other suggestions as well. submitted by /u/phat1forever [link] [comments]

  • Sign up for the Google Cloud Fly Cup Challenge
    by (Training & Certifications) on September 15, 2022 at 10:00 pm

    Are you ready to take your cloud skills to new heights? We’re excited to announce the Google Cloud Fly Cup Challenge, created in partnership with The Drone Racing League (DRL) and taking place at Next ‘22 to usher in the new era of tech-driven sports. Using DRL race data and Google Cloud analytics tools, developers of any skill level will be able to predict race outcomes and provide tips to DRL pilots to help enhance their season performance. Participants will compete for a chance to win an all-expenses-paid trip to the season finale of the DRL World Championship Race and be crowned the champion on stage.  How it works: Register for Next 2022 and navigate to the Developer Zone challenges to unlock the gameComplete each stage of the challenge to advance and climb the leaderboardWin prizes, boost skills and have fun!There will be three stages of the competition, and each will increase in level of difficulty. The first stage kicks off on September 15th, where developers will prepare data and become more familiar with the tools for data-driven analysis and predictions with Google ML Tools. There are over 500 prizes up for grabs, and all participants will receive an exclusive custom digital badge, and an opportunity to be celebrated for their achievements alongside DRL Pilots. There will be one leaderboard that will cumulate scores throughout the competition and prizes will be awarded as each stage is released. Stage 1: DRL Recruit: Starting on September 15th, start your journey here to get an understanding of DRL data by loading and querying race statistics. You will build simple reports to find top participants and fastest race times. Once you pass this lab you will be officially crowned a DRL recruit and progress for a chance to build on your machine learning skills and work with two more challenge labs involving predictive ML models. Prize: The top 25 on the leaderboard will win custom co-branded DRL + Google Cloud merchandise.Stage 2: DRL Pilot: Opening in conjunction with the first day of Next 2022 on October 11, in this next stage you will develop a model which can predict a winner in a head to head competition and a score for each participant, based on a pilots profile and flight history. Build a "pilot profile card" that analyzes the number of crashes and lap times and compares it to other pilots. Fill out their strengths and weaknesses and compare them to real life performances, and predict the winner of the DRL Race in the Cloud at Next 2022, and be crowned top developer for this stage.Prize: The first 500 participants to complete stage 2 of the contest will receive codes to download DRL’s Simulator on Steam.Stage 3: DRL Champion: Continue this journey throughout the DRL championship season. Using the model developed in Stage 2. Use data from past races to score participants and predict outcomes. Provide pilots with real life tips and tricks to help improve their performance. The developer at the top of the leaderboard at the end of December 2022 will win an expenses-paid VIP trip to DRL’s final race in early 2023. Prize: Finish in the top 3 for an opportunity to virtually present your tips and tricks to professional DRL Pilots before the end of the 2022-2023 race seasonTop the leaderboard as the Grand Champion and win an expenses paid VIP experience to travel to a DRL Championship Race in early 2023 and be celebrated on stage. For more information on prizes and terms please visit the DRL and Google Cloud website.  Ready to Fly? The Google Cloud Fly Cup Challenge opens today and will remain available on the Next ‘22 portal through December 31, 2022 when the winner will be announced. We are looking forward to seeing how you innovate and build together for the next era of tech-driven sports. Let’s fly!

  • The value of data and pursuing the AWS Certified Data Analytics – Specialty certification
    by Carole Suarez (AWS Training and Certification Blog) on September 15, 2022 at 6:50 pm

    Gain tips and guidance from four AWS Solutions Architects for how you can build your skills and expertise in data analytics and pursue the AWS Certified Data Analytics – Specialty certification.

  • Register for Google Cloud Next
    by (Training & Certifications) on September 14, 2022 at 4:00 pm

    Google Cloud Next ‘22 kicks off on October 11 at 9AM PDT with a 24-hour “follow the sun” global digital broadcast featuring live keynotes from five locations across the globe — New York, Sunnyvale, Tokyo, Bengaluru, and Munich. You’ll hear from the people shaping the future of computing and have the opportunity to learn from Google Cloud leaders and community influencers about ways they are solving the biggest challenges facing organizations today.You can experience Next ‘22 digitally and in-person. Here’s how: Join us digitally through the Google Cloud Next website to learn about the latest news, products, and Google Cloud technology and to access technical and training content.  Visit us locally at one of 200 physical events across six continents. In conjunction with our Partner and Developer Communities, we are excited to bring a series of small physical events around the world. Be sure to register for Next ‘22 so we can alert you about physical events in your area soon. At Next ‘22, you’ll find knowledge and expertise to help for whatever you’re working on with content tracks personalized for application developers, data scientists, data engineers, system architects, and low/no-code developers.To make Google Cloud Next as inclusive as possible, it is free for all attendees. Here’s more about Next ‘22 for you to get excited:Experience content in your preferred language. The Next ‘22 web experience will be translated into nine languages using Cloud Translate API. For Livestream and session content, you can turn on YouTube for CC (closed captions), which supports 180+ languages.Engineer your own playlist. Create, build, explore, and share your own custom playlists and discover playlists curated by Google Cloud.Hang with fellow developers. Gain access to dedicated developer zones through Innovators Hive livestreams, in-person event registration, a developer badging experience, challenges, curated resources and more fun with drone racing.Engage with your community. Use session chats to engage with other participants and ask questions to presenters, so you can fully immerse yourself in the content.Register for Next ‘22Connect with experts, get inspired, and boost your skills.There’s no cost to join any of the Next ‘22 experience. We can’t wait to see you and we’ll be sure to keep you posted about ways to engage locally with the Google Cloud community in your area. Say hello to tomorrow. It’s here today, at Next.Register today.Related ArticleRead Article

  • Digital Cloud Leader practice tests
    by /u/FightForYourDreams (Google Cloud Platform Certification) on September 13, 2022 at 11:30 pm

    Hi everyone, Can you please recommend me good practice tests that are similar to one you’d have on a real exam? I’ve tried one on Udemy and it was too hard and off comparing to Google videos and Google sample tests. TIA submitted by /u/FightForYourDreams [link] [comments]

  • 10 examples of scenario-based learning from AWS Training and Certification
    by Saif Altalib (AWS Training and Certification Blog) on September 13, 2022 at 7:31 pm

    Are you just getting started with your cloud learning journey and looking for opportunities to learn the fundamentals of Amazon Web Services (AWS) using training that is scenario-based? Take a look at 10 examples of training from AWS Training and Certification that provides situational, human-centered, scenario-based learning to advance your cloud knowledge.

  • Drive digital transformation, get Cloud Digital Leader certified
    by (Training & Certifications) on September 13, 2022 at 4:00 pm

    As enterprises look to accelerate cloud adoption, it is critical to not only upskill your technical talent, but to focus on skilling your non-technical teams too. Investing in your collective workforce’s cloud proficiency helps ensure you fully embrace everyone’s potential, and make the most of your cloud investment.According to research shared in a recent IDC paper1, comprehensively trained organizations saw a bigger impact vs. narrowly trained organizations, with 133% greater improvement in employee retention, a 47% reduction in business risk and a 22% increase in innovation. This is where Cloud Digital Leader training and certification comes in. Most cloud training and certification is geared toward technical cloud practitioners, leaving non-technical (tech-adjacent) teams with little understanding of cloud technologies. Cloud Digital Leader bridges this gap, providing easy-to-understand training that enables everyone to understand the capabilities of cloud so that they can contribute to digital transformation in their organizations.In  a recent fireside chat with Google Cloud Partner Kyndryl, who have achieved over 1,000 Cloud Digital Leader certifications across their organization, they shared how the Cloud Digital Leader training and certification has led to significant time reduction within their pre-sales cycle:“Our sales teams who work with customers and learn about their challenges were able to apply the know-how from their Cloud Digital Leader education and certification. They can now guide the technical solution teams in the right direction, without having to pull them into the discovery phases of their customer interactions. As a result, we operated more quickly and efficiently,  as the sales teams were able to speak to the Google Cloud solutions very early on in the sales cycle. This accelerated the sales process, as the sales teams were therefore more confident in their Google Cloud knowledge, saving time and money for us, and the customer.” — Christoph Schwaiger, Google Cloud Business Development Executive, Global Strategic Alliances, Kyndryl.Empower your team’s cloud fluency, and discover your next phase of digital transformation. Invite your teams to jump start their cloud journey with no-cost Cloud Digital Leader training on Google Cloud Skills Boost.Join our live webinar to access a time-limited certification offerRegister for our upcoming webinar, “Getting started with Google Cloud Digital Leader training and certification” to learn more. Those that register for the webinar before broadcast on September 15, 9am PT will get access to a time-limited discount voucher for the Cloud Digital Leader certification exam. That’s an offer that you won’t want to miss.1. IDC Paper, sponsored by Google Cloud Learning: "To Maximize Your Cloud Benefits, Maximize Training" - Doc #US48867222, March 2022Related ArticleTrain your organization on Google Cloud Skills BoostTo help more than 40 million people build cloud skills, Google Cloud has launched new enterprise level features on Google Cloud Skills Bo...Read Article

  • Thank you Partners for three years of growth and winning together
    by (Training & Certifications) on September 12, 2022 at 10:00 am

    Congratulations to our fast growing ecosystem of global partners for three years of commitment to Partner Advantage, underscored by great collaboration, high energy, innovative ideas, and transformative impact. Together we’ve leveraged our program to drive growth and customer satisfaction. Year to date, there has been more than a 140% year-over-year increase in experts at our partner organizations trained (devs, technical, certifications, solutions) for 2022. This has translated into thousands of happy customers, many of whose stories are available to read in our Partner Directory. Each of you continue to inspire our shared customers and all of us at Google Cloud. And we are only getting started!We are hard at work making sure every aspect of your business with Google Cloud is smooth running, easy to navigate, and profitable. So what’s in store for 2023? Here’s a sneak peak: Expect to see more activity and focus around our Differentiation Journey as a vehicle for driving your growth and success. This includes encouraging partners to offer more in the area of high value and repeatable services, where the opportunity is large and growing fast. You can learn more about the global economic impact our partners are having in this blog post.You’ll also see Partner Advantage focusing more on solutions and customer transformation. All of which will include corresponding incentives, new benefits, and more features.Thank you again for your commitment and hard work. It’s been a fantastic three years of amazing opportunity and growth. Not a partner yet? Start your journey today!The best is yet to come!-Nina HardingRelated ArticleRead Article

  • Doing the Cloud Guru CDL course; are the Labs really necessary?
    by /u/ExNihilo_01 (Google Cloud Platform Certification) on September 11, 2022 at 5:32 pm

    I did the AWS CCP with little prep, and no cloud guru course. I just took notes from this 4 hour video. I'm currently almost finished the Cloud Guru CDL course, but have not done any of the labs. Are they useful or necessary? submitted by /u/ExNihilo_01 [link] [comments]

  • Find a role in the cloud—even if you’re not technical
    by Cristina Vargas (AWS Training and Certification Blog) on September 8, 2022 at 8:21 pm

    Curious about the options for a job in cloud? It's no longer limited to individuals in historically technical roles. Explore your options at our free Cloud Career Exploration Day event on September 14, 2022 at the AWS Skills Center in Seattle and virtually. We’ll explore what the cloud is, what you need to know, what job roles are available, and why so many employers are hiring people with cloud skills.

  • GCP Cloud Engineer - practice tests
    by /u/Monurmac (Google Cloud Platform Certification) on September 8, 2022 at 10:11 am

    Hi, I am preparing for the Cloud Engineer associate exam, and considering some practice tests. I am considering Udemy: https://www.udemy.com/course/google-certified-associate-cloud-engineer-practice-tests-x/ Or https://www.udemy.com/course/google-cloud-associate-cloud-engineer-practice-examspractice-exams/ Which one should I choose, and would it be sufficient, if I learn the concept behind the questions in the mentioned links? Thanks in advance 🙂 submitted by /u/Monurmac [link] [comments]

  • When cloud curiosity leads to a career transformation
    by Training and Certification Blog Editor (AWS Training and Certification Blog) on September 6, 2022 at 7:17 pm

    Are you currently in a technical role but don’t have much experience with the cloud? Learn how one learner with prior app developer experience utilized instructor-led training courses through AWS Training and Certification to grow cloud expertise, earn three AWS Certifications, and transition into a role as a solutions architect.

  • Four non-traditional paths to a cloud career (and how to navigate them)
    by (Training & Certifications) on September 6, 2022 at 4:00 pm

    One thing I love about cloud is that it’s possible to succeed as a cloud engineer from all kinds of different starting points. It’s not necessarily easy; our industry remains biased toward hiring people who check a certain set of boxes such as having a university computer science degree. But cloud in particular is new enough, and has such tremendous demand for qualified talent, that determined engineers can and do wind up in amazing cloud careers despite coming from all sorts of non-traditional backgrounds.But still - it’s scary to look at all the experienced engineers ahead of you and wonder “How will I ever get from where I am to where they are?”A few months ago, I asked some experts at Google Cloud to help me answer common questions people ask as they consider making the career move to cloud. We recorded our answers in a video series called Cracking the Google Cloud Career that you can watch on the Google Cloud Tech YouTube channel. We tackled questions like…How do I go from a traditional IT background to a cloud job?You have a superpower if you want to move from an old-school IT job to the cloud: You already work in tech! That may give you access to colleagues and situations that can level up your cloud skills and network right in your current position. But even if that’s not happening, you don’t have to go back and start from square one. Your existing career will give you a solid foundation of professional experience that you can layer cloud skills on top of. Check out my video to see what skills I recommend polishing up before you make the jump to cloud interviews:How do I move from a help desk job to a cloud job?The help desk is the classic entry-level tech position, but moving up sometimes seems like an insurmountable challenge. Rishab Kumar graduated from a help desk role to a Technical Solutions Specialist position at Google Cloud. In his video, he shares his story and outlines some takeaways to help you plot your own path forward.Notably, Rishab calls out the importance of building a portfolio of cloud projects: cloud certifications helped him learn, but in the job interview he got more questions about the side projects he had implemented. Watch his full breakdown here:How do I switch from a non-technical career to the cloud?There’s no law that says you have to start your tech career in your early twenties and do nothing else for the rest of your career. In fact, many of the strongest technologists I know came from previous backgrounds as disparate as plumbing, professional poker, and pest control. That’s no accident: those fields hone operational and people skills that are just as valuable in cloud as anywhere else. But you’ll still need a growth mindset and lots of learning to land a cloud job without traditional credentials or previous experience in the space. Google Cloud’s Stephanie Wong came to tech from the pageant world and has some great advice about how to build a professional network that will help you make the switch to a cloud job. In particular, she recommends joining the no-cost Google Cloud Innovators program, which gives you inside access to the latest updates on Google Cloud services alongside a community of fellow technologists from around the globe.Stephanie also points out that you don’t have to be a software engineer to work in the cloud; there are many other roles like developer relations, sales engineers and solutions architects that stay technical and hands-on without building software every day.You can check out her full suggestions for transitioning to a tech career in this video:How do I get a job in the cloud without a computer-related college degree?No matter your age or technical skill level, it can be frustrating and intimidating to see role after role that requires a bachelor’s degree in a field such as IT or computer science. I’m going to let you in on a little secret: once you get that first job and add some experience to your skills, hardly anybody cares about your educational background anymore. But some recruiters and hiring managers still use degrees as a shortcut when evaluating people for entry-level jobs.Without a degree, you’ll have to get a bit creative in assembling credentials. First, consider getting certified. Cloud certifications like the Google Cloud Associate Cloud Engineer can help you bypass degree filters and get you an interview. Not to mention, they’re a great way to get familiar with the workings of your cloud. Google Cloud’s Priyanka Vergadia suggests working toward skill badges on Google Cloud Skills Boost; each skill badge represents a curated grouping of hands-on labs within a particular technology that can help you build momentum and confidence toward certification.Second, make sure you are bringing hands-on skills to the interview. College students do all sorts of projects to bolster their education. You can do this too - but at a fraction of the cost of a traditional degree. As Priyanka points out in this video, make sure you are up to speed on Linux, networking, and programming essentials before you apply:No matter your background, I’m confident you can have a fulfilling and rewarding career in cloud as long as you get serious about these two things:Own your credibility through certification and hands-on practice, andBuild strong connections with other members of the global cloud community.In the meantime, you can watch the full Cracking the Google Cloud Career playlist on the Google Cloud Tech YouTube channel. And feel free to start your networking journey by reaching out to me anytime on Twitter if you have cloud career questions - I’m happy to help however I can.Related ArticleShow off your cloud skills by completing the #GoogleClout weekly challengeComplete the weekly #GoogleClout challenge and show off your cloud skillsRead Article

  • Earn new badges by building your cloud storage knowledge
    by Jennifer Ricciuti (AWS Training and Certification Blog) on September 1, 2022 at 5:58 pm

    AWS Training and Certification provides flexible Storage learning plans through AWS Skill Builder to help you build in-demand cloud storage knowledge by progressing from foundational to advanced concepts. AWS Storage digital learning badges are available to showcase your knowledge once you score 80% or higher on the associated online assessment for any of these learning plans.

  • Passed GCP Professional Cloud Architect
    by /u/electricninja911 (Google Cloud Platform Certification) on September 1, 2022 at 6:25 am

    First of all, I would like to start with the fact that I already have around 1 year of experience with GCP in depth, where I was working on GKE, IAM, storage and so on. I also obtained GCP Associate Cloud Engineer certification back in June as well, which helps with the preparation. I started with Dan Sullivan’s Udemy course for Professional Cloud Architect and did some refresher on the topics I was not familiar with such as BigTable, BigQuery, DataFlow and all that. His videos on the case studies helps a lot to understand what each case study scenario requires for designing the best cost-effective architecture. In order to understand the services in depth, I also went through the GCP documentation for each service at least once. It’s quite useful for knowing the syntax of the GCP commands and some miscellaneous information. As for practice exam, I definitely recommend Whizlabs. It helped me prepare for the areas I was weak at and helped me grasp the topics a lot faster than reading through the documentation. It will also help you understand what kind of questions will appear for the exam. I used TutorialsDojo (Jon Bonso) for preparation for Associate Cloud Engineer before and I can attest that Whizlabs is not that good. However, Whizlabs still helps a lot in tackling the tough questions that you will come across during the examination. One thing to note is that, there wasn’t even a single question that was similar to the ones from Whizlabs practice tests. I am saying this from the perspective of the content of the questions. I got totally different scenarios for both case study and non case study questions. Many questions focused on App Engine, Data analytics and networking. There were some Kubernetes questions based on Anthos, and cluster networking. I got a tough question regarding storage as well. I initially thought I would fail, but I pushed on and started tackling the multiple-choices based on process of elimination using the keywords in the questions. 50 questions in 2 hours is a tough one, especially due to the lengthy questions and multiple choices. I do not know how this compares to AWS Solutions Architect Professional exam in toughness. But some people do say GCP professional is tougher than AWS. All in all, I still recommend this certification to people who are working with GCP. It’s a tough one to crack and could be useful for future prospects. It’s a bummer that it’s only valid for 2 years. submitted by /u/electricninja911 [link] [comments]

  • AWS Certified Solutions Architect – Associate exam updated to align with latest trends and innovations
    by Training and Certification Blog Editor (AWS Training and Certification Blog) on August 31, 2022 at 8:48 pm

    The AWS Certified Solutions Architect - Associate exam is updated as of August 30, 2022. The updates reflect increased enterprise demand for optimizations in fast-changing areas such as security, resiliency, data volume, cost optimization, and the design of high-performance systems. Learn about the changes and how to prepare for the new exam.

  • Passed my GCP ACE Exam
    by /u/depictureboy2 (Google Cloud Platform Certification) on August 18, 2022 at 4:33 pm

    Glad I took it at a center. They kept losing connection, glad I didn't have to deal with that headache. ​ Now just to wait for the official word. Onto the Professional Data Engineer submitted by /u/depictureboy2 [link] [comments]

  • Job Opportunities from Associate to Cloud Architect
    by /u/chancemuse (Google Cloud Platform Certification) on August 16, 2022 at 11:25 pm

    Hello, I'm currently certified as an Associate Cloud Engineer and have been studying for the Cloud Architect exam. I wanted to ask to see what changed in terms of interview call backs or follow ups once you moved from the Associate level cert to the Professional level. submitted by /u/chancemuse [link] [comments]

  • A visual tour of Google Cloud certifications
    by (Training & Certifications) on August 16, 2022 at 4:00 pm

    Interested in becoming Google Cloud certified? Wondering which Google Cloud certification is right for you? We’ve got you covered.Check out the latest#GCPSketchnote illustration, a framework to help you determine which Google Cloud certification is best suited to validate your current skill set and propel you toward future cloud career goals.Follow the arrows to see where you land, and for tips on how to prepare for your certification on Google Cloud Skills Boost: Cloud Digital Leader-This certification is for anyone who wishes to demonstrate their knowledge of cloud computing basics and how Google Cloud products and services can be used to achieve an organization’s goals.Associate Cloud Engineer - This certification is for candidates who have a solid understanding of Google Cloud fundamentals and experience deploying cloud applications, monitoring operations, and managing cloud enterprise solutions.Professional Google Cloud certifications - These certifications are ideal for candidates with in-depth experience working hands-on setting up cloud environments for organizations based on their business needs, and have experience deploying services and solutions.Professional Cloud ArchitectProfessional Cloud DeveloperProfessional Data EngineerProfessional Cloud Database EngineerProfessional DevOps EngineerProfessional Machine Learning EngineerProfessional Network EngineerProfessional Security EngineerProfessional Workspace Administrator Continue along the arrows for tips on how to prepare for your certification, while earning completion badges and skill badges through our on-demand learning platform, Google Cloud Skills Boost along the way.Where will your certification journey take you?Get started preparing for your certification today. New users are eligible for a 30-day no-cost trial on  Google Cloud Skills Boost.Related ArticleMeet the new Professional Cloud Database Engineer certificationGoogle Cloud launches a new Professional certification.Read Article

  • Google Cloud - Certification Journey
    by /u/johnbulla (Google Cloud Platform Certification) on August 14, 2022 at 8:31 pm

    Dear community, From September, the new 7-week Certification Journey Program will give you all the resources and support you need to become fully certified as a Cloud Architect, Associate Cloud Engineer or Data Engineer. #Free 🔗More Info: http://wiki-cloud.co/en/2022/08/google-cloud-certification-journey-2022 #GoogleCloud #Certification https://preview.redd.it/7swwya0roqh91.png?width=780&format=png&auto=webp&s=ab6442a95c1490eb221e896fd490a4cd6e8e240a submitted by /u/johnbulla [link] [comments]

  • Passed GCP: Cloud Digital Leader
    by /u/Kalad1nBrood (Google Cloud Platform Certification) on August 12, 2022 at 11:38 pm

    Hi everyone, First, thanks for all the posts people share. It helps me prep for my own exam. I passed the GCP: Cloud Digital Leader exam today and wanted to share a few things about my experience. Preparation I have access to ACloudGuru (AGU)and Udemy through work. I started one of the Udemy courses first, but it was clear the course was going beyond the scope of the Cloud Digital Leader certification. I switched over AGU and enjoyed the content a lot more. The videos were short and the instructor hit all the topics on the Google exam requirements sheet. AGU also has three - 50 question practices test. The practice tests are harder than the actual exam (and the practice tests aren't that hard). I don't know if someone could pass the test if they just watched the videos on Google Cloud's certification site, especially if you had no experience with GCP. Overall, I would say I spent 20 hrs preparing for the exam. I have my CISSP and I'm working on my CCSP. After taking the test, I realized I way over prepared. Exam Center It was my first time at this testing center and I wasn't happy with the experience. A few of the issues I had are: - My personal items (phone, keys) were placed in an unlocked filing cabinet - My desk are was dirty. There were eraser shreds (or something similar) and I had to move the keyboard and mouse and brush all the debris out of my work space - The laminated sheet they gave me looked like someone had spilled Kool-Aid on it - They only offered earplugs, instead of noise cancelling headphones Exam My recommendation for the exam is to know the Digital Transformation piece as well as you know all the GCP services and what they do. ​ I wish you all luck on your future exams. Onto GCP: Associate Cloud Engineer. submitted by /u/Kalad1nBrood [link] [comments]

  • Official GCP study guide print quality?
    by /u/steffi8 (Google Cloud Platform Certification) on August 11, 2022 at 11:25 pm

    How is the print quality with the official GCP study guide series? Is it better than Microsoft’s Azure series as those are pretty bad. submitted by /u/steffi8 [link] [comments]

  • Resources for Google Cloud
    by /u/Khaotic_Kernel (Google Cloud Platform Certification) on August 11, 2022 at 7:22 pm

    Useful Tools and Learning Resources for Google Cloud. Table of Contents Google Cloud Learning Resources Developer Resources GCP Training & Courses GCP Books Google Cloud Tools submitted by /u/Khaotic_Kernel [link] [comments]

  • Please help me decide, new graduate deciding his cloud journey.
    by /u/Themotionalman (Google Cloud Platform Certification) on August 11, 2022 at 9:40 am

    Hey so I would like to start my cloud journey. I just graduated in may and I’m lucky to have gotten a job in June. The company uses AWS the problem is I don’t see myself staying here long term. I currently do some front and back but I’d like to move more into cloud maybe later in life. I have used AWS and GCP on some personal projects nothing too intense. So I’d consider myself a noob. Here are my questions. How much preparation do you think is required for the cloud practitioner? After the CP I’d like to get a solutions architect dev architect I think and afterwards get the security specialist. Is this plan feasible, what would you change ? Last question something that might trigger a few, I’m afraid of vendor lock in, I know my company uses AWS and the best move to take would be to stick with them but here in France I see that GCP is more lucrative I am thinking of maybe doing just CP from AWS and pivoting, what do you think about this strategy, if any, what advice would you give to help me pick a platform or maybe you could tell me why you chose what you chose thanks in advance submitted by /u/Themotionalman [link] [comments]

  • Passed my Cloud Digital Leader!
    by /u/Spirited_Chipmunk_46 (Google Cloud Platform Certification) on August 11, 2022 at 2:51 am

    …well according to the preliminary results. Now to keep up the momentum. submitted by /u/Spirited_Chipmunk_46 [link] [comments]

  • Pluralsight/Udemy or Cloud Academy?
    by /u/steffi8 (Google Cloud Platform Certification) on August 9, 2022 at 9:21 pm

    For the following certifications what is recommended? Is one of the above suitable pass the Data Engineer/Cloud Architect/Cloud Engineer certifications? I have all 3 available to me with Dan Sullivans courses from Udemy. Furthermore, are Dan's books worthwhile if you're also following the online content? submitted by /u/steffi8 [link] [comments]

  • Hey in your words why pick GCP over AWS to learn, or at least the certs.
    by /u/Themotionalman (Google Cloud Platform Certification) on August 9, 2022 at 12:24 am

    submitted by /u/Themotionalman [link] [comments]

  • hi
    by /u/Logical-Neck-1131 (Google Cloud Platform Certification) on August 8, 2022 at 5:37 pm

    submitted by /u/Logical-Neck-1131 [link] [comments]

  • which gcp storage can scale to higher database sizes?
    by /u/lindogamaton (Google Cloud Platform Certification) on August 7, 2022 at 3:12 pm

    The answer is SQL Spanner. why is that? submitted by /u/lindogamaton [link] [comments]

  • passed GCP ACE today
    by /u/pulse008 (Google Cloud Platform Certification) on August 6, 2022 at 9:29 am

    submitted by /u/pulse008 [link] [comments]

  • ML Engineers: Partners for Scaling AI in Enterprises
    by (Training & Certifications) on August 4, 2022 at 4:00 pm

    Enterprises across many industries are adopting artificial intelligence (AI) and machine learning (ML) at a rapid pace. Many factors fuel this accelerated adoption, including a need to realize value out of the massive amounts of data generated by multichannel customer interactions and the increasing stores of data from all facets of an enterprise's operations. This growth prompts a question: what knowledge and skill sets are needed to help organizations leverage and scale AI and ML? To answer this question, it’s important to understand what types of transformations enterprises are going through as they aim to make better use of their data.Growing AI/ML Maturity Many large organizations have moved beyond pilot or sample AI/ML use cases within a single team to figuring out how to solidify their data science projects and scale them to other areas of the business. As data changes or gets updated, organizations need ways to continually optimize the outcomes from their ML models. Mainstreaming Data Science Data science has moved into the mainstream of many organizations. People working in various line-of-business teams — such as product, marketing and supply chain — are eager to apply predictive analytics. With this growth, decentralized data science teams are popping up all over a single enterprise. But many people looking to apply predictive techniques have limited training in data science or limited knowledge of the infrastructure fundamentals for production-scale AI/ML. Additionally, enterprises are faced with a proliferation of ad hoc technologies, tools and processes.  Increasing Complexity of Data Having achieved some early wins, often with structured or tabular data use cases, organizations are eager to derive value out of the massive amounts of unstructured data, including from language, vision, natural language and other categories. One role that organizations are increasingly turning to is the ML engineer.  What is a Machine Learning Engineer?I have observed that as organizations mature in their AI/ML practices, they expand from hiring mainly data scientists toward hiring people with ML engineering skills. A review of hundreds of ML engineer job postings sheds light on why this role is one way to meet the transformative needs of the enterprise. Examining the frequency of certain terms in the free text of the job postings surfaces several themes:SOFTWARE ENGINEERINGML engineers are closely affiliated with the software engineering function. Organizations hiring ML engineers have typically achieved some wins in their initial AI/ML pilots and they are moving up the ML adoption curve from implementing ML use cases to scaling, operationalizing and optimizing ML in their organizations. Many job postings emphasize the software engineering aspects of ML over the pure data science skills. ML engineers need to apply software engineering practices and write performant production-quality code. DATAEnterprises are looking for people with the ability to create pipelines or reusable processes for various aspects of ML workflows. This involves both collaborating with data engineers (another in-demand role) and creating the infrastructure for robust data practices throughout the end-to-end ML process. In other words, ML engineers create processes and partnerships to help with cleaning, labeling and working with large scale data from across the enterprise. PRODUCTIONMany employers look for ML engineers who have experience with the end-to-end ML process, especially taking ML models to production. ML engineers work with data scientists to productionize their work, building pipelines for continuous training, automated validation and version control of the model.  SYSTEMSMany ML engineers are hired to help organizations put the architecture, systems and best-practices in place to take AI/ML models to production. ML engineers deploy ML models to production either on cloud environments or on-premise infrastructure. The emphasis on systems and best practices helps to drive consistency as people with limited data science or infrastructure fundamentals learn to derive value from predictive analytics. This focus on systematizing AI/ML is also a critical prerequisite for developing an AI/ML governance strategy. This qualitative analysis of ML Engineering jobs is not based on an assessment of a specific job posting or even one specific to the enterprise I work in. Rather, it reflects a qualitative evaluation of general themes across the spectrum of publicly available job postings for ML engineers—a critical role for enterprises to scale AI/ML.In what teams do ML Engineers work?Within enterprises, ML engineers reside in a variety of teams, including data science, software engineering, research and development, product groups, process/operations and other business units.What industries seek talent to help productionize ML?While demand for ML engineers is at an all-time high, there are several industries that are at the forefront of hiring these roles. The industries with the highest demand for ML engineers include  computers and software, finance and banking and professional services. As AI and ML continue to grow and mature as a practice in enterprises, ML engineers play a pivotal role in helping to scale AI/ML usage and outcomes. ML engineers enable data scientists to focus on what they do best by establishing infrastructure, processes and best practices to realize business value from AI/ML models in production. This is especially the case as data volumes and complexity grows. Where to begin with building AI and ML skills? Google Cloud Skills Boost offers a number of courses that can help your teams build ML engineering skills on their path to achieving the Professional Machine Learning Engineer certification. To learn more about how Google Cloud products and services empower enterprises to do more with AI and ML, visit our AI and ML products page or read this blog post about some of our top resources for getting started with Google Cloud services like Vertex AI, our machine learning platform built for the needs of ML engineers. For the latest from Google Cloud ML experts and customers, check out on-demand sessions from our Applied ML Summit to get a firsthand look at additional learning events for you and your teams.Related ArticleSharpen your machine learning skills at Google Cloud Applied ML SummitImprove your machine learning skills and learn from leading experts at Google Cloud Applied ML Summit, coming June 9, 2022.Read Article

  • Azure Firewall Premium is now ICSA labs certified
    by Azure service updates on August 2, 2022 at 7:00 pm

    Azure Firewall Premium Intrusion Prevention System (IPS) certification from ICSA Labs is now available.

  • GCP ML Engineer Learning in a short time
    by /u/vrajjshah (Google Cloud Platform Certification) on July 29, 2022 at 3:34 pm

    I know Dump is not the right way to learn. But my workplace has given me a short deadline yesterday to complete ML Engineer Certificate by Monday. The Examtopics Dump is not available for this exam(gives 404 Error) - 404 - Page not found (examtopics.com). It is available through VPN but has only 66 questions! I did not find a course on Udemy too. Any other resources for learning it in a short time ( weekened)? Or even any other popular dumps website ( Tried and Tested). Thanks in Advance submitted by /u/vrajjshah [link] [comments]

  • Meet the new Professional Cloud Database Engineer certification
    by (Training & Certifications) on July 28, 2022 at 4:30 pm

    After a successful certification beta, we’re excited to share that the Professional Cloud Database Engineer certification is now generally available. This new certification allows you to showcase your ability to manage databases that power the world’s most demanding workloads. Traditional data management roles have evolved and now call for elevated cloud data management expertise, making this certification especially important now because 80% of IT leaders note a lack of skills and knowledge among their employees. Google Cloud certifications have proven to be critical for employees and businesses looking to adopt cloud technologies. In fact, 76% of IT decision makers agree that certifications have increased their confidence in their staff’s knowledge and ability. Certification exam tips from a beta testerThe new certification validates your ability to design, plan, test, implement, and monitor cloud databases. Plus, it also demonstrates your ability to lead database migration efforts and guide organizational decisions based on your company’s use cases.Kevin Slifer, Technical Delivery Director, Cloud Practice, EPAM Systems shares his experience in becoming a Google Cloud certified Professional Cloud Database Engineer:“Preparing for the Professional Cloud Database Engineer certification improved my proficiency in database migration and management in the cloud.  Passing the exam has enabled me to add immediate value to the organizations that I work with in navigating their database migration and modernization journeys, including my current project, which involves the adoption of Cloud SQL at scale. Candidates who are preparing for this exam should make an investment in understanding the key benefits of bringing legacy database platforms into Google-managed services like Cloud SQL and Bare Metal Solution, as well as the additional upside to going cloud-native with Google’s own database platforms like Spanner and Firestore.”Deepen your database knowledgeGet started with our recommended content to enhance your database knowledge, on your journey towards becoming a Google Cloud certified Professional Cloud Database Engineer. This is a Professional certification requiring both industry knowledge and hands-on experience working with Google Cloud databases.Start with the exam guide and familiarize yourself with the topics covered.Round out your skills by following the Database Engineer Learning Path which covers many of the topics on the exam, including migrating databases to Google Cloud and managing Google Cloud databases.Gain hands-on practice by earning the skill badges in the learning path:Create and Manage Cloud Spanner Databases  Manage Bigtable on Google Cloud Migrate MySQL data to Cloud SQL using Database Migration Service Manage PostgreSQL Databases on Cloud SQL Don’t skip the additional resources to help you prepare for the exam, such as:Your Google Cloud database options, explainedDatabase modernization solutions Database migration solutions Register for the exam! Mark Your CalendarsRegister for our upcoming Cloud OnAir webinar on August 4, 2022 at 9am PT featuring Mara Soss, Credentials and Certification Engagement Lead and Priyanka Vergadia, Google Cloud Staff Developer Advocate, as they dive into the new certification, how to best prepare, and they will take your questions live.Related ArticleWhy IT leaders choose Google Cloud certification for their teamsWhy IT leaders should choose Google Cloud training and certification to increase staff tenure, improve productivity for their teams, sati...Read Article

  • developer in ERP system for 10 years, new to GCP, which Google Cloud Cert should I pursue?
    by /u/lindogamaton (Google Cloud Platform Certification) on July 27, 2022 at 10:52 pm

    Hi,I am new to GCP. I have experience in python, sso, windows, sql in past 10 years. I have experience building web application on top of ERP, build some tutorial app on aws for weekend project, build integration, draw system diagram, and some of my client use datalake (all I do is to provide data through integration, but no knowledge of datalake). In my ERP word, I am at architect level with hands on coding experience. And I'd like to pursue GCP Cert: associate cloud engineer pro data engineer pro cloud developer pro cloud architect My goal is to get prod cloud architect, is it a mission impossible for 1st GCP. Should I take pro cloud developer path, build some web app, gain experience, then consider pro cloud architect next year? Thank you! submitted by /u/lindogamaton [link] [comments]

  • #GCP #GoogleCloud need to read flat file delimeted and push data to CloudSQL. google dataflow, right service ?
    by /u/Electronic-Region834 (Google Cloud Platform Certification) on July 27, 2022 at 2:40 am

    submitted by /u/Electronic-Region834 [link] [comments]

  • ACE GCP EXAM
    by /u/Mell-O_5751 (Google Cloud Platform Certification) on July 25, 2022 at 9:30 pm

    Hey, i just passed the ACE exam on 6th July but didnt received any confirmation mail yet by Google. I send many emails but nothing… how many days can be delayed? 20 days and counting. submitted by /u/Mell-O_5751 [link] [comments]

  • Prepare for Google Cloud certification with top tips and no-cost learning
    by (Training & Certifications) on July 11, 2022 at 4:30 pm

    Becoming Google Cloud certified has proven to improve individuals’ visibility within the job market, and demonstrate ability to drive meaningful change and transformation within organizations.  1 in 4 Google Cloud certified individuals take on more responsibility or leadership roles at work, and  87% of Google Cloud certified users feel more confident in their cloud skills1.75% of IT decision-makers are in need of technologically-skilled personnel to meet their organizational goals and close skill gaps2.94% of those decision-makers agree that certified employees provide added value above and beyond the cost of certification3.Prepare for certification with a no-cost learning opportunityThat's powerful stuff, right?  That’s why we've teamed up with Coursera to support your journey to becoming Google Cloud certified.As a new learner, get one month of no-cost access to your selected Google Cloud Professional Certificate on Coursera to help you prepare for the relevant Google Cloud certification exam. Choose from Professional Certificates in data engineering, cloud engineering, cloud architecture, security, networking, machine learning, DevOps and for business professionals, the Cloud Digital Leader.Become Google Cloud certifiedTo  help you on your way to becoming Google Cloud certified, you can earn a discount voucher on the cost of the Google Cloud certification exam by completing the Professional Certificate on Coursera by August 31, 2022 Simply visit our page on Coursera and start your one month no-cost learning journey today. Top tips to prepare for your Google Cloud certification examGet hands-on with Google CloudFor those of you in a technical job role, we recommend leveraging the Google Cloud projects to build your hands-on experience with the Google Cloud console. With 500+ Google Cloud projectsnow available on Coursera, you can gain hands-on experience working in the real Google Cloud console, with no download or configuration required.Review the exam guideExam guides provide the blueprint for developing exam questions and offer guidance to candidates studying for the exam. We´d encourage you to be prepared to answer questions on any topic in the exam guide, but it's not guaranteed that every topic within an exam guide will be assessed.Explore the sample questionsTaking a look at the sample questions on each certification page will help to familiarize you with the format of exam questions and example content that may be covered. Start your certification preparation journey today with a one month no-cost learning opportunity on Coursera. Want to know more about the value of Google Cloud Certification? Find out why IT leaders choose Google Cloud Certification for their teams.1. Google Cloud, Google Cloud certification impact report, 20202. Skillsoft Global Knowledge, IT skills and Salary report, 20213. Skillsoft Global Knowledge, IT skills and Salary report, 2021Related ArticleWhy IT leaders choose Google Cloud certification for their teamsWhy IT leaders should choose Google Cloud training and certification to increase staff tenure, improve productivity for their teams, sati...Read Article

  • Investing in Differentiation brings great customer experiences and repeatable business
    by (Training & Certifications) on July 7, 2022 at 4:00 pm

    “Customer success is the cornerstone of our partner ecosystem and ensures our joint customers experience the innovation, faster time to value, and top notch skills from Google and Google Cloud Partners.”—Nina Harding, Global Chief, Partner Advantage Program.Our ecosystem is a strong, validated ally to help you drive business growth and solve complex challenges. Differentiation achievements help you select a partner with confidence, knowing that Google Cloud has verified their skills and customer success across our products, horizontal solutions and key industries.  In all cases, our partners have demonstrated their commitment to learning and ongoing training, demonstrated through earned certifications, Specialization and Expertise. To further refine the process of helping customers find the best partner fast, we recently introduced Net Promoter Score© within Partner Advantage.  This industry standard rating tool allows customers to provide feedback and insights on their successes with partners quickly and easily. We encourage you to work with your partners to share your success and provide feedback using Net Promoter Score.To find the most highly qualified, experienced partners the Google Cloud Partner Directory puts you in the driver’s seat. This purpose-built tool helps customers like you leverage partner Differentiation achievements to move forward with confidence as you start your next project.This new “How to find the right Google Cloud Partner” video shows you how to create a shortlist of potential partners by Region, and based on 14 different strategic solution categories or 100+ Expertise designations.To find a partner that meets your specific needs, or complements your capable team, look no further than Partner Advantage’s Differentiation framework and share in our congratulations to some partners that have achieved Specialization the past few quarters.Related ArticleStanding out to customers through the Partner Differentiation journeyLearn how Google Cloud Partner Advantage partners help customers solve real-world business challengesRead Article

  • Show off your cloud skills by completing the #GoogleClout weekly challenge
    by (Training & Certifications) on July 6, 2022 at 4:00 pm

    Who’s up for a challenge? It’s time to show off your #GoogleClout!Starting today, check in every Wednesday to unlock a new cloud puzzle that will test your cloud skills against participants worldwide. Stephanie Wong’s previous record is 5 minutes, can you complete the new challenge in 4?#GoogleClout ChallengeThe #GoogleClout challenge is a no-cost weekly 20 minute hands-on challenge. Every Wednesday for the next 10 weeks, a new challenge will be posted on our website. Participants will race against the clock to see how quickly they can complete the challenge. Attempt the 20 minute challenge as many times as you want. The faster you go, the higher your score!How it worksTo participate, follow these four simple steps:Enroll - Go to our website, click the link to the weekly challenge, and enroll in the quest using your Google Cloud Skills Boost account. Play - Attempt the challenge as many times as you want. Remember the faster you are, the higher your score!Share - Share your score card on Twitter/LinkedIn using #GoogleCloutWin - Complete all 10 weekly challenges to earn exclusive #GoogleClout badgesReady to get started?Take the #GoogleClout challenge today!Related ArticleEarn Google Cloud swag when you complete the #LearnToEarn challengeEarn swag with the Google Cloud #LearnToEarn challengeRead Article

  • Earn Google Cloud swag when you complete the #LearnToEarn challenge
    by (Training & Certifications) on June 27, 2022 at 4:00 pm

    The MLOps market is expected to grow to around $700m by 20251. With the Google Cloud Professional Data Engineer certification topping the list of highest paying IT certifications in 20212, there has never been a better time to grow your data and ML skills with Google Cloud. Introducing the Google Cloud #LearnToEarn challenge Starting today, you’re invited to join the data and ML #LearnToEarn challenge- a high-intensity workout for your brain.  Get the ML, data, and AI skills you need to drive speedy transformation in your current and future roles with no-cost access to over 50 hands-on labs on Google Cloud Skills Boost. Race the clock with players around the world, collect badges, and earn special swag! How to complete the #LearnToEarn challenge?The challenge will begin with a core data analyst learning track. Then each week you’ll get new tracks designed to help you explore a variety of career paths and skill sets. Keep an eye out for trivia and flash challenges too!  As you progress through the challenge and collect badges, you’ll qualify for rewards at each step of your journey. But time and supplies are limited - so join today and complete by July 19! What’s involved in the challenge? Labs range from introductory to expert level. You’ll get hands-on experience with cutting edge tech like Vertex AI and Looker, plus data differentiators like BigQuery, Tensorflow, integrations with Workspace, and AutoML Vision. The challenge starts with the basics, then gets gradually more complex as you reach each milestone. One lab takes anywhere from ten minutes to about an hour to complete. You do not have to finish all the labs at once - but do keep an eye on start and end dates. Ready to take on the challenge?Join the #LearnToEarn challengetoday!1. IDC, Market Analysis Perspective: Worldwide AI Life-Cycle Software, September 20212. Skillsoft Global Knowledge, 15 top-paying IT certifications list 2021, August 2021

  • General availability: Edge Secured-Core for Windows IoT
    by Azure service updates on June 22, 2022 at 4:00 pm

    Edge Secured-Core is a certification program that extends the Secured-Core label into IoT and Edge devices.

  • Google helps Indonesia advance education on cloud, machine learning, and mobile development through Bangkit academy
    by (Training & Certifications) on June 16, 2022 at 4:00 pm

    Indonesia is leading the way for digital transformation in Southeast Asia. According to Google’s e-Conomy South East Asia report, the country’s 2030 Gross Merchandise Value - the value of online retailing to consumers -  could be twice the value of the whole of Southeast Asia today.  This growth means that many companies need more qualified IT graduates and employees with digital skills than they have today. Fast-growing tech companies need more qualified IT graduates, and employees with digital skills. According to the World Bank, Indonesia needs an additional nine million people with digital skills by 2030. The shortage of technical talent reiterates the need to invest in a reliable skills pipeline. Following years of digital talent developments in Indonesia, Google has become a supporter of Bangkit, an academy designed to produce high-caliber technical talent for Indonesian technology companies and startups. Bangkit has facilitated a multi-stakeholder collaboration between Google, government, industry, and universities across Indonesia. Last year, the President of Indonesia and the Ministry of Education and Culture, Research, and Technology, acknowledged Bangkit’s significant impact, with 3,000 students completing nearly 15,000 courses and specialisations. Building on last year’s success, Bangkit started its 2022 program in February, offering three learning paths to students:Cloud computing with Google Cloud, preparing students for the Google Associate Cloud Engineer certification. Some of the course components are also available online Mobile development with Android, preparing students for the Google Associate Android Developer exam. An online version is available here. Machine learning with Tensorflow, getting students ready to take the Tensorflow Developer certification. Some of the online courses are available here for others.Bangkit 2022 has enrolled 3,100 university students who will take a five month study course, obtaining university study credit, as well as industry certifications. The program accepts diverse cohorts of people who are passionate about preparing for a tech career in the near future, with support and encouragement for women, people with disabilities, and students from across Indonesia to apply. Since its pilot in 2019, Bangkit has been guided by three principles:  Industry-led: provides curriculum and instructors from industry experts, including Google, GoTo and Traveloka. Instructors include key figures such as Laurence Moroney (Google, Lead AI Advocate), Google Developer Experts, and other committed professionals. Immersive: combines online learning methods conducted in both individual and group settings.  Interdisciplinary: contains knowledge and best practices in tech, soft skills, and English to provide complete career readiness. The program runs from February to July 2022, and has a 900-hour curriculum throughout the 18-week learning experience. Benefits for students participating in Bangkit include:Study credit conversion Job opportunities at our career fairGoogle Cloud, TensorFlow and AAD exam vouchersIncubation funds and mentorship support from industryTowards the end of Bangkit 2022, students will team up for the Capstone Project challenge to propose solutions to some of the nation’s most pressing problems, such as environmentalism, accessibility, and more. The top 15 teams will be selected to receive funding to incubate their capstone projects. These education and career-preparedness offerings are provided at no cost.Google is partnering with industry, governments, universities, and employers to help meet the skill demands of today. From supporting the State of Ohio to offer tech skills to residents, to working with the University of Minnesota-Rochester to create a customized health sciences degree program, Google is here to help our partners prepare those they serve for a cloud-first world.

  • Unveiling the 2021 Google Cloud Partner of the Year Award Winners
    by (Training & Certifications) on June 14, 2022 at 3:50 pm

    It’s time to celebrate! Join us in congratulating the 2021 Google Cloud Partner of the Year Award winners. As cloud computing and emerging technologies improve how we connect, share information, and conduct business, these partners helped customers turn challenges into opportunities. We’re proud to work alongside our partners and support customers as they innovate their businesses and accelerate their digital transformations. Congratulations to these winners for their creative spirit, collaborative drive, and customer-first approach; we are proud to recognize you and to call you our partners!Kudos to the 2021 winners:We're proud, grateful, and—above all—excited for what's next. As our network of partners continues to grow, we invite you to learn more about the Google Cloud Partner Advantage Program and how you can get involved by visiting our partner page.Related ArticleCelebrating the winners of the 2021 Google Cloud Customer AwardsCustomers have won Google Cloud Awards for innovation, excellence and transformation during another exciting year in the cloud.Read Article

  • Google Cloud supports higher education with Cloud Digital Leader program
    by (Training & Certifications) on June 8, 2022 at 4:00 pm

    College and university faculty can now easily teach cloud literacy and digital transformation with the Cloud Digital Leader track, part of the Google Cloud career readiness program. The new track is available for eligible faculty who are preparing their students for a cloud-first workforce. As part of the track, students will build their cloud literacy and learn the value of Google Cloud in driving digital transformation, while also preparing for the Cloud Digital Leader certification exam. Apply today!Cloud Digital Leader career readiness trackThe Cloud Digital Leader career readiness track is designed to equip eligible faculty with the resources needed to prepare their students for the Cloud Digital Leader certification. This Google Cloud certification requires no previous cloud computing knowledge or hands-on experience. The training path enables students to build cloud literacy and learn how to evaluate the capabilities of Google Cloud in preparation for future job roles. The curriculumFaculty members can access this curriculum as part of the Google Cloud Career Readiness program. Faculty from eligible institutions can apply to lead students through the no-cost  program which provides access to the four-course on-demand training, hands-on practice to supplement the learning, and additional exam prep resources. Students who complete the entire program are eligible to apply for a certification exam discount. The Cloud Digital Leader track is the third program available for classroom use, joining the Associate Cloud Engineer and Data Analyst tracks. Cloud resources for your classroomReady to get started? Apply today to access the Cloud Digital Leader career readiness track for your classroom. Read the eligibility criteria for faculty. You can preview the course content at no cost.Related ArticleRead Article

  • Why IT leaders choose Google Cloud certification for their teams
    by (Training & Certifications) on May 27, 2022 at 4:00 pm

    As organizations worldwide move to the cloud, it’s become increasingly crucial to provide teams with confidence and the right skills to get the most out of cloud technology. With demand for cloud expertise exceeding the supply of talent, many businesses are looking for new, cost-effective ways to keep up.When ongoing skills gaps stifle productivity, it can cost you money. In Global Knowledge’s 2021 report, 42% of IT decision-makers reported having “difficulty meeting quality objectives” as a result of skills gaps, and, in an IDC survey cited in the same Global Knowledge report, roughly 60% of organizations described a lack of skills as a cause for lost revenue. In today’s fast-paced environment, businesses with cloud knowledge are in a stronger position to achieve more. So what more could you be doing to develop and showcase cloud expertise in your organization?Google Cloud certification helps validate your teams’ technical capabilities, while demonstrating your organization’s commitment to the fast pace of the cloud.What certification offers that experience doesn’t is peace of mind. I’m not only talking about self-confidence, but also for our customers. Having us certified, working on their projects, really gives them peace of mind that they’re working with a partner who knows what they’re doing. Niels Buekers, managing director at Fourcast BVBAWhy get your team Google Cloud certified?When you invest in cloud, you also want to invest in your people. Google Cloud certification equips your teams with the skills they need to fulfill your growing business. Speed up technology implementation Organizations want to speed up transformation and make the most of their cloud investment.Nearly 70% of partner organizations recognize that certifications speed up technology implementation and lead to greater staff productivity, according to a May 2021 IDC Software Partner Survey. The same report also found that 85% of partner IT consultants agree that “certification represents validation of extensive product and process knowledge.”Improve client satisfaction and successGetting your teams certified can be the first step to improving client satisfaction and success. Research of more than 600 IT consultants and resellers in a September 2021 IDC study found that “fully certified teams met 95% of their clients’ objectives, compared to a 36% lower average net promoter score for partially certified teams.”Motivate your team and retain talentIn today’s age of the ongoing Great Resignation, IT leaders are rightly concerned about employee attrition, which can result in stalled projects, unmet business objectives, and new or overextended team members needing time to ramp up. In other words, attrition hurts.But when IT leaders invest in skills development for their teams, talent tends to stick around. According to a business value paper from IDC, comprehensive training leads to 133% greater employee retention compared to untrained teams. When organizations help people develop skills, people stay longer, morale improves, and productivity increases. Organizations wind up with a classic win-win situation as business value accelerates. Finish your projects ahead of scheduleWith your employees feeling supported and well equipped to handle workloads, they can also stay engaged and innovate faster with Google Cloud certifications. “Fully certified teams are 35% more likely than partially certified teams to finish projects ahead of schedule, typically reaching their targets more than two weeks early,” according to research in an IDC InfoBrief.Certify your teamsGoogle Cloud certification is more than a seal of approval – it can be your framework to increase staff tenure, improve productivity, satisfy your customers, and obtain other key advantages to launch your organization into the future. Once you get your teams certified, they’ll join a trusted network of IT professionals in the Google Cloud certified community, with access to resources and continuous  learning opportunities.To discover more about the value of certification for your team, download the IDC paper today and invite your teams to join our upcoming webinar and get started on their certification journey.Related ArticleHow to become a certified cloud professionalHow to become a certified cloud professionalRead Article

  • Public preview: Azure Communication Services APIs in US Government cloud
    by Azure service updates on May 24, 2022 at 4:00 pm

    Use Azure Communication Services APIs for voice, video, and messaging in US Government cloud.

  • New Research shows Google Cloud Skill Badges build in-demand expertise
    by (Training & Certifications) on May 19, 2022 at 4:00 pm

    We live in a digital world, and the future of work is in the cloud. In fact, 61% of HR professionals believe hiring developers will be their biggest challenge in the years ahead.1During your personal cloud journey, it’s critical to build and validate your skills in order to evolve with the rapidly changing technology and business landscape.That is why we created skill badges - a micro-credential issued by Google Cloud to demonstrate your cloud competencies and your commitment to staying on top of the latest Google Cloud solutions and products. To better understand the value of skills badges to holders’ career goals, we commissioned a third-party research firm, Gallup, to conduct a global study on the impact of Google Cloud skill badges. Skill badge earners overwhelmingly gain value from and are satisfied with Google Cloud skill badges.Skill badge holders state that they feel well equipped with the variety of skills gained through skill badge attainment, that they are more confident in their cloud skills, are excited to promote their skills to their professional network, and are able to leverage skill badges to achieve future learning goals, including a Google Cloud certification. 87% agree skill badges provided real-world, hands-on cloud experience286% agree skill badges helped build their cloud competencies2 82% agree skill badges helped showcase growing cloud skills290% agree that skill badges helped them in their Google Cloud certification journey274% plan to complete a Google Cloud certification in the next six months2Join thousands of other learners and take your career to the next level with Google Cloud skill badges.To learn more, download the Google Cloud Skills Badge Impact Report at no cost.1. McKinsey Digital,Tech Talent Technotics: Ten new realities for finding, keeping, and developing talent , 20222. Gallup Study, sponsored by Google Cloud Learning: "Google Cloud Skill Badge Impact report", May 2022Related ArticleHow to prepare for — and ace — Google’s Associate Cloud Engineer examThe Cloud Engineer Learning Path is an effective way to prepare for the Associate.Read Article

  • If you are looking for a Job relating to azure try r/AzureJobs
    by /u/whooyeah (Microsoft Azure Certifications) on May 5, 2022 at 10:41 am

    submitted by /u/whooyeah [link] [comments]

  • General availability: Azure Database for PostgreSQL - Hyperscale (Citus) now FedRAMP High compliant
    by Azure service updates on March 30, 2022 at 4:01 pm

    Azure Database for PostgreSQL – Hyperscale (Citus), a managed service running the open-source Postgres database on Azure is now compliant with FedRAMP High.

  • General availability: Asset certification in Azure Purview data catalog
    by Azure service updates on February 28, 2022 at 5:00 pm

    Data stewards can now certify assets that meet their organization's quality standards in the Azure Purview data catalog

  • Generally available: Azure Database for PostgreSQL – Hyperscale (Citus) new certifications
    by Azure service updates on February 16, 2022 at 5:00 pm

    New compliance certifications are now available on Azure Database for PostgreSQL – Hyperscale (Citus), a managed service running the open-source Postgres database on Azure.

  • General availability: Azure Database for PostgreSQL – Hyperscale (Citus) new certifications
    by Azure service updates on February 2, 2022 at 5:00 pm

    New compliance certifications are now available on Azure Database for PostgreSQL – Hyperscale (Citus), a managed service running the open-source Postgres database on Azure.

  • Generally available: Azure Database for PostgreSQL – Hyperscale (Citus): New certifications
    by Azure service updates on January 19, 2022 at 5:00 pm

    New compliance certifications are now available on Azure Database for PostgreSQL – Hyperscale (Citus), a managed service running the open-source Postgres database on Azure.

  • Azure Database for PostgreSQL – Hyperscale (Citus): New toolkit certifications generally available
    by Azure service updates on December 15, 2021 at 5:00 pm

    New Toolkit certifications are now available on Azure Database for PostgreSQL – Hyperscale (Citus), a managed service running the open-source Postgres database on Azure.

  • Azure VMware Solution achieves FedRAMP High Authorization
    by Azure service updates on September 15, 2021 at 11:53 pm

    With this certification, U.S. government and public sector customers can now use Azure VMware Solution as a compliant FedRAMP cloud computing environment, ensuring it meets the demanding standards for security and information protection.

  • Azure expands HITRUST certification across 51 Azure regions
    by Azure service updates on August 23, 2021 at 9:38 pm

    Azure expands offering and region coverage to Azure customers with its 2021 HITRUST validated assessment.

  • Azure Database for PostgreSQL - Hyperscale (Citus) now compliant with additional certifications
    by Azure service updates on June 9, 2021 at 4:00 pm

    New certifications are now available for Hyperscale (Citus) on Azure Database for PostgreSQL, a managed service running the open-source Postgres database on Azure.

  • Azure expands PCI DSS certification
    by Azure service updates on March 15, 2021 at 5:02 pm

    You can now leverage Azure’s Payment Card Industry Data Security Standard (PCI DSS) certification across all live Azure regions.

  • 172 Azure offerings achieve HITRUST certification
    by Azure service updates on February 3, 2021 at 10:24 pm

    Azure expands its depth of offerings to Azure customers with its latest independent HITRUST assessment.

  • Azure achieves its first PCI 3DS certification
    by Azure service updates on February 3, 2021 at 10:24 pm

    Azure’s PCI 3DS Attestation of Compliance, PCI 3DS Shared Responsibility Matrix, and PCI 3DS whitepaper are now available.

  • Azure Databricks Achieves FedRAMP High Authorization on Microsoft Azure Government
    by Azure service updates on November 25, 2020 at 5:00 pm

    With this certification, customers can now use Azure Databricks to process the U.S. government’s most sensitive, unclassified data in cloud computing environments, including data that involves the protection of life and financial assets.

  • New SAP HANA Certified Memory-Optimized Virtual Machines now available
    by Azure service updates on November 12, 2020 at 5:01 pm

    We are expanding our SAP HANA certifications, enabling you to run production SAP HANA workloads on the Edsv4 virtual machines sizes.

  • Azure achieves Service Organization Controls compliance for 14 additional services
    by Azure service updates on November 11, 2020 at 5:10 pm

    Azure gives you some of the industry’s broadest certifications for the critical SOC 1, 2, and 3 compliance offering, which is widely used around the world.

  • Announcing the unified Azure Certified Device program
    by Azure service updates on September 22, 2020 at 4:05 pm

    A unified and enhanced Azure Certified Device program was announced at Microsoft Ignite, expanding on previous Microsoft certification offerings that validate IoT devices meet specific capabilities and are built to run on Azure. This program offers a low-cost opportunity for device builders to increase visibility of their products while making it easy for solution builders and end customers to find the right device for their IoT solutions.

  • IoT Security updates for September 2020
    by Azure service updates on September 22, 2020 at 4:05 pm

    New Azure IoT Security product updates include improvements around monitoring, edge nesting and the availability of Azure Defender for IoT.

  • Azure Certified for Plug and Play is now available
    by Azure service updates on August 27, 2020 at 12:21 am

    IoT Plug and Play device certification is now available from Microsoft as part of the Azure Certified device program.

  • Azure France has achieved GSMA accreditation
    by Azure service updates on August 6, 2020 at 5:45 pm

    Azure has added an important compliance offering for telecommunications in France, the Global System for Mobile Communications Association (GSMA) Security Accreditation Scheme for Subscription Management (SAS-SM).

  • Azure Red Hat OpenShift is now ISO 27001 certified
    by Azure service updates on July 21, 2020 at 4:00 pm

    To help you meet your compliance obligations across regulated industries and markets worldwide, Azure Red Hat OpenShift is now ISO 27001 certified.

  • Azure Lighthouse updates—April 2020
    by Azure service updates on June 1, 2020 at 4:00 pm

    Several critical updates have been made to Azure Lighthouse, including FEDRAMP certification, delegation opt-out, and Azure Backup reports.

  • Azure NetApp Files—New certifications, increased SLA, expanded regional availability
    by Azure service updates on May 19, 2020 at 4:00 pm

    The SLA guarantee for Azure NetApp Files has increased to 99.99 percent. In addition, NetApp Files is now HIPAA and FedRAMP certified, and regional availability has been increased.

  • Kubernetes on Azure Stack Hub in GA
    by Azure service updates on February 25, 2020 at 5:00 pm

    We now support Kubernetes cluster deployment on Azure Stack Hub, a certified Kubernetes Cloud Provider. Install Kubernetes using Azure Resource Manager templates generated by ACS Engine on Azure Stack Hub.

  • Azure Firewall Spring 2020 updates
    by Azure service updates on February 19, 2020 at 5:00 pm

    Excerpt: Azure Firewall is now ICSA Labs certified. In addition, several key Azure Firewall capabilities have recently been released into general availability (GA) and preview.

  • Azure IoT C# and Java SDKs release new long-term support (LTS) branches
    by Azure service updates on February 14, 2020 at 5:00 pm

    The Azure IoT Java and C# SDKs have each now released new long-term support (LTS) branches.

  • HPC Cache receives ISO certifications, adds stopping feature, and new region
    by Azure service updates on February 11, 2020 at 5:00 pm

    Azure HPC Cache has received new SO27001, 27018 and 27701 certifications, adds new features to manage storage caching in performance-driven workloads and expands service access to Korea Central.

  • Azure Blueprint for FedRAMP High now available in new regions
    by Azure service updates on February 3, 2020 at 5:00 pm

    The Azure Blueprint for FedRAMP High is now available in both Azure Government and Azure Public regions. This is in addition to the Azure Blueprint for FedRAMP Moderate released in November, 2019.

  • Azure Databricks Is now HITRUST certified
    by Azure service updates on January 22, 2020 at 5:01 pm

    Azure Databricks is now certified for the HITRUST Common Security Framework (HITRUST CSF®), the most widely coveted security accreditation for the healthcare industry. With this certification, health care customers can now use volumes of clinical data to drive innovation using Azure Databricks, without any worry about security and risk.

  • Microsoft plans to establish new cloud datacenter region in Qatar
    by Azure service updates on December 11, 2019 at 8:00 pm

    Microsoft recently announced plans to establish a new cloud datacenter region in Qatar to deliver its intelligent, trusted cloud services and expand the Microsoft global cloud infrastructure to 55 cloud regions in 20 countries.

  • Azure NetApp Files HANA certification and new region availability
    by Azure service updates on November 4, 2019 at 5:00 pm

    Azure NetApp Files , one of the fastest growing bare-metal Azure services, has achieved SAP HANA certification for both scale-up and scale-out deployments.

  • Azure achieves TrueSight certification
    by Azure service updates on September 23, 2019 at 5:00 pm

    Azure achieved certification for TruSight, an industry-backed, best-practices third-party assessment utility.

  • IoT Plug and Play Preview is now available
    by Azure service updates on August 21, 2019 at 4:00 pm

    With IoT Plug and Play Preview, solution developers can start using Azure IoT Central to build solutions that integrate seamlessly with IoT devices enabled with IoT Plug and Play.

  • View linked GitHub activity from the Kanban board
    by Azure service updates on June 21, 2019 at 5:00 pm

    We continue to enhance the Azure Boards integration with GitHub. Now you can get information of your linked GitHub commits, pull requests and issues on your Kanban board. This information will give you a quick sense of where an item is at and allow you to directly navigate out to the GitHub commit, pull request, or issue for more details.

  • Video Indexer is now ISO, SOC, HiTRUST, FedRAMP, HIPAA, PCI certified
    by Azure service updates on April 2, 2019 at 9:08 pm

    Video Indexer has received new certifications to fit with enterprise certification requirements.

  • Video Indexer is now ISO, SOC, HiTRUST, FedRAMP, HIPAA, PCI certified
    by Azure service updates on March 26, 2019 at 9:06 pm

    Video Indexer has received new certifications to fit with enterprise certification requirements.

  • Azure South Africa regions are now available
    by Azure service updates on March 7, 2019 at 6:00 pm

    Azure services are available from new cloud regions in Johannesburg (South Africa North) and Cape Town (South Africa West), South Africa. The launch of these regions is a milestone for Microsoft.

  • Azure DevOps Roadmap update for 2019 Q1
    by Azure service updates on February 14, 2019 at 8:22 pm

    We updated the Features Timeline to provide visibility on our key investments for this quarter.

  • Azure Stack—FedRAMP High documentation now available
    by Azure service updates on November 1, 2018 at 7:00 pm

    FedRAMP High documentation is now available for Azure Stack customers.

  • Kubernetes on Azure Stack in preview
    by Azure service updates on November 1, 2018 at 7:00 pm

    We now support Kubernetes cluster deployment on Azure Stack, a certified Kubernetes Cloud Provider. Install Kubernetes using Azure Resource Manager templates generated by ACS-Engine on Azure Stack.

  • Azure Stack Infrastructure—compliance certification guidance
    by Azure service updates on November 1, 2018 at 7:00 pm

    We have created documentation to describe how Azure Stack infrastructure satisfies regulatory technical controls for PCI-DSS and CSA-CCM.

  • Logic Apps is ISO, HIPAA, CSA STAR, PCI DSS, SOC, and EU Model Clauses compliant
    by Azure service updates on July 18, 2017 at 5:05 pm

    The Logic Apps feature of Azure App Service is now ISO/IEC 27001, ISO/IEC 27018, HIPAA, CSA STAR, PCI DSS, SOC, and EU Model Clauses compliant.

  • Apache Kafka on HDInsight with Azure Managed Disks
    by Azure service updates on June 30, 2017 at 3:44 pm

    We're pleased to announce Apache Kafka with Azure Managed Disks Preview on the HDInsight platform. Users will now be able to deploy Kafka clusters with managed disks straight from the Azure portal, with no signup necessary.

  • Azure Backup for Windows Server system state
    by Azure service updates on June 14, 2017 at 10:54 pm

    Customers will now be able to to perform comprehensive, secure, and reliable Windows Server recoveries. We Will be extending the data backup capabilities of the Azure Backup agent so that it will now integrate with the Windows Server Backup feature, available natively on every Windows Server.

  • Azure Data Catalog is ISO, CSA STAR, HIPAA, EU Model Clauses compliant
    by Azure service updates on March 7, 2017 at 12:00 am

    Azure Data Catalog is ISO/IEC 27001, ISO/IEC 27018, HIPAA, CSA STAR, and EU Model Clauses compliant.

  • Azure compliance: Azure Cosmos DB certified for ISO 27001, HIPAA, and the EU Model Clauses
    by Azure service updates on March 25, 2016 at 10:00 am

    The Azure Cosmos DB team is excited to announce that Azure Cosmos DB is ISO 27001, HIPAA, and EU Model Clauses compliant.

  • Compliance updates for Azure public cloud
    by Azure service updates on March 16, 2016 at 9:24 pm

    We’re adding more certification coverage to our Azure portfolio, so regulated customers can take advantage of new services.

  • Protect and recover your production workloads in Azure
    by Azure service updates on October 2, 2014 at 5:00 pm

    With Azure Site Recovery, you can protect and recover your production workloads while saving on capital and operational expenditures.

  • ISO Certification expanded to include more Azure services
    by Azure service updates on January 17, 2014 at 1:00 am

    Azure ISO Certification expanded to include SQL Database, Active Directory, Traffic Manager, Web Sites, BizTalk Services, Media Services, Mobile Services, Service Bus, Multi-Factor Authentication, and HDInsight.


Top-paying Cloud certifications:

Google Certified Professional Cloud Architect — $175,761/year
AWS Certified Solutions Architect – Associate — $149,446/year
Azure/Microsoft Cloud Solution Architect – $141,748/yr
Google Cloud Associate Engineer – $145,769/yr
AWS Certified Cloud Practitioner — $131,465/year
Microsoft Certified: Azure Fundamentals — $126,653/year
Microsoft Certified: Azure Administrator Associate — $125,993/year

Djamgatech: Multilingual and Platform Independent Cloud Certification and Education App for AWS, Azure, Google Cloud

Djamgatech: AI Driven Continuing Education and Certification Preparation Platform

You can translate the content of this page by selecting a language in the select box.

The Cloud Education Certification App is an EduFlix App for AWS, Azure, Google Cloud Certification Prep [Android, iOS]

Technology is changing and is moving towards the cloud. The cloud will power most businesses in the coming years and is not taught in schools. How do we ensure that our kids and youth and ourselves are best prepared for this challenge?

Building mobile educational apps that work offline and on any device can help greatly in that sense.

The ability to tab on a button and learn the cloud fundamentals and take quizzes is a great opportunity to help our children and youth to boost their job prospects and be more productive at work.

The App covers the following certifications :
AWS Cloud Practitioner Exam Prep CCP CLF-C01, Azure Fundamentals AZ 900 Exam Prep, AWS Certified Solution Architect Associate SAA-C02 Exam Prep, AWS Certified Developer Associate DVA-C01 Exam Prep, Azure Administrator AZ 104 Exam Prep, Google Associate Cloud Engineer Exam Prep, Data Analytics for AWS DAS-C01, Machine Learning for AWS and Google, AWS Certified Security – Specialty (SCS-C01), AWS Certified Machine Learning – Specialty (MLS-C01), Google Cloud Professional Machine Learning Engineer and more… [Android, iOS]

[appbox googleplay com.cloudeducation.free]
[appbox appstore 1560083470-iphone screenshots]

The App covers the following cloud categories:

AWS Technology, AWS Security and Compliance, AWS Cloud Concepts, AWS Billing and Pricing , AWS Design High Performing Architectures, AWS Design Cost Optimized Architectures, AWS Specify Secure Applications And Architectures, AWS Design Resilient Architecture, Development With AWS, AWS Deployment, AWS Security, AWS Monitoring, AWS Troubleshooting, AWS Refactoring, Azure Pricing and Support, Azure Cloud Concepts , Azure Identity, governance, and compliance, Azure Services , Implement and Manage Azure Storage, Deploy and Manage Azure Compute Resources, Configure and Manage Azure Networking Services, Monitor and Backup Azure Resources, GCP Plan and configure a cloud solution, GCP Deploy and implement a cloud solution, GCP Ensure successful operation of a cloud solution, GCP Configure access and security, GCP Setting up a cloud solution environment, AWS Incident Response, AWS Logging and Monitoring, AWS Infrastructure Security, AWS Identity and Access Management, AWS Data Protection, AWS Data Engineering, AWS Exploratory Data Analysis, AWS Modeling, AWS Machine Learning Implementation and Operations, GCP Frame ML problems, GCP Architect ML solutions, GCP Prepare and process data, GCP Develop ML models, GCP Automate & orchestrate ML pipelines, GCP Monitor, optimize, and maintain ML solutions, etc.. [Android, iOS]

Cloud Education and Certification

The App covers the following Cloud Services, Framework and technologies:

AWS: VPC, S3, DynamoDB, EC2, ECS, Lambda, API Gateway, CloudWatch, CloudTrail, Code Pipeline, Code Deploy, TCO Calculator, SES, EBS, ELB, AWS Autoscaling , RDS, Aurora, Route 53, Amazon CodeGuru, Amazon Bracket, AWS Billing and Pricing, Simply Monthly Calculator, cost calculator, Ec2 pricing on-demand, IAM, AWS Pricing, Pay As You Go, No Upfront Cost, Cost Explorer, AWS Organizations, Consolidated billing, Instance Scheduler, on-demand instances, Reserved instances, Spot Instances, CloudFront, Workspace, S3 storage classes, Regions, Availability Zones, Placement Groups, Amazon lightsail, Redshift, EC2 G4ad instances, DAAS, PAAS, IAAS, SAAS, NAAS, Machine Learning, Key Pairs, AWS CloudFormation, Amazon Macie, Amazon Textract, Glacier Deep Archive, 99.999999999% durability, AWS Codestar, Amazon Neptune, S3 Bucket, EMR, SNS, Desktop As A Service, Emazon EC2 for Mac, Aurora Postgres SQL, Kubernetes, Containers, Cluster.

Azure: Virtual Machines, Azure App Services, Azure Container Instances (ACI), Azure Kubernetes Service (AKS), and Windows Virtual Desktop, Virtual Networks, VPN Gateway, Virtual Network peering, and ExpressRoute, Container (Blob) Storage, Disk Storage, File Storage, and storage tiers, Cosmos DB, Azure SQL Database, Azure Database for MySQL, Azure Database for PostgreSQL, and SQL Managed Instance, Azure Marketplace, Azure consumption-based mode, management groups, resources and RG, Geographic distribution concepts such as Azure regions, region pairs, and AZ Internet of Things (IoT) Hub, IoT Central, and Azure Sphere, Azure Synapse Analytics, HDInsight, and Azure Databricks, Azure Machine Learning, Cognitive Services and Azure Bot Service, Serverless computing solutions that include Azure Functions and Logic Apps, Azure DevOps, GitHub, GitHub Actions, and Azure DevTest Labs, Azure Mobile, Azure Advisor, Azure Resource Manager (ARM) templates, Azure Security, Privacy and Workloads, General security and network security, Azure security features, Azure Security Centre, policy compliance, security alerts, secure score, and resource hygiene, Key Vault, Azure Sentinel, Azure Dedicated Hosts, Concept of defense in depth, NSG, Azure Firewall, Azure DDoS protection, Identity, governance, Conditional Access, Multi-Factor Authentication (MFA), and Single Sign-On (SSO),Azure Services, Core Azure architectural components, Management Groups, Azure Resource Manager,

Google Cloud Platform: Compute Engine, App Engine, BigQuery, Bigtable, Pub/Sub, flow logs, CORS, CLI, pod, Firebase, Cloud Run, Cloud Firestore, Cloud CDN, Cloud Storage, Persistent Disk, Kubernetes engine, Container registry, Cloud Load Balancing, Cloud Dataflow, gsutils, Cloud SQL,

If you are looking for an all-in-one solution to help you prepare for the AWS Cloud Practitioner Certification Exam, look no further than this AWS Cloud Practitioner CCP CLFC01 book below.


2022 AWS Cloud Practitioner Exam Preparation

Cloud Education Certification: Eduflix App for Cloud Education and Certification (AWS, Azure, Google Cloud) [Android, iOS]

Invest in your future today by enrolling in this Azure Fundamentals - Microsoft Azure Certification and Training ebook below. This Azure Fundamentals Exam Prep Book will prepare you for the Azure Fundamentals AZ900 Certification Exam.


Features:
– Practice exams
– 1000+ Q&A updated frequently.
– 3+ Practice exams per Certification
– Scorecard / Scoreboard to track your progress
– Quizzes with score tracking, progress bar, countdown timer.
– Can only see scoreboard after completing the quiz.
– FAQs for most popular Cloud services
– Cheat Sheets
– Flashcards
– works offline

Note and disclaimer: We are not affiliated with AWS, Azure, Microsoft or Google. The questions are put together based on the certification study guide and materials available online. The questions in this app should help you pass the exam but it is not guaranteed. We are not responsible for any exam you did not pass.

Important: To succeed with the real exam, do not memorize the answers in this app. It is very important that you understand why a question is right or wrong and the concepts behind it by carefully reading the reference documents in the answers.

CyberSecurity 101 and Top 25 AWS Certified Security Specialty Questions and Answers Dumps

AWS Certified Security – Specialty Questions and Answers Dumps

You can translate the content of this page by selecting a language in the select box.

Almost 4.57 billion people were active internet users as of July 2020, encompassing 59 percent of the global population.  94% of enterprises use cloud. 77% of organizations worldwide have at least one application running on the cloud. This results in an exponential growth of cyber attacks. Therefore, CyberSecurity is one  the biggest challenge to individuals and organizations worldwide:  158,727 cyber attacks per hour, 2,645 per minute and 44 every second of every day.  

In this blog, we cover the Top 25 AWS Certified Security Specialty Questions and Answers Dumps and all latest and relevant information about CyberSecurity including:

I- The AWS Certified Security – Specialty (SCS-C01) examination is intended for  individuals who perform a security role. This exam validates an examinee’s ability to effectively demonstrate knowledge about securing the AWS platform.

It validates an examinee’s ability to demonstrate:

An understanding of specialized data classifications and AWS data protection mechanisms.

An understanding of data-encryption methods and AWS mechanisms to implement them.

An understanding of secure Internet protocols and AWS mechanisms to implement them.

A working knowledge of AWS security services and features of services to provide a secure production environment.

Competency gained from two or more years of production deployment experience using AWS security services and features.

The ability to make tradeoff decisions with regard to cost, security, and deployment complexity given a set of application requirements.

AWS Certified Security Specialty
AWS Certified Security Specialty

An understanding of security operations and risks.

Below are the Top 25 AWS Certified Security Specialty Questions and Answers Dumps including Notes, Hint and References:

Question 1:  When requested through an STS API call, credentials are returned with what three components?

A)  Security Token, Access Key ID, Signed URL
B) Security Token, Access Key ID, Secret Access Key
C) Signed URL, Security Token, Username
D) Security Token, Secret Access Key, Personal Pin Code
 

ANSWER1:

B

If you are looking for an all-in-one solution to help you prepare for the AWS Cloud Practitioner Certification Exam, look no further than this AWS Cloud Practitioner CCP CLFC01 book below.


Notes/Hint1:

Security Token, Access Key ID, Secret Access Key

Invest in your future today by enrolling in this Azure Fundamentals - Microsoft Azure Certification and Training ebook below. This Azure Fundamentals Exam Prep Book will prepare you for the Azure Fundamentals AZ900 Certification Exam.


Reference1: Security Token, Access Key ID, Secret Access Key

Get mobile friendly version of the quiz @ the App Store

Back to Top

Question 2: A company has AWS workloads in multiple geographical locations. A Developer has created an Amazon Aurora database in the us-west-1 Region. The database is encrypted using a customer-managed AWS KMS key. Now the Developer wants to create the same encrypted database in the us-east-1 Region. Which approach should the Developer take to accomplish this task?

A) Create a snapshot of the database in the us-west-1 Region. Copy the snapshot to the us-east-1 Region and specify a KMS key in the us-east-1 Region. Restore the database from the copied snapshot.
B) Create an unencrypted snapshot of the database in the us-west-1 Region. Copy the snapshot to the useast-1 Region. Restore the database from the copied snapshot and enable encryption using the KMS key from the us-east-1 Region
C) Disable encryption on the database. Create a snapshot of the database in the us-west-1 Region. Copy the snapshot to the us-east-1 Region. Restore the database from the copied snapshot.
D) In the us-east-1 Region, choose to restore the latest automated backup of the database from the us-west1 Region. Enable encryption using a KMS key in the us-east-1 Region
 

ANSWER2:

A

Notes/Hint2:

If a user copies an encrypted snapshot, the copy of the snapshot must also be encrypted. If a user copies an encrypted snapshot across Regions, users cannot use the same AWS KMS encryption key for the copy as used for the source snapshot, because KMS keys are Region specific. Instead, users must specify a KMS key that is valid in the destination Region

Reference2: copies an encrypted snapshot, KMS Keys are Region-specific

With average increases in salary of over 25% for certified individuals, you’re going to be in a much better position to secure your dream job or promotion if you earn your AWS Certified Solutions Architect Associate our Cloud Practitioner certification. Get the books below to for real practice exams:

Use the promo codes: W6XM9XP4TWN9 or T6K9P4J9JPPR or 9LWMYKJ7TWPN or TN4NTERJYHY4 for AWS CCP eBook at Apple iBook store.


Use Promo Codes XKPHAATA6LRL 4XJRP9XLT9XL or LTFFY6JA33EL or HKRMTMTHFMAM or 4XHAFTWT4FN6 for AWS SAA-C03 eBook at Apple iBook store



Use Promo Codes EF46PT44LXPN or L6L9R9LKEFFR or TWELPA4JFJWM for Azure Fundamentals eBook at Apple iBook store.

Get mobile friendly version of the quiz @ the App Store

Question 3: A corporate cloud security policy states that communication between the company’s VPC and KMS must travel entirely within the AWS network and not use public service endpoints. Which combination of the following actions MOST satisfies this requirement? (Select TWO.) 

A) Add the aws:sourceVpce condition to the AWS KMS key policy referencing the company’s VPC endpoint ID.
 
B) Remove the VPC internet gateway from the VPC and add a virtual private gateway to the VPC to prevent direct, public internet connectivity.
 
C) Create a VPC endpoint for AWS KMS with private DNS enabled.
 
D) Use the KMS Import Key feature to securely transfer the AWS KMS key over a VPN. E) Add the following condition to the AWS KMS key policy: “aws:SourceIp”: “10.0.0.0/16“.
 

ANSWER3:

A and C

Notes/Hint3: 

An IAM policy can deny access to AWS KMS except through your VPC endpoint with the following condition statement: 
“Condition”:  {
     “StringNotEquals”: { 
             “aws:sourceVpce”: “vpce-0295a3caf8414c94a” 
                 } 
}
 If you select the Enable Private DNS Name option, the standard AWS KMS DNS hostname resolves to your VPC endpoint.


We know you like your hobbies and especially coding, We do too, but you should find time to build the skills that’ll drive your career into Six Figures. Cloud skills and certifications can be just the thing you need to make the move into cloud or to level up and advance your career. 85% of hiring managers say cloud certifications make a candidate more attractive. Start your cloud journey with these excellent books below:

Reference3: AWS KMS

Get mobile friendly version of the quiz @ the App Store

Question 4: An application team is designing a solution with two applications. The security team wants the applications’ logs to be captured in two different places, because one of the applications produces logs with sensitive data. Which solution meets the requirement with the LEAST risk and effort? 

A) Use Amazon CloudWatch Logs to capture all logs, write an AWS Lambda function that parses the log file, and move sensitive data to a different log.
 
B) Use Amazon CloudWatch Logs with two log groups, with one for each application, and use an AWS IAM policy to control access to the log groups, as required.
 
C) Aggregate logs into one file, then use Amazon CloudWatch Logs, and then design two CloudWatch metric filters to filter sensitive data from the logs.
 
 D) Add logic to the application that saves sensitive data logs on the Amazon EC2 instances’ local storage, and write a batch script that logs into the Amazon EC2 instances and moves sensitive logs to a secure location.
 

ANSWER4:

B

Notes/Hint4: 

Each application’s log can be configured to send the log to a specific Amazon CloudWatch Logs log group.

Reference4: Amazon CloudWatch Logs log group.

Get mobile friendly version of the quiz @ the App Store

Question 5: A security engineer must set up security group rules for a three-tier application: 

  • Presentation tier – Accessed by users over the web, protected by the security group presentation-sg
  • Logic tier – RESTful API accessed from the presentation tier through HTTPS, protected by the security group logic-sg
  • Data tier – SQL Server database accessed over port 1433 from the logic tier, protected by the security group data-sg
Which combination of the following security group rules will allow the application to be secure and functional? (Select THREE.)
 
A) presentation-sg: Allow ports 80 and 443 from 0.0.0.0/0
B) data-sg: Allow port 1433 from presentation-sg
C) data-sg: Allow port 1433 from logic-sg
D) presentation-sg: Allow port 1433 from data-sg
 E) logic-sg: Allow port 443 from presentation-sg
F) logic-sg: Allow port 443 from 0.0.0.0/0
 

ANSWER5:

A C and E

Notes/Hint5: 

In an n-tier architecture, each tier’s security group allows traffic from the security group sending it traffic only. The presentation tier opens traffic for HTTP and HTTPS from the internet. Since security groups are stateful, only inbound rules are required.

Reference5: n-tier architecture

Get mobile friendly version of the quiz @ the App Store

Question 6: A security engineer is working with a product team building a web application on AWS. The application uses Amazon S3 to host the static content, Amazon API Gateway to provide RESTful services, and Amazon DynamoDB as the backend data store. The users already exist in a directory that is exposed through a SAML identity provider. Which combination of the following actions should the engineer take to enable users to be authenticated into the web application and call APIs? (Select THREE). 

A) Create a custom authorization service using AWS Lambda.
 
B) Configure a SAML identity provider in Amazon Cognito to map attributes to the Amazon Cognito user pool attributes.
 
C) Configure the SAML identity provider to add the Amazon Cognito user pool as a relying party.
 
D) Configure an Amazon Cognito identity pool to integrate with social login providers.
 
E) Update DynamoDB to store the user email addresses and passwords.
 
F) Update API Gateway to use an Amazon Cognito user pool authorizer.

ANSWER6:

B, C and F

Notes/Hint6: 

When Amazon Cognito receives a SAML assertion, it needs to be able to map SAML attributes to user pool attributes. When configuring Amazon Cognito to receive SAML assertions from an identity provider, you need ensure that the identity provider is configured to have Amazon Cognito as a relying party. Amazon API Gateway will need to be able to understand the authorization being passed from Amazon Cognito, which is a configuration step.

Reference6: user pool attributes Amazon API Gateway 

Get mobile friendly version of the quiz @ the App Store

Question 7: A company is hosting a web application on AWS and is using an Amazon S3 bucket to store images. Users should have the ability to read objects in the bucket. A security engineer has written the following bucket policy to grant public read access:

Attempts to read an object, however, receive the error: “Action does not apply to any resource(s) in statement.” What should the engineer do to fix the error? 
 
A) Change the IAM permissions by applying PutBucketPolicy permissions.
 
B) Verify that the policy has the same name as the bucket name. If not, make it the same.
 
C) Change the resource section to “arn:aws:s3:::appbucket/*”.
 
D) Add an s3:ListBucket action.
 

ANSWER7:

C

Notes/Hint7: 

The resource section should match with the type of operation. Change the ARN to include /* at the end, as it is an object operation.

Reference7: IAM Policy – Access to S3 bucket

Get mobile friendly version of the quiz @ the App Store

Question 8: A company decides to place database hosts in its own VPC, and to set up VPC peering to different VPCs containing the application and web tiers. The application servers are unable to connect to the database. Which network troubleshooting steps should be taken to resolve the issue? (Select TWO.)

 A) Check to see if the application servers are in a private subnet or public subnet.
B) Check the route tables for the application server subnets for routes to the VPC peering connection.
C) Check the NACLs for the database subnets for rules that allow traffic from the internet.
D) Check the database security groups for rules that allow traffic from the application servers.
E) Check to see if the database VPC has an internet gateway.
 

ANSWER8:

B and D

Notes/Hint8: 

You must configure the route tables in each VPC to route to each other through the peering connection. You also must add rules to the security group for the databases to accept requests from the application server security group in the other VPC. 

Reference8: route tables ,  rules to the security groupsecurity group in the other VPC

Get mobile friendly version of the quiz @ the App Store

Question 9: A company is building a data lake on Amazon S3. The data consists of millions of small files containing sensitive information. The security team has the following requirements for the architecture: 

  • Data must be encrypted in transit. 
  • Data must be encrypted at rest. 
  • The bucket must be private, but if the bucket is accidentally made public, the data must remain confidential. 
Which combination of steps would meet the requirements? (Select TWO.) 
 
A) Enable AES-256 encryption using server-side encryption with Amazon S3-managed encryption keys (SSE-S3) on the S3 bucket.
 
B) Enable default encryption with server-side encryption with AWS KMS-managed keys (SSE-KMS) on the S3 bucket.
 
C) Add a bucket policy that includes a deny if a PutObject request does not include aws:SecureTransport.
 
D) Add a bucket policy with aws:SourceIp to allow uploads and downloads from the corporate intranet only.
 
E) Enable Amazon Macie to monitor and act on changes to the data lake’s S3 bucket.

ANSWER9:

B and C

Notes/Hint9: 

Bucket encryption using KMS will protect both in case disks are stolen as well as if the bucket is public. This is because the AWS KMS key would need to have privileges granted to it for users outside of AWS. HTTPS will protect data in transit.

Reference9: Bucket encryption using KMS, privileges granted data in transit

Get mobile friendly version of the quiz @ the App Store

Question 10: A security engineer must ensure that all API calls are collected across all company accounts, and that they are preserved online and are instantly available for analysis for 90 days. For compliance reasons, this data must be restorable for 7 years. Which steps must be taken to meet the retention needs in a scalable, cost-effective way? 

A) Enable AWS CloudTrail logging across all accounts to a centralized Amazon S3 bucket with versioning enabled. Set a lifecycle policy to move the data to Amazon Glacier daily, and expire the data after 90 days.
 
B) Enable AWS CloudTrail logging across all accounts to S3 buckets. Set a lifecycle policy to expire the data in each bucket after 7 years.
 
C) Enable AWS CloudTrail logging across all accounts to Amazon Glacier. Set a lifecycle policy to expire the data after 7 years.
 
D) Enable AWS CloudTrail logging across all accounts to a centralized Amazon S3 bucket. Set a lifecycle policy to move the data to Amazon Glacier after 90 days, and expire the data after 7 years.
 

ANSWER10:

D

Notes/Hint10: 

Meets all requirements and is cost effective by using lifecycle policies to transition to Amazon Glacier.

Reference10: lifecycle policies

Get mobile friendly version of the quiz @ the App Store

Question 11: A security engineer has been informed that a user’s access key has been found on GitHub. The engineer must ensure that this access key cannot continue to be used, and must assess whether the access key was used to perform any unauthorized activities. Which steps must be taken to perform these tasks? 

A) Review the user’s IAM permissions and delete any unrecognized or unauthorized resources.
B) Delete the user, review Amazon CloudWatch Logs in all regions, and report the abuse.
C) Delete or rotate the user’s key, review the AWS CloudTrail logs in all regions, and delete any unrecognized or unauthorized resources.
D) Instruct the user to remove the key from the GitHub submission, rotate keys, and re-deploy any instances that were launched.
 

ANSWER11:

C

Notes/Hint11: 

 Removes keys and audits the environment for malicious activities.

Reference11: malicious activities

Get mobile friendly version of the quiz @ the App Store

Question 12: You have a CloudFront distribution configured with the following path patterns: When users request objects that start with ‘static2/’, they are receiving 404 response codes. What might be the problem?

A) CloudFront distributions cannot have multiple different origin types

B) The ‘*’ path pattern must appear after the ‘static2/*’ path

C) CloudFront distributions cannot have origins in different AWS regions
 
D) The ‘*’ path pattern must appear before ‘static1/*’ path
        

ANSWER12:

C

Notes/Hint12: 

CloudFront distributions cannot have origins in different AWS regions

Reference12: CloudFront

Get mobile friendly version of the quiz @ the App Store

Question 13: An application running on EC2 instances processes sensitive information stored on Amazon S3. The information is accessed over the Internet. The security team is concerned that the Internet connectivity to Amazon S3 is a security risk. Which solution will resolve the security concern?

A) Access the data through an Internet Gateway.”,
B) Access the data through a VPN connection.”,
C) Access the data through a NAT Gateway.”,
D) Access the data through a VPC endpoint for Amazon S3″,
 

ANSWER13:

D

Notes/Hint13: 

VPC endpoints for Amazon S3 provide secure connections to S3 buckets that do not require a gateway or NAT instances. NAT Gateways and Internet Gateways still route traffic over the Internet to the public endpoint for Amazon S3. There is no way to connect to Amazon S3 via VPN.

Reference13: S3 VPC Endpoints

Get mobile friendly version of the quiz @ the App Store

Question 14: An organization is building an Amazon Redshift cluster in their shared services VPC. The cluster will host sensitive data. How can the organization control which networks can access the cluster?

A) Run the cluster in a different VPC and connect through VPC peering
B) Create a database user inside the Amazon Redshift cluster only for users on the network
 C) Define a cluster security group for the cluster that allows access from the allowed networks
  D) Only allow access to networks that connect with the shared services network via VPN
 

ANSWER14:

C

Notes/Hint14: 

A security group can grant access to traffic from the allowed networks via the CIDR range for each network. VPC peering and VPN are connectivity services and cannot control traffic for security. Amazon Redshift user accounts address authentication and authorization at the user level and have no control over network traffic

Reference14: AWS Security best practice

Get mobile friendly version of the quiz @ the App Store

Question 15: From a security perspective, what is a principal?

A) An identity
B) An anonymous user
C) An authenticated user
D) A resource
 

ANSWER15:

B and C

Notes/Hint15: 

An anonymous user falls under the definition of a principal. A principal can be an anonymous user acting on a system.  An authenticated user falls under the definition of a principal. A principal can be an authenticated user acting on a system

Reference15: IAM

Get mobile friendly version of the quiz @ the App Store

Question 16: A company is storing an access key (access key ID and secret access key) in a text file on a custom AMI. The company uses the access key to access DynamoDB tables from instances created from the AMI. The security team has mandated a more secure solution. Which solution will meet the security team’s mandate?

A) Put the access key in an S3 bucket, and retrieve the access key on boot from the instance.
B) Pass the access key to the instances through instance user data.
C) Obtain the access key from a key server launched in a private subnet
D) Create an IAM role with permissions to access the table, and launch all instances with the new role
 

ANSWER16:

D

Notes/Hint16: 

IAM roles for EC2 instances allow applications running on the instance to access AWS resources without having to create and store any access keys. Any solution involving the creation of an access key then introduces the complexity of managing that secret

Reference16: IAM Roles for EC2

Get mobile friendly version of the quiz @ the App Store

Question 17: While signing in REST/ Query requests, for additional security, you should transmit your requests using Secure Sockets Layer (SSL) by using ____.”,

A) HTTP
B) Internet Protocol Security(IPsec)
C) TLS (Transport Layer Security)
D) HTTPS
 

ANSWER17:

D

Notes/Hint17: 

REST/ Query requests should use HTTPS

Reference17: Rest API

Get mobile friendly version of the quiz @ the App Store

Question 18: You are using AWS Envelope Encryption for encrypting all sensitive data. Which of the followings is True with regards to Envelope Encryption?

A) Data is encrypted be encrypting Data key which is further encrypted using encrypted Master Key.
B) Data is encrypted by plaintext Data key which is further encrypted using encrypted Master Key.
C) Data is encrypted by encrypted Data key which is further encrypted using plaintext Master Key.
D) Data is encrypted by plaintext Data key which is further encrypted using plaintext Master Key.”,
 

ANSWER18:

D

Notes/Hint18:

With Envelope Encryption, unencrypted data is encrypted using plaintext Data key. This Data is further encrypted using plaintext Master key. This plaintext Master key is securely stored in AWS KMS & known as Customer Master Keys.

Reference18: KMS

Get mobile friendly version of the quiz @ the App Store

Question 19: Your company has developed a web application and is hosting it in an Amazon S3 bucket configured for static website hosting. The users can log in to this app using their Google/Facebook login accounts. The application is using the AWS SDK for JavaScript in the browser to access data stored in an Amazon DynamoDB table. How can you ensure that API keys for access to your data in DynamoDB are kept secure?

A) Create an Amazon S3 role in IAM with access to the specific DynamoDB tables, and assign it to the bucket hosting your website
B) Configure S3 bucket tags with your AWS access keys for your bucket hosting your website so that the application can query them for access.
C) Configure a web identity federation role within IAM to enable access to the correct DynamoDB resources and retrieve temporary credentials
D) Store AWS keys in global variables within your application and configure the application to use these credentials when making requests.
 

ANSWER2:

C

Notes/Hint19: 

With web identity federation, you don’t need to create custom sign-in code or manage your own user identities. Instead, users of your app can sign in using a well-known identity provider (IdP) —such as Login with Amazon, Facebook, Google, or any other OpenID Connect (OIDC)-compatible IdP, receive an authentication token, and then exchange that token for temporary security credentials in AWS that map to an IAM role with permissions to use the resources in your AWS account. Using an IdP helps you keep your AWS account secure, because you don’t have to embed and distribute long-term security credentials with your application. Option A is invalid since Roles cannot be assigned to S3 buckets Options B and D are invalid since the AWS Access keys should not be used

Reference19: About Web Identity Federation

Get mobile friendly version of the quiz @ the App Store

Question 20: Your application currently makes use of AWS Cognito for managing user identities. You want to analyze the information that is stored in AWS Cognito for your application. Which of the following features of AWS Cognito should you use for this purpose?

A) Cognito Data
B) Cognito Events
C) Cognito Streams
D) Cognito Callbacks
 

ANSWER20:

C

Notes/Hint20: 

Amazon Cognito Streams gives developers control and insight into their data stored in Amazon Cognito. Developers can now configure a Kinesis stream to receive events as data is updated and synchronized. Amazon Cognito can push each dataset change to a Kinesis stream you own in real time. All other options are invalid since you should use Cognito Streams

Reference20: Cognito Streams

Question 21: Which of the following statements is correct in relation to kMS / (Choose 2)
A) KMS Encryption keys are regional
B) You cannot export your customer master key
C) You can export your customer master key.
D) KMS encryption Keys are global”,
 

ANSWER21:

A and B

Notes/Hint21:

AWS Key Management Service FAQs: You cannot export your customer master key, KMS Encryption keys are regional

Reference21: AWS Key Management Service FAQs

Question 22: Which of the following statements are correct? (Choose 2)

A) The Customer Master Key is used to encrypt and decrypt the Envelope Key or Data Key
B) The Envelope Key or Data Key is used to encrypt and decrypt plain text files.
C) The envelope Key or Data Key is used to encrypt and decrypt the Customer Master Key.
D) The Customer MasterKey is used to encrypt and decrypt plain text files.
 

ANSWER22:

A and B

Notes/Hint22:

AWS Key Management Service Concepts: The Customer Master Key is used to encrypt and decrypt the Envelope Key or Data Key, The Envelope Key or Data Key is used to encrypt and decrypt plain text files.

Reference22: KMS

Question 23: Which of the following is an encrypted key used by KMS to encrypt your data
A) Customer Managed Key
 B) Encryption Key
C) Envelope Key
D) Customer Master Key
 

ANSWER23:

C

Notes/Hint23:

Your Data key also known as the Enveloppe key is encrypted using the master key. This approach is known as Envelope encryption. Envelope encryption is the practice of encrypting plaintext data with a data key, and then encrypting the data key under another key

Reference23: Envelope encryption

Question 24: Which command can you use to encrypt a plain text file using CMK?

A) aws kms-encrypt
B) aws iam encrypt
C) aws kms encrypt
D) aws encrypt
 

ANSWER24:

C

Notes/Hint24:

aws kms encrypt –key-id 1234abcd-12ab-34cd-56ef-1234567890ab —plaintext fileb://ExamplePlaintextFile –output text –query CiphertextBlob > C:\\Temp\\ExampleEncryptedFile.base64

Reference24: AWS CLI Encrypt

Question 25: If an EC2 instance uses an instance role, key rotation is automatic and handled by __.

A) A script containing a valid IAM username and password stored on the EC2 instance.
B) ssh-keygen on the EC2 instance
C) The EC2 service
D) IAM/STS
 

ANSWER25:

D

Notes/Hint25:

Instance role key rotation is handled by IAM/STS.

Reference25: IAM/STS

Get mobile friendly version of the quiz @ the App Store

Back to Top

II- SOURCES:

0- Djamga Cloud Security Playlist on Youtube:

1- Developer Certified Exam Prep Pro App

2- Prepare for Your AWS Certification Exam

Back to Top

CYBERSECURITY KEY TERMS

1- Security Key Terms:

    • Cryptography:  Practice and study of techniques for secure communication in the presence of third parties called adversaries.
    • Hacking: catch-all term for any type of misuse of a computer to break the security of another computing system to steal data, corrupt systems or files, commandeer the environment or disrupt data-related activities in any way.
    • Cyberwarfare: Uuse of technology to attack a nation, causing comparable harm to actual warfare. There is significant debate among experts regarding the definition of cyberwarfare, and even if such a thing exists
    • Penetration testing: Colloquially known as a pen test, pentest or ethical hacking, is an authorized simulated cyberattack on a computer system, performed to evaluate the security of the system. Not to be confused with a vulnerability assessment.
      • Malwares: Any software intentionally designed to cause damage to a computer, server, client, or computer network. A wide variety of malware types exist, including computer viruses, worms, Trojan horses, ransomware, spyware, adware, rogue software, and scareware. 
    • Malware Analysis Tool: Any .Run Malware hunting with live access to the heart of an incident https://any.run/Malware Analysis Total:  VirusTotal – Analyze suspicious files and URLs to detect types of malware, automatically share them with the security community https://www.virustotal.com/gui/
    • VPN: A virtual private network (VPN) extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Applications running across a VPN may therefore benefit from the functionality, security, and management of the private network. Encryption is a common, although not an inherent, part of a VPN connection.
    • Antivirus: Antivirus software, or anti-virus software (abbreviated to AV software), also known as anti-malware, is a computer program used to prevent, detect, and remove malware.
    • DDos: A distributed denial-of-service (DDoS) attack is one of the most powerful weapons on the internet. When you hear about a website being “brought down by hackers,” it generally means it has become a victim of a DDoS attack.
    • Fraud Detection: Set of activities undertaken to prevent money or property from being obtained through false pretenses. Fraud detection is applied to many industries such as banking or insurance. In banking, fraud may include forging checks or using stolen credit cards.
    • Spywares: Spyware describes software with malicious behavior that aims to gather information about a person or organization and send such information to another entity in a way that harms the user; for example by violating their privacy or endangering their device’s security.
    • Spoofing: Disguising a communication from an unknown source as being from a known, trusted source
    • Pharming: Malicious websites that look legitimate and are used to gather usernames and passwords.
    • Catfishing: Creating a fake profile for fraudulent or deceptive purposes
    • SSL: Stands for secure sockets layer. Protocol for web browsers and servers that allows for the authentication, encryption and decryption of data sent over the Internet.
    • Phishing emails: Disguised as trustworthy entity to lure someone into providing sensitive information
    • Intrusion detection System: Device or software application that monitors a network or systems for malicious activity or policy violations. Any intrusion activity or violation is typically reported either to an administrator or collected centrally using a security information and event management system.
    • Encryption: Encryption is the method by which information is converted into secret code that hides the information’s true meaning. The science of encrypting and decrypting information is called cryptography. In computing, unencrypted data is also known as plaintext, and encrypted data is called ciphertext.
    • MFA: Multi-factor authentication (MFA) is defined as a security mechanism that requires an individual to provide two or more credentials in order to authenticate their identity. In IT, these credentials take the form of passwords, hardware tokens, numerical codes, biometrics, time, and location.
    • Vulnerabilities:vulnerability is a hole or a weakness in the application, which can be a design flaw or an implementation bug, that allows an attacker to cause harm to the stakeholders of an application. Stakeholders include the application owner, application users, and other entities that rely on the application.
    • SQL injections: SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution.
    • Cyber attacks: In computers and computer networks an attack is any attempt to expose, alter, disable, destroy, steal or gain unauthorized access to or make unauthorized use of an asset.
    • Confidentiality: Confidentiality involves a set of rules or a promise usually executed through confidentiality agreements that limits access or places restrictions on certain types of information.
    • Secure channel: In cryptography, a secure channel is a way of transferring data that is resistant to overhearing and tampering. A confidential channel is a way of transferring data that is resistant to overhearing, but not necessarily resistant to tampering.
    • Tunneling: Communications protocol that allows for the movement of data from one network to another. It involves allowing private network communications to be sent across a public network through a process called encapsulation.
    • SSH: Secure Shell is a cryptographic network protocol for operating network services securely over an unsecured network. Typical applications include remote command-line, login, and remote command execution, but any network service can be secured with SSH.
    • SSL Certificates: SSL certificates are what enable websites to move from HTTP to HTTPS, which is more secure. An SSL certificate is a data file hosted in a website’s origin server. SSL certificates make SSL/TLS encryption possible, and they contain the website’s public key and the website’s identity, along with related information.
    • Phishing: Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.
    • Cybercrime: Cybercrime, or computer-oriented crime, is a crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target. Cybercrime may threaten a person, company or a nation’s security and financial health.
    • Backdoor: A backdoor is a means to access a computer system or encrypted data that bypasses the system’s customary security mechanisms. A developer may create a backdoor so that an application or operating system can be accessed for troubleshooting or other purposes.
    • Salt and Hash: A cryptographic salt is made up of random bits added to each password instance before its hashing. Salts create unique passwords even in the instance of two users choosing the same passwords. Salts help us mitigate rainbow table attacks by forcing attackers to re-compute them using the salts.
    • Password: A password, sometimes called a passcode,[1] is a memorized secret, typically a string of characters, usually used to confirm the identity of a user.[2] Using the terminology of the NIST Digital Identity Guidelines,[3] the secret is memorized by a party called the claimant while the party verifying the identity of the claimant is called the verifier. When the claimant successfully demonstrates knowledge of the password to the verifier through an established authentication protocol,[4] the verifier is able to infer the claimant’s identity.
    • Fingerprint: fingerprint is an impression left by the friction ridges of a human finger. The recovery of partial fingerprints from a crime scene is an important method of forensic science. Moisture and grease on a finger result in fingerprints on surfaces such as glass or metal.
    • Facial recognition: Facial recognition works better for a person as compared to fingerprint detection. It releases the person from the hassle of moving their thumb or index finger to a particular place on their mobile phone. A user would just have to bring their phone in level with their eye.
    • Asymmetric key ciphers versus symmetric key ciphers (Difference between symmetric and  Asymmetric encryption): The basic difference between these two types of encryption is that symmetric encryption uses one key for both encryption and decryption, and the asymmetric encryption uses public key for encryption and a private key for decryption.
    • Decryption: The conversion of encrypted data into its original form is called Decryption. It is generally a reverse process of encryption. It decodes the encrypted information so that an authorized user can only decrypt the data because decryption requires a secret key or password.
    • Algorithms: Finite sequence of well-defined, computer-implementable instructions, typically to solve a class of problems or to perform a computation.
    • DFIR: Digital forensic and incident response: Multidisciplinary profession that focuses on identifying, investigating, and remediating computer network exploitation. This can take varied forms and involves a wide variety of skills, kinds of attackers, an kinds of targets. We’ll discuss those more below.
      • OTP: One Time Password: A one-time password, also known as one-time PIN or dynamic password, is a password that is valid for only one login session or transaction, on a computer system or other digital device
    • Proxy Server and Reverse Proxy Server:A proxy server is a go‑between or intermediary server that forwards requests for content from multiple clients to different servers across the Internet. A reverse proxy server is a type of proxy server that typically sits behind the firewall in a private network and directs client requests to the appropriate backend server.

LATEST CYBER SECURITY NEWS

Cybersecurity Certification

cybersecurity certification roadmap
cybersecurity certification roadmap

WireShark Cheat Sheet

Wireshark Cheat Sheet
Wireshark Cheat Sheet

HACKING TOOLS CHEAT SHEET

hacking Cheat Sheet
hacking Cheat Sheet

Top CyberSecurity All Time Posts

Show All Around Defender Primers

Show Offensive * Exploit Database

Offensive * Exploit Database – The Exploit Database is maintained by Offensive Security, an information security training company that provides various Information Security Certifications as well as high end penetration testing services. https://www.exploit-db.com/

CYBERSECURITY NEWS

  • Krebs On Security In depth security news and investigation https://krebsonsecurity.com/
  • Dark Reading Cyber security’s comprehensive news site is now an online community for security professionals. https://www.darkreading.com/
  • The Hacker News – The Hacker News (THN) is a leading, trusted, widely-acknowledged dedicated cybersecurity news platform, attracting over 8 million monthly readers including IT professionals, researchers, hackers, technologists, and enthusiasts. https://thehackernews.com
  • SecuriTeam – A free and independent source of vulnerability information. https://securiteam.com/
  • SANS NewsBites – “A semiweekly high-level executive summary of the most important news articles that have been published on computer security during the last week. Each news item is very briefly summarized and includes a reference on the web for detailed information, if possible.” Published for free on Tuesdays and Fridays. https://www.sans.org/newsletters/newsbites

CYBERSECURITY YOUTUBE CHANNELS

YouTube Channels

This list was originally forked/curated from here: https://wportal.xyz/collection/cybersec-yt1 on (7/29/2020) Attribution and appreciation to d4rckh

CYBERSECURITY PODCASTS:

Podcasts

  • Risky Business Published weekly, the Risky Business podcast features news and in-depth commentary from security industry luminaries. Hosted by award-winning journalist Patrick Gray, Risky Business has become a must-listen digest for information security professionals. https://risky.biz/
  • Pauls Security Weekly This show features interviews with folks in the security community; technical segments, which are just that, very technical; and security news, which is an open discussion forum for the hosts to express their opinions about the latest security headlines, breaches, new exploits and vulnerabilities, “not” politics, “cyber” policies and more. https://securityweekly.com/category-shows/paul-security-weekly/
  • Security Now – Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of Spinrite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. https://twit.tv/shows/security-now
  • Daily Information Security Podcast (“StormCast”) Stormcasts are daily 5-10 minute information security threat updates. The podcast is produced each work day, and typically released late in the day to be ready for your morning commute. https://isc.sans.edu/podcast.html
  • ShadowTalk Threat Intelligence Podcast by Digital Shadow_. The weekly podcast highlights key findings of primary-source research our Intelligence Team is conducting, along with guest speakers discussing the latest threat actors, campaigns, security events and industry news. https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk
  • Don’t Panic – The Unit 42 Podcast Don’t Panic! is the official podcast from Unit 42 at Palo Alto Networks. We find the big issues that are frustrating cyber security practitioners and help simplify them so they don’t need to panic. https://unit42.libsyn.com/
  • Recorded Future Recorded Future takes you inside the world of cyber threat intelligence. We’re sharing stories from the trenches and the operations floor as well as giving you the skinny on established and emerging adversaries. We also talk current events, technical tradecraft, and offer up insights on the big picture issues in our industry. https://www.recordedfuture.com/resources/podcast/
  • The Cybrary Podcast Listen in to the Cybrary Podcast where we discuss a range topics from DevSecOps and Ransomware attacks to diversity and how to retain of talent. Entrepreneurs at all stages of their startup companies join us to share their stories and experience, including how to get funding, hiring the best talent, driving sales, and choosing where to base your business. https://www.cybrary.it/info/cybrary-podcast/
  • Cyber Life The Cyber Life podcast is for cyber security (InfoSec) professionals, people trying to break into the industry, or business owners looking to learn how to secure their data. We will talk about many things, like how to get jobs, cover breakdowns of hot topics, and have special guest interviews with the men and women “in the trenches” of the industry. https://redcircle.com/shows/cyber-life
  • Career Notes Cybersecurity professionals share their personal career journeys and offer tips and advice in this brief, weekly podcast from The CyberWire. https://www.thecyberwire.com/podcasts/career-notes

Below podcasts Added from here: https://infosec-conferences.com/cybersecurity-podcasts/

  • Down the Security Rabbithole http://podcast.wh1t3rabbit.net/ Down the Security Rabbithole is hosted by Rafal Los and James Jardine who discuss, by means of interviewing or news analysis, everything about Cybersecurity which includes Cybercrime, Cyber Law, Cyber Risk, Enterprise Risk & Security and many more. If you want to hear issues that are relevant to your organization, subscribe and tune-in to this podcast.
  • The Privacy, Security, & OSINT Show https://podcasts.apple.com/us/podcast/the-privacy-security-osint-show/id1165843330 The Privacy, Security, & OSINT Show, hosted by Michael Bazzell, is your weekly dose of digital security, privacy, and Open Source Intelligence (OSINT) opinion and news. This podcast will help listeners learn some ideas on how to stay secure from cyber-attacks and help them become “digitally invisible”.
  • Defensive Security Podcast https://defensivesecurity.org/ Hosted by Andrew Kalat (@lerg) and Jerry Bell (@maliciouslink), the Defensive Security Podcasts aims to look/discuss the latest security news happening around the world and pick out the lessons that can be applied to keeping organizations secured. As of today, they have more than 200 episodes and some of the topics discussed include Forensics, Penetration Testing, Incident Response, Malware Analysis, Vulnerabilities and many more.
  • Darknet Diaries https://darknetdiaries.com/episode/ Darknet Diaries Podcast is hosted and produced by Jack Rhysider that discuss topics related to information security. It also features some true stories from hackers who attacked or have been attacked. If you’re a fan of the show, you might consider buying some of their souvenirs here (https://shop.darknetdiaries.com/).
  • Brakeing Down Security https://www.brakeingsecurity.com/ Brakeing Down Security started in 2014 and is hosted by Bryan Brake, Brian Boettcher, and Amanda Berlin. This podcast discusses everything about the Cybersecurity world, Compliance, Privacy, and Regulatory issues that arise in today’s organizations. The hosts will teach concepts that Information Security Professionals need to know and discuss topics that will refresh the memories of seasoned veterans.
  • Open Source Security Podcast https://www.opensourcesecuritypodcast.com/ Open Source Security Podcast is a podcast that discusses security with an open-source slant. The show started in 2016 and is hosted by Josh Bressers and Kurt Siefried. As of this writing, they now posted around 190+ podcasts
  • Cyber Motherboard https://podcasts.apple.com/us/podcast/cyber/id1441708044 Ben Makuch is the host of the podcast CYBER and weekly talks to Motherboard reporters Lorenzo Franceschi-Bicchierai and Joseph Cox. They tackle topics about famous hackers and researchers about the biggest news in cybersecurity. The Cyber- stuff gets complicated really fast, but Motherboard spends its time fixed in the infosec world so we don’t have to.
  • Hak5 https://shop.hak5.org/pages/videos Hak5 is a brand that is created by a group of security professionals, hardcore gamers and “IT ninjas”. Their podcast, which is mostly uploaded on YouTube discusses everything from open-source software to penetration testing and network infrastructure. Their channel currently has 590,000 subscribers and is one of the most viewed shows when you want to learn something about security networks.
  • Threatpost Podcast Series https://threatpost.com/category/podcasts/ Threatpost is an independent news site which is a leading source of information about IT and business security for hundreds of thousands of professionals worldwide. With an award-winning editorial team produces unique and high-impact content including security news, videos, feature reports and more, with their global editorial activities are driven by industry-leading journalist Tom Spring, editor-in-chief.
  • CISO-Security Vendor Relationship Podcast https://cisoseries.com Co-hosted by the creator of the CISO/Security Vendor Relationship Series, David Spark, and Mike Johnson, in 30 minutes, this weekly program challenges the co-hosts, guests, and listeners to critique, share true stories. This podcast, The CISO/Security Vendor Relationship, targets to enlighten and educate listeners on improving security buyer and seller relationships.
  • Getting Into Infosec Podcast Stories of how Infosec and Cybersecurity pros got jobs in the field so you can be inspired, motivated, and educated on your journey. – https://gettingintoinfosec.com/
  • Unsupervised Learning Weekly podcasts and biweekly newsletters as a curated summary intersection of security, technology, and humans, or a standalone idea to provoke thought, by Daniel Miessler. https://danielmiessler.com/podcast/

SECURITY BOOKS:

CYBERSECURITY TRAINING:

Training

  • WebSecurity Academy Free online web security training from the creators of Burp Suite https://portswigger.net/web-security
  • Mosse Cyber Security Institute Introduction to cybersecurity free certification with 100+ hours of training, no expiry/renewals, https://www.mosse-institute.com/certifications/mics-introduction-to-cyber-security.html
  • BugCrowd University Free bug hunting resources and methodologies in form of webinars, education and training. https://www.bugcrowd.com/hackers/bugcrowd-university/
  • Certified Network Security Specialist Certification and training; Expires Aug 31 2020 Use coupon code #StaySafeHome during checkout to claim your free access. Offer is valid till 31/08/2020. £500.00 Value https://www.icsi.co.uk/courses/icsi-cnss-certified-network-security-specialist-covid-19
  • Metasploit Unleashed Most complete and in-depth Metasploit guide available, with contributions from the authors of the No Starch Press Metasploit Book. https://www.offensive-security.com/metasploit-unleashed/
  • AWS Cloud Certified Get skills in AWS to be more marketable. Training is quality and free. https://www.youtube.com/watch?v=3hLmDS179YE Have to create an AWS account, Exam is $100.
  • SANS Faculty Free Tools List of OSS developed by SANS staff. https://www.sans.org/media/free/free-faculty-tools.pdf?msc=sans-free-lp
  • “Using ATT&CK for Cyber Threat Intelligence Training” – 4 hour training The goal of this training is for students to understand the following: at: https://attack.mitre.org/resources/training/cti/
  • Coursera -“Coursera Together: Free online learning during COVID-19” Lots of different types of free training. https://blog.coursera.org/coursera-together-free-online-learning-during-covid-19/
  • Fortinet Security Appliance Training Free access to the FortiGate Essentials Training Course and Network Security Expert courses 1 and 2 https://www.fortinet.com/training/cybersecurity-professionals.html
  • Chief Information Security Officer (CISO) Workshop Training – The Chief Information Security Office (CISO) workshop contains a collection of security learnings, principles, and recommendations for modernizing security in your organization. This training workshop is a combination of experiences from Microsoft security teams and learnings from customers. – https://docs.microsoft.com/en-us/security/ciso-workshop/ciso-workshop
  • CLARK Center Plan C – Free cybersecurity curriculum that is primarily video-based or provide online assignments that can be easily integrated into a virtual learning environments https://clark.center/home
  • Hack.me is a FREE, community based project powered by eLearnSecurity. The community can build, host and share vulnerable web application code for educational and research purposes. It aims to be the largest collection of “runnable” vulnerable web applications, code samples and CMS’s online. The platform is available without any restriction to any party interested in Web Application Security. https://hack.me/
  • Hacker101 – Free classes for web security – https://www.hacker101.com/
  • ElasticStack – Free on-demand Elastic Stack, observability, and security courses. https://training.elastic.co/learn-from-home
  • Hoppers Roppers – Community built around a series of free courses that provide training to beginners in the security field. https://www.hoppersroppers.org/training.html
  • IBM Security Learning Academy Free technical training for IBM Security products. https://www.securitylearningacademy.com/
  • M.E. Kabay Free industry courses and course materials for students, teachers and others are welcome to use for free courses and lectures. http://www.mekabay.com/courses/index.htm
  • Open P-TECH Free digital learning on the tech skills of tomorrow. https://www.ptech.org/open-p-tech/
  • Udemy – Online learning course platform “collection from the free courses in our learning marketplace” https://www.udemy.com/courses/free/
  • Enroll Now Free: PCAP Programming Essentials in Python https://www.netacad.com/courses/programming/pcap-programming-essentials-python Python is the very versatile, object-oriented programming language used by startups and tech giants, Google, Facebook, Dropbox and IBM. Python is also recommended for aspiring young developers who are interested in pursuing careers in Security, Networking and Internet-of-Things. Once you complete this course, you are ready to take the PCAP – Certified Associate in Python programming. No prior knowledge of programming is required.
  • Packt Web Development Course Web Development Get to grips with the fundamentals of the modern web Unlock one year of free online access. https://courses.packtpub.com/pages/free?fbclid=IwAR1FtKQcYK8ycCmBMXaBGvW_7SgPVDMKMaRVwXYcSbiwvMfp75gazxRZlzY
  • Stanford University Webinar – Hacked! Security Lessons from Big Name Breaches 50 minute cyber lecture from Stanford.You Will Learn: — The root cause of key breaches and how to prevent them; How to measure your organization’s external security posture; How the attacker lifecycle should influence the way you allocate resources https://www.youtube.com/watch?v=V9agUAz0DwI
  • Stanford University Webinar – Hash, Hack, Code: Emerging Trends in Cyber Security Join Professor Dan Boneh as he shares new approaches to these emerging trends and dives deeper into how you can protect networks and prevent harmful viruses and threats. 50 minute cyber lecture from Stanford. https://www.youtube.com/watch?v=544rhbcDtc8
  • Kill Chain: The Cyber War on America’s Elections (Documentary) (Referenced at GRIMMCON), In advance of the 2020 Presidential Election, Kill Chain: The Cyber War on America’s Elections takes a deep dive into the weaknesses of today’s election technology, an issue that is little understood by the public or even lawmakers. https://www.hbo.com/documentaries/kill-chain-the-cyber-war-on-americas-elections
  • Intro to Cybersecurity Course (15 hours) Learn how to protect your personal data and privacy online and in social media, and why more and more IT jobs require cybersecurity awareness and understanding. Receive a certificate of completion. https://www.netacad.com/portal/web/self-enroll/c/course-1003729
  • Cybersecurity Essentials (30 hours) Foundational knowledge and essential skills for all cybersecurity domains, including info security, systems sec, network sec, ethics and laws, and defense and mitigation techniques used in protecting businesses. https://www.netacad.com/portal/web/self-enroll/c/course-1003733
  • Pluralsight and Microsoft Partnership to help you become an expert in Azure. With skill assessments and over 200+ courses, 40+ Skill IQs and 8 Role IQs, you can focus your time on understanding your strengths and skill gaps and learn Azure as quickly as possible.https://www.pluralsight.com/partners/microsoft/azure
  • Blackhat Webcast Series Monthly webcast of varying cyber topics. I will post specific ones in the training section below sometimes, but this is worth bookmarking and checking back. They always have top tier speakers on relevant, current topics. https://www.blackhat.com/html/webcast/webcast-home.html
  • Federal Virtual Training Environment – US Govt sponsored free courses. There are 6 available, no login required. They are 101 Coding for the Public, 101 Critical Infrastructure Protection for the Public, Cryptocurrency for Law Enforcement for the Public, Cyber Supply Chain Risk Management for the Public, 101 Reverse Engineering for the Public, Fundamentals of Cyber Risk Management. https://fedvte.usalearning.gov/public_fedvte.php
  • Harrisburg University CyberSecurity Collection of 18 curated talks. Scroll down to CYBER SECURITY section. You will see there are 4 categories Resource Sharing, Tools & Techniques, Red Team (Offensive Security) and Blue Teaming (Defensive Security). Lot of content in here; something for everyone. https://professionaled.harrisburgu.edu/online-content/
  • OnRamp 101-Level ICS Security Workshop Starts this 4/28. 10 videos, Q&A / discussion, bonus audio, great links. Get up to speed fast on ICS security. It runs for 5 weeks. 2 videos per week. Then we keep it open for another 3 weeks for 8 in total. https://onramp-3.s4xevents.com
  • HackXOR WebApp CTF Hackxor is a realistic web application hacking game, designed to help players of all abilities develop their skills. All the missions are based on real vulnerabilities I’ve personally found while doing pentests, bug bounty hunting, and research. https://hackxor.net/
  • Suricata Training 5-part training module using a simulation as a backdrop to teach how to use Suricata. https://rangeforce.com/resource/suricata-challenge-reg/
  • flAWS System Through a series of levels you’ll learn about common mistakes and gotchas when using Amazon Web Services (AWS). Multiple levels, “Buckets” of fun. http://flaws.cloud/
  • Stanford CS 253 Web Security A free course from Stanford providing a comprehensive overview of web security. The course begins with an introduction to the fundamentals of web security and proceeds to discuss the most common methods for web attacks and their countermeasures. The course includes video lectures, slides, and links to online reading assignments. https://web.stanford.edu/class/cs253
  • Linux Journey A free, handy guide for learning Linux. Coverage begins with the fundamentals of command line navigation and basic text manipulation. It then extends to more advanced topics, such as file systems and networking. The site is well organized and includes many examples along with code snippets. Exercises and quizzes are provided as well. https://linuxjourney.com
  • Ryan’s Tutorials A collection of free, introductory tutorials on several technology topics including: Linux command line, Bash scripting, creating and styling webpages with HTML and CSS, counting and converting between different number systems, and writing regular expressions. https://ryanstutorials.net
  • The Ultimate List of SANS Cheat Sheets Massive collection of free cybersecurity cheat sheets for quick reference (login with free SANS account required for some penetration testing resources). https://www.sans.org/blog/the-ultimate-list-of-sans-cheat-sheets/
  • CYBER INTELLIGENCE ANALYTICS AND OPERATIONS Learn:The ins and outs of all stages of the intelligence cycle from collection to analysis from seasoned intel professionals. How to employ threat intelligence to conduct comprehensive defense strategies to mitigate potential compromise. How to use TI to respond to and minimize impact of cyber incidents. How to generate comprehensive and actionable reports to communicate gaps in defenses and intelligence findings to decision makers. https://www.shadowscape.io/cyber-intelligence-analytics-operat
  • Linux Command Line for Beginners 25 hours of training – In this course, you’ll learn from one of Fullstack’s top instructors, Corey Greenwald, as he guides you through learning the basics of the command line through short, digestible video lectures. Then you’ll use Fullstack’s CyberLab platform to hone your new technical skills while working through a Capture the Flag game, a special kind of cybersecurity game designed to challenge participants to solve computer security problems by solving puzzles. Finally, through a list of carefully curated resources through a series of curated resources, we’ll introduce you to some important cybersecurity topics so that you can understand some of the common language, concepts and tools used in the industry. https://prep.fullstackacademy.com/
  • Hacking 101 6 hours of free training – First, you’ll take a tour of the world and watch videos of hackers in action across various platforms (including computers, smartphones, and the power grid). You may be shocked to learn what techniques the good guys are using to fight the bad guys (and which side is winning). Then you’ll learn what it’s like to work in this world, as we show you the different career paths open to you and the (significant) income you could make as a cybersecurity professional. https://cyber.fullstackacademy.com/prepare/hacking-101
  • Choose Your Own Cyber Adventure Series: Entry Level Cyber Jobs Explained YouTube Playlist (videos from my channel #simplyCyber) This playlist is a collection of various roles within the information security field, mostly entry level, so folks can understand what different opportunities are out there. https://www.youtube.com/playlist?list=PL4Q-ttyNIRAqog96mt8C8lKWzTjW6f38F
  • NETINSTRUCT.COM Free Cybersecurity, IT and Leadership Courses – Includes OS and networking basics. Critical to any Cyber job. https://netinstruct.com/courses
  • HackerSploit – HackerSploit is the leading provider of free and open-source Infosec and cybersecurity training. https://hackersploit.org/
  • Resources for getting started (Free and Paid)Practice
    • DetectionLab (Free)
    • LetsDefend.io (Free/Paid)
    • DetectionLabELK (Free)

    Log Analysis

    Network Monitoring

    Linux Distributions

    Memory Analysis Tools

    Professional Training

    • FOR578: Cyber Threat Intelligence (Paid)
    • SEC511: Continuous Monitoring & Security Operations (Paid)
    • SEC445: SIEM Design & Implementation (Paid)
    • AEGIS Certification (Paid)

    Conferences

CYBERSECURITY COURSES: (Multi-week w/Enrollment)

College Courses

  • Computer Science courses with video lectures Intent of this list is to act as Online bookmarks/lookup table for freely available online video courses. Focus would be to keep the list concise so that it is easy to browse. It would be easier to skim through 15 page list, find the course and start learning than having to read 60 pages of text. If you are student or from non-CS background, please try few courses to decide for yourself as to which course suits your learning curve best. https://github.com/Developer-Y/cs-video-courses?utm_campaign=meetedgar&utm_medium=social&utm_source=meetedgar.com
  • Cryptography I -offered by Stanford University – Rolling enrollment – Cryptography is an indispensable tool for protecting information in computer systems. In this course you will learn the inner workings of cryptographic systems and how to correctly use them in real-world applications. The course begins with a detailed discussion of how two parties who have a shared secret key can communicate securely when a powerful adversary eavesdrops and tampers with traffic. We will examine many deployed protocols and analyze mistakes in existing systems. The second half of the course discusses public-key techniques that let two parties generate a shared secret key. https://www.coursera.org/learn/crypto
  • Software Security Rolling enrollment -offered by University of Maryland, College Park via Coursera – This course we will explore the foundations of software security. We will consider important software vulnerabilities and attacks that exploit them — such as buffer overflows, SQL injection, and session hijacking — and we will consider defenses that prevent or mitigate these attacks, including advanced testing and program analysis techniques. Importantly, we take a “build security in” mentality, considering techniques at each phase of the development cycle that can be used to strengthen the security of software systems. https://www.coursera.org/learn/software-security
  • Intro to Information Security Georgia Institute of Technology via Udacity – Rolling Enrollment. This course provides a one-semester overview of information security. It is designed to help students with prior computer and programming knowledge — both undergraduate and graduate — understand this important priority in society today. Offered at Georgia Tech as CS 6035 https://www.udacity.com/course/intro-to-information-security–ud459
  • Cyber-Physical Systems Security Georgia Institute of Technology via Udacity – This course provides an introduction to security issues relating to various cyber-physical systems including industrial control systems and those considered critical infrastructure systems. 16 week course – Offered at Georgia Tech as CS 8803 https://www.udacity.com/course/cyber-physical-systems-security–ud279
  • Finding Your Cybersecurity Career Path – University of Washington via edX – 4 weeks long – self paced – In this course, you will focus on the pathways to cybersecurity career success. You will determine your own incoming skills, talent, and deep interests to apply toward a meaningful and informed exploration of 32 Digital Pathways of Cybersecurity. https://www.edx.org/course/finding-your-cybersecurity-career-path
  • Building a Cybersecurity Toolkit – University of Washington via edX – 4 weeks self-paced The purpose of this course is to give learners insight into these type of characteristics and skills needed for cybersecurity jobs and to provide a realistic outlook on what they really need to add to their “toolkits” – a set of skills that is constantly evolving, not all technical, but fundamentally rooted in problem-solving. https://www.edx.org/course/building-a-cybersecurity-toolkit
  • Cybersecurity: The CISO’s View – University of Washington via edX – 4 weeks long self-paced – This course delves into the role that the CISO plays in cybersecurity operations. Throughout the lessons, learners will explore answers to the following questions: How does cybersecurity work across industries? What is the professionals’ point of view? How do we keep information secure https://www.edx.org/course/cybersecurity-the-cisos-view
  • Introduction to Cybersecurity – University of Washington via edX – In this course, you will gain an overview of the cybersecurity landscape as well as national (USA) and international perspectives on the field. We will cover the legal environment that impacts cybersecurity as well as predominant threat actors. – https://www.edx.org/course/introduction-to-cybersecurity
  • Cyber Attack Countermeasures New York University (NYU) via Coursera – This course introduces the basics of cyber defense starting with foundational models such as Bell-LaPadula and information flow frameworks. These underlying policy enforcements mechanisms help introduce basic functional protections, starting with authentication methods. Learners will be introduced to a series of different authentication solutions and protocols, including RSA SecureID and Kerberos, in the context of a canonical schema. – https://www.coursera.org/learn/cyber-attack-countermeasures
  • Introduction to Cyber Attacks New York University (NYU) via Coursera – This course provides learners with a baseline understanding of common cyber security threats, vulnerabilities, and risks. An overview of how basic cyber attacks are constructed and applied to real systems is also included. Examples include simple Unix kernel hacks, Internet worms, and Trojan horses in software utilities. Network attacks such as distributed denial of service (DDOS) and botnet- attacks are also described and illustrated using real examples from the past couple of decades. https://www.coursera.org/learn/intro-cyber-attacks
  • Enterprise and Infrastructure Security New York University (NYU) via Coursera – This course introduces a series of advanced and current topics in cyber security, many of which are especially relevant in modern enterprise and infrastructure settings. The basics of enterprise compliance frameworks are provided with introduction to NIST and PCI. Hybrid cloud architectures are shown to provide an opportunity to fix many of the security weaknesses in modern perimeter local area networks. https://www.coursera.org/learn/enterprise-infrastructure-security
  • Network Security Georgia Institute of Technology via Udacity – This course provides an introduction to computer and network security. Students successfully completing this class will be able to evaluate works in academic and commercial security, and will have rudimentary skills in security research. The course begins with a tutorial of the basic elements of cryptography, cryptanalysis, and systems security, and continues by covering a number of seminal papers and monographs in a wide range of security areas. – https://www.udacity.com/course/network-security–ud199
  • Real-Time Cyber Threat Detection and Mitigation – New York University (NYU) via Coursera This course introduces real-time cyber security techniques and methods in the context of the TCP/IP protocol suites. Explanation of some basic TCP/IP security hacks is used to introduce the need for network security solutions such as stateless and stateful firewalls. Learners will be introduced to the techniques used to design and configure firewall solutions such as packet filters and proxies to protect enterprise assets. https://www.coursera.org/learn/real-time-cyber-threat-detection

CYBERSECURITY JOBS:

 CYBERSECURITY Cheat sheets

SANS Massive List of Cheat Sheets Curated from here: https://www.sans.org/blog/the-ultimate-list-of-sans-cheat-sheets/

General IT Security * Windows and Linux Terminals & Command Lines https://assets.contentstack.io/v3/assets/blt36c2e63521272fdc/bltea7de5267932e94b/5eb08aafcf88d36e47cf0644/Cheatsheet_SEC301-401_R7.pdf

Digital Forensics and Incident Response

Penetration Testing * Swiss Army Knife collection of PenTesting Cheatsheets https://github.com/swisskyrepo/PayloadsAllTheThings

Cloud Security Cheat sheets

CYBERSECURITY Q&A

 

‎AWS Certified Developer A. PRO

Source: What is the best cheap Wi-Fi cracking/hacking adapter?

Hey everyone, I’ve started getting into hacking, and would like to know the cheapest but best Wi-Fi cracking/deauthing/hacking adapter. I’m on a fairly tight budget of 20AUD and am willing to compromise if needed. Priority is a card with monitor mode, then cracking capabilities, then deauthing, etc. Thank you guys! By the way, if there are any beginner tips you are willing to give, please let me know!

 

 

How SSL Certificates Work

  • A browser or server attempts to connect to a website (i.e. a web server) secured with SSL. The browser/server requests that the web server identify itself.
  • The web server sends the browser/server a copy of its SSL certificate.
  • The browser/server checks to see whether or not it trusts the SSL certificate. If so, it sends a message to the web server.
  • The web server sends back a digitally signed acknowledgement to start an SSL encrypted session.
  • Encrypted data is shared between the browser/server and the web server.

diagram of how ssl certificates work

There are many benefits to using SSL certificates. Namely, SSL customers can:

  • Utilize HTTPs, which elicits a stronger Google ranking
  • Create safer experiences for your customers
  • Build customer trust and improve conversions
  • Protect both customer and internal data
  • Encrypt browser-to-server and server-to-server communication
  • Increase security of your mobile and cloud apps

Penetration Testing Terms

Penetration Testing Terms to know:

  • Authentication — The process of checking if a user is allowed to gain access to a system. eg. Login forms with username and password.
  • Authorization — Checking if the authenticated user has access to perform an action. eg. user, admin, super admin roles.
  • Audit — Conduct a complete inspection of an organization’s network to find vulnerable endpoints or malicious software.
  • Access Control List — A list that contains users and their level of access to a system.
  • Aircrack-ng — Wifi penetration testing software suite. Contains sniffing, password cracking, and general wireless attacking tools.
  • Backdoor — A piece of code that lets hackers get into the system easily after it has been compromised.
  • Burp Suite — Web application security software, helps test web apps for vulnerabilities. Used in bug bounty hunting.
  • Banner Grabbing — Capturing basic information about a server like the type of web server software (eg. apache) and services running on it.
  • Botnet — A network of computers controlled by a hacker to perform attacks such as Distributed Denial of Service.
  • Brute-Force Attack — An attack where the hacker tries different login combinations to gain access. eg. trying to crack a 9 -digit numeric password by trying all the numbers from 000000000 to 999999999
  • Buffer Overflow — When a program tries to store more information than it is allowed to, it overflows into other buffers (memory partitions) corrupting existing data.
  • Cache — Storing the response to a particular operation in temporary high-speed storage is to serve other incoming requests better. eg. you can store a database request in a cache till it is updated to reduce calling the database again for the same query.
  • Cipher — Cryptographic algorithm for encrypting and decrypting data.
  • Code Injection — Injecting malicious code into a system by exploiting a bug or vulnerability.
  • Cross-Site Scripting — Executing a script on the client-side through a legitimate website. This can be prevented if the website sanitizes user input.
  • Compliance — A set of rules defined by the government or other authorities on how to protect your customer’s data. Common ones include HIPAA, PCI-DSS, and FISMA.
  • Dictionary Attack — Attacking a system with a pre-defined list of usernames and passwords. eg. admin/admin is a common username/password combination used by amateur sysadmins.
  • Dumpster Diving — Looking into a company’s trash cans for useful information.
  • Denial of Service & Distributed Denial of Service — Exhausting a server’s resources by sending too many requests is Denial of Service. If a botnet is used to do the same, its called Distributed Denial of Service.
  • DevSecOps — Combination of development and operations by considering security as a key ingredient from the initial system design.
  • Directory Traversal — Vulnerability that lets attackers list al the files and folders within a server. This can include system configuration and password files.
  • Domain Name System (DNS) — Helps convert domain names into server IP addresses. eg. Google.com -> 216.58.200.142
  • DNS Spoofing — Trikcnig a system’s DNS to point to a malicious server. eg. when you enter ‘facebook.com’, you might be redirected to the attacker’s website that looks like Facebook.
  • Encryption — Encoding a message with a key so that only the parties with the key can read the message.
  • Exploit — A piece of code that takes advantage of a vulnerability in the target system. eg. Buffer overflow exploits can get you to root access to a system.
  • Enumeration — Mapping out all the components of a network by gaining access to a single system.
  • Footprinting — Gathering information about a target using active methods such as scanning and enumeration.
  • Flooding — Sending too many packets of data to a target system to exhaust its resources and cause a Denial of Service or similar attacks.
  • Firewall — A software or hardware filter that can be configured to prevent common types of attacks.
  • Fork Bomb — Forking a process indefinitely to exhaust system resources. Related to a Denial of Service attack.
  • Fuzzing — Sending automated random input to a software program to test its exception handling capacity.
  • Hardening — Securing a system from attacks like closing unused ports. Usually done using scripts for servers.
  • Hash Function — Mapping a piece of data into a fixed value string. Hashes are used to confirm data integrity.
  • Honey Pot — An intentionally vulnerable system used to lure attackers. This is then used to understand the attacker’s strategies.
  • HIPAA — The Health Insurance Portability and Accountability Act. If you are working with healthcare data, you need to make sure you are HIPAA compliant. This is to protect the customer’s privacy.
  • Input Validation — Checking user inputs before sending them to the database. eg. sanitizing form input to prevent SQL injection attacks.
  • Integrity — Making sure the data that was sent from the server is the same that was received by the client. This ensures there was no tampering and integrity is achieved usually by hashing and encryption.
  • Intrusion Detection System — A software similar to a firewall but with advanced features. Helps in defending against Nmap scans, DDoS attacks, etc.
  • IP Spoofing — Changing the source IP address of a packet to fool the target into thinking a request is coming from a legitimate server.
  • John The Ripper — Brilliant password cracking tool, runs on all major platforms.
  • Kerberos — Default authorization software used by Microsoft, uses a stronger encryption system.
  • KeyLogger — A software program that captures all keystrokes that a user performs on the system.
  • Logic Bombs — A piece of code (usually malicious) that runs when a condition is satisfied.
  • Light Weight Directory Access Protocol (LDAP) — Lightweight client-server protocol on Windows, central place for authentication. Stores usernames and passwords to validate users on a network.
  • Malware — Short for “Malicious Software”. Everything from viruses to backdoors is malware.
  • MAC Address — Unique address assigned to a Network Interface Card and is used as an identifier for local area networks. Easy to spoof.
  • Multi-factor Authentication — Using more than one method of authentication to access a service. eg. username/password with mobile OTP to access a bank account (two-factor authentication)
  • MD5 — Widely used hashing algorithm. Once a favorite, it has many vulnerabilities.
  • Metasploit — All in one penetration testing framework that helps to successfully exploit vulnerabilities and gain access to target systems.
  • Meterpreter — An advanced Metasploit payload that lives in memory and hard to trace.
  • Null-Byte Injection — An older exploit, uses null bytes (i.e. %00, or 0x00 in hexadecimal) to URLs. This makes web servers return random/unwanted data which might be useful for the attacker. Easily prevented by doing sanity checks.
  • Network Interface Card(NIC) — Hardware that helps a device connect to a network.
  • Network Address Translation — Utility that translates your local IP address into a global IP address. eg. your local IP might be 192.168.1.4 but to access the internet, you need a global IP address (from your router).
  • Nmap — Popular network scanning tool that gives information about systems, open ports, services, and operating system versions.
  • Netcat — Simple but powerful tool that can view and record data on a TCP or UDP network connections. Since it is not actively maintained, NCat is preferred.
  • Nikto — A popular web application scanner, helps to find over 6700 vulnerabilities including server configurations and installed web server software.
  • Nessus — Commercial alternative to NMap, provides a detailed list of vulnerabilities based on scan results.
  • Packet — Data is sent and received by systems via packets. Contains information like source IP, destination IP, protocol, and other information.
  • Password Cracking — Cracking an encrypted password using tools like John the Ripper when you don’t have access to the key.
  • Password Sniffing — Performing man-in-the-middle attacks using tools like Wireshark to find password hashes.
  • Patch — A software update released by a vendor to fix a bug or vulnerability in a software system.
  • Phishing — Building fake web sites that look remarkably similar to legitimate websites (like Facebook) to capture sensitive information.
  • Ping Sweep — A technique that tries to ping a system to see if it is alive on the network.
  • Public Key Cryptography — Encryption mechanism that users a pair of keys, one private and one public. The sender will encrypt a message using your public key which then you can decrypt using your private key.
  • Public Key Infrastructure — A public key infrastructure (PKI) is a system to create, store, and distribute digital certificates. This helps sysadmins verify that a particular public key belongs to a certain authorized entity.
  • Personally Identifiable Information (PII) — Any information that identified a user. eg. Address, Phone number, etc.
  • Payload — A piece of code (usually malicious) that performs a specific function. eg. Keylogger.
  • PCI-DSS — Payment Card Industry Data Security Standard. If you are working with customer credit cards, you should be PCI-DSS compliant.
  • Ransomware — Malware that locks your system using encryption and asks you to pay a price to get the key to unlock it.
  • Rainbow Table — Pre calculated password hashes that will help you crack password hashes of the target easily.
  • Reconnaissance — Finding data about the target using methods such as google search, social media, and other publicly available information.
  • Reverse Engineering — Rebuilding a piece of software based on its functions.
  • Role-Based Access — Providing a set of authorizations for a role other than a user. eg. “Managers” role will have a set of permissions while the “developers” role will have a different set of permissions.
  • Rootkit — A rootkit is a malware that provides unauthorized users admin privileges. Rootkits include keyloggers, password sniffers, etc.
  • Scanning — Sending packets to a system and gaining information about the target system using the packets received. This involved the 3-way-handshake.
  • Secure Shell (SSH) — Protocol that establishes an encrypted communication channel between a client and a server. You can use ssh to login to remote servers and perform system administration.
  • Session — A session is a duration in which a communication channel is open between a client and a server. eg. the time between logging into a website and logging out is a session.
  • Session Hijacking — Taking over someone else’s session by pretending to the client. This is achieved by stealing cookies and session tokens. eg. after you authenticate with your bank, an attacker can steal your session to perform financial transactions on your behalf.
  • Social Engineering — The art of tricking people into making them do something that is not in their best interest. eg. convincing someone to provide their password over the phone.
  • Secure Hashing Algorithm (SHA) — Widely used family of encryption algorithms. SHA256 is considered highly secure compared to earlier versions like SHA 1. It is also a one-way algorithm, unlike an encryption algorithm that you can decrypt. Once you hash a message, you can only compare with another hash, you cannot re-hash it to its earlier format.
  • Sniffing — performing man-in-the-middle attacks on networks. Includes wired and wireless networks.
  • Spam — Unwanted digital communication, including email, social media messages, etc. Usually tries to get you into a malicious website.
  • Syslog — System logging protocol, used by system administrators to capture all activity on a server. Usually stored on a separate server to retain logs in the event of an attack.
  • Secure Sockets Layer (SSL) — Establishes an encrypted tunnel between the client and server. eg. when you submit passwords on Facebook, only the encrypted text will be visible for sniffers and not your original password.
  • Snort — Lightweight open-source Intrusion Detection System for Windows and Linux.
  • SQL Injection — A type of attack that can be performed on web applications using SQL databases. Happens when the site does not validate user input.
  • Trojan — A malware hidden within useful software. eg. a pirated version of MS office can contain trojans that will execute when you install and run the software.
  • Traceroute — Tool that maps the route a packet takes between the source and destination.
  • Tunnel — Creating a private encrypted channel between two or more computers. Only allowed devices on the network can communicate through this tunnel.
  • Virtual Private Network — A subnetwork created within a network, mainly to encrypt traffic. eg. connecting to a VPN to access a blocked third-party site.
  • Virus — A piece of code that is created to perform a specific action on the target systems. A virus has to be triggered to execute eg. autoplaying a USB drive.
  • Vulnerability — A point of attack that is caused by a bug / poor system design. eg. lack of input validation causes attackers to perform SQL injection attacks on a website.
  • War Driving — Travelling through a neighborhood looking for unprotected wifi networks to attack.
  • WHOIS — Helps to find information about IP addresses, its owners, DNS records, etc.
  • Wireshark — Open source program to analyze network traffic and filter requests and responses for network debugging.
  • Worm — A malware program capable of replicating itself and spreading to other connected systems. eg. a worm to built a botnet. Unlike Viruses, Worms don’t need a trigger.
  • Wireless Application Protocol (WAP) — Protocol that helps mobile devices connect to the internet.
  • Web Application Firewall (WAF) — Firewalls for web applications that help with cross-site scripting, Denial of Service, etc.
  • Zero-Day — A newly discovered vulnerability in a system for which there is no patch yet. Zero-day vulnerabilities are the most dangerous type of vulnerabilities since there is no possible way to protect against one.
  • Zombie — A compromised computer, controlled by an attacker. A group of zombies is called a Botnet.

CyberSecurity Post COVID-19

How does Covid19 affect cyber risk?

  1. Increased distributed working: With organizations embracing work from home, incremental risks have been observed due to a surge in Bring Your Own Device (BYOD), Virtual Private Network (VPN), Software As A Service (SaaS), O365 and Shadow IT, as it could be exploited by various Man-in-the-Middle (MITM) attack vectors.
  2. Reimagine Business Models: Envisioning new business opportunities, modes of working, and renewed investment priorities. With reduced workforce capability, compounded with skill shortages, staff who are focusing on business as usual tasks can be victimized, via social engineering.
  3. Digital Transformation and new digital infrastructure: With the change in nature for organizations across the industrial and supply chain sector – security is deprioritized. Hardening of the industrial systems and cloud based infrastructure is crucial as cyber threats exploit these challenges via vulnerability available for unpatched systems.
  4. With an extreme volume of digital communication, security awareness is lowered with increased susceptibility. Malicious actors are using phishing techniques to exploit such situations.

Re-evaluate your approach to cyber

    • Which cyber scenarios your organization appears to be preparing for or is prepared?
    •  Is there a security scenario that your organization is currently ignoring – but shouldn’t be?
    • What would your organization need to do differently in order to win, in each of the identified cyber scenarios?
  • What capabilities, cyber security partnerships, and workforce strategies do you need to strengthen?

The organizations should reflect the following scenarios at a minimum and consider:

    • Which cyber scenarios your organization appears to be preparing for or is prepared?
    •  Is there a security scenario that your organization is currently ignoring – but shouldn’t be?
    • What would your organization need to do differently in order to win, in each of the identified cyber scenarios?
    • What capabilities, cyber security partnerships, and workforce strategies do you need to strengthen?
  • To tackle the outcome from the above scenarios, the following measures are the key:

Inoculation through education: Educate and / or remind your employees about –

    • Your organization’s defense – remote work cyber security policies and best practices
    • Potential threats to your organization and how will it attack – with a specific focus on social engineering scams and identifying COVID-19 phishing campaigns
  • Assisting remote employees with enabling MFA across the organization assets

Adjust your defenses: Gather cyber threat intelligence and execute a patching sprint:

    • Set intelligence collection priorities
    • Share threat intelligence with other organizations
    • Use intelligence to move at the speed of the threat
  • Focus on known tactics, such as phishing and C-suite fraud.
  • Prioritize unpatched critical systems and common vulnerabilities.

Enterprise recovery: If the worst happens and an attack is successful, follow a staged approach to recovering critical business operations which may include tactical items such as:

    • Protect key systems through isolation
    • Fully understand and contain the incident
    • Eradicate any malware
    • Implement appropriate protection measures to improve overall system posture
    • Identify and prioritize the recovery of key business processes to deliver operations
  • Implement a prioritized recovery plan

Cyber Preparedness and Response: It is critical to optimize the detection capability thus, re-evaluation of the detection strategy aligned with the changing landscape is crucial. Some key trends include:

    • Secure and monitor your cloud environments and remote working applications
    • Increase monitoring to identify threats from shadow IT
  • Analyze behavior patterns to improve detection content

Finding the right cyber security partner: To be ready to respond identify the right partner with experience and skillset in Social Engineering, Cyber Response, Cloud Security, and Data Security.

Critical actions to address

At this point, as the organizations are setting the direction towards the social enterprise, it is an unprecedented opportunity to lead with cyber discussions and initiatives. Organizations should immediately gain an understanding of newly introduced risks and relevant controls by:

    • Getting a seat at the table
    • Understanding the risk prioritization:
    • Remote workforce/technology performance
    • Operational and financial implications
    • Emerging insider and external threats
  • Business continuity capabilities

Assessing cyber governance and security awareness in the new operating environment

Assessing the highest areas of risk and recommend practical mitigation strategies that minimize impact to constrained resources.

Keeping leadership and the Board apprised of ever-changing risk profile

Given the complexity of the pandemic and associated cyber challenges, there is reason to believe that the recovery phase post-COVID-19 will require unprecedented levels of cyber orchestration, communication, and changing of existing configurations across the organization.

CyberSecurity: Protect Yourself on Internet

    • Use two factor authentication when possible. If not possible, use strong unique passwords that are difficult to guess or crack. This means avoiding passwords that use of common words, your birthdate, your SSN, names and birthdays of close associates, etc.
    • Make sure the devices you are using are up-to-date and have some form of reputable anti-virus/malware software installed.
    • Never open emails, attachments, programs unless they are from a trusted source (i.e., a source that can be verified). Also disregard email or web requests that ask you to share your personal or account information unless you are sure the request and requestor are legitimate.
    • Try to only use websites that are encrypted. To do this, look for either the trusted security lock symbol before the website address and/or the extra “s” at the end of http in the URL address bar.
    • Avoid using an administrator level account when using the internet.
    • Only enable cookies when absolutely required by a website.
    • Make social media accounts private or don’t use social media at all.
    • Consider using VPNs and encrypting any folders/data that contains sensitive data.
  • Stay away from using unprotected public Wi-Fi networks.
    • Social media is genetically engineered in Area 51 to harvest as much data from you as possible. Far beyond just having your name and age and photograph.

    • Never use the same username twice anywhere, or the same password twice anywhere.

    • Use Tor/Tor Browser whenever possible. It’s not perfect, but it is a decent default attempt at anonymity.

    • Use a VPN. Using VPN and Tor can be even better.

    • Search engines like DuckDuckGo offer better privacy (assuming they’re honest, which you can never be certain of) than Google which, like social media, works extremely hard to harvest every bit of data from you that they can.

    • Never give your real details anywhere. Certainly not things like your name or pictures of yourself, but even less obvious things like your age or country of origin. Even things like how you spell words and grammatical quirks can reveal where you’re from.

    • Erase your comments from websites after a few days/weeks. It might not erase them from the website’s servers, but it will at least remove them from public view. If you don’t, you can forget they exist and you never know how or when they can and will be used against you.

  • With Reddit, you can create an account fairly easily over Tor using no real information. Also, regularly nuke your accounts in case Reddit or some crazy stalker is monitoring your posts to build a profile of who you might be. Source: Reddit

 Notable Hackers

  • Adrian Lamo – gained media attention for breaking into several high-profile computer networks, including those of The New York Times, Yahoo!, and Microsoft, culminating in his 2003 arrest. Lamo was best known for reporting U.S. soldier Chelsea Manning to Army criminal investigators in 2010 for leaking hundreds of thousands of sensitive U.S. government documents to WikiLeaks.
  • Albert Gonzales – an American computer hacker and computer criminal who is accused of masterminding the combined credit card theft and subsequent reselling of more than 170 million card and ATM numbers from 2005 to 2007: the biggest such fraud in history.
  • Andrew Auernheimer (known as Weev) – Went to jail for using math against AT&T website.
  • Barnaby Jack – was a New Zealand hacker, programmer and computer security expert. He was known for his presentation at the Black Hat computer security conference in 2010, during which he exploited two ATMs and made them dispense fake paper currency on the stage. Among his other most notable works were the exploitation of various medical devices, including pacemakers and insulin pumps.
  • Benjamin Delpy – Mimikatz
  • DVD-Jon – He wrote the DeCSS software, which decodes the Content Scramble System used for DVD licensing enforcement.
  • Eric Corley (known as Emmanuel Goldstein) – 2600
  • Gary McKinnon – a Scottish systems administrator and hacker who was accused in 2002 of perpetrating the “biggest military computer hack of all time,” although McKinnon himself states that he was merely looking for evidence of free energy suppression and a cover-up of UFO activity and other technologies potentially useful to the public. 👽🛸
  • George Hotz aka geohot – “The former Facebook engineer took on the giants of the tech world by developing the first iPhone carrier-unlock techniques,” says Mark Greenwood, head of data science at Netacea, “followed a few years later by reverse engineering Sony’s PlayStation 3, clearing the way for users to run their own code on locked-down hardware. George sparked an interest in a younger generation frustrated with hardware and software restrictions being imposed on them and led to a new scene of opening up devices, ultimately leading to better security and more openness.”
  • Guccifer 2.0 – a persona which claimed to be the hacker(s) that hacked into the Democratic National Committee (DNC) computer network and then leaked its documents to the media, the website WikiLeaks, and a conference event.
  • Hector Monsegur (known as Sabu) – an American computer hacker and co-founder of the hacking group LulzSec. He Monsegur became an informant for the FBI, working with the agency for over ten months to aid them in identifying the other hackers from LulzSec and related groups.
  • Jacob Appelbaum – an American independent journalist, computer security researcher, artist, and hacker. He has been employed by the University of Washington, and was a core member of the Tor project, a free software network designed to provide online anonymity.
  • James Forshaw – one of the world’s foremost bug bounty huners
  • Jeanson James Ancheta – On May 9, 2006, Jeanson James Ancheta (born 1985) became the first person to be charged for controlling large numbers of hijacked computers or botnets.
  • Jeremy Hammond – He was convicted of computer fraud in 2013 for hacking the private intelligence firm Stratfor and releasing data to the whistle-blowing website WikiLeaks, and sentenced to 10 years in prison.
  • John Draper – also known as Captain Crunch, Crunch or Crunchman (after the Cap’n Crunch breakfast cereal mascot), is an American computer programmer and former legendary phone phreak.
  • Kevin Mitnick – Free Kevin
  • Kimberley Vanvaeck (known as Gigabyte) – a virus writer from Belgium known for a long-standing dispute which involved the internet security firm Sophos and one of its employees, Graham Cluley. Vanvaeck wrote several viruses, including Quis, Coconut and YahaSux (also called Sahay). She also created a Sharp virus (also called “Sharpei”), credited as being the first virus to be written in C#.
  • Lauri Love – a British activist charged with stealing data from United States Government computers including the United States Army, Missile Defense Agency, and NASA via computer intrusion.
  • Michael Calce (known as MafiaBoy) – a security expert from Île Bizard, Quebec who launched a series of highly publicized denial-of-service attacks in February 2000 against large commercial websites, including Yahoo!, Fifa.com, Amazon.com, Dell, Inc., E*TRADE, eBay, and CNN.
  • Mudge – Peiter C. Zatko, better known as Mudge, is a network security expert, open source programmer, writer, and a hacker. He was the most prominent member of the high-profile hacker think tank the L0pht as well as the long-lived computer and culture hacking cooperative the Cult of the Dead Cow.
  • Phineas Fisher – vigilante hacker god
  • PRAGMA – Also known as Impragma or PHOENiX, PRAGMA is the author of Snipr, one of the most prolific credential stuffing tools available online.
  • The 414s – The 414s were a group of computer hackers who broke into dozens of high-profile computer systems, including ones at Los Alamos National Laboratory, Sloan-Kettering Cancer Center, and Security Pacific Bank, in 1982 and 1983.
  • The Shadow Brokers – is a hacker group who first appeared in the summer of 2016. They published several leaks containing hacking tools from the National Security Agency (NSA), including several zero-day exploits. Specifically, these exploits and vulnerabilities targeted enterprise firewalls, antivirus software, and Microsoft products.[6] The Shadow Brokers originally attributed the leaks to the Equation Group threat actor, who have been tied to the NSA’s Tailored Access Operations unit.

Notable Viruses & Worms

History

  • The Strange History of Ransomware
    The first ransomware virus predates e-mail, even the Internet as we know it, and was distributed on floppy disk by the postal service. It sounds quaint, but in some ways this horse-and-buggy version was even more insidious than its modern descendants. Contemporary ransomware tends to bait victims using legitimate-looking email attachments — a fake invoice from UPS, or a receipt from Delta airlines. But the 20,000 disks dispatched to 90 countries in December of 1989 were masquerading as something far more evil: AIDS education software.

How to protect sensitive data for its entire lifecycle in AWS

How to protect sensitive data for its entire lifecycle in AWS
How to protect sensitive data for its entire lifecycle in AWS

You can protect data in-transit over individual communications channels using transport layer security (TLS), and at-rest in individual storage silos using volume encryption, object encryption or database table encryption. However, if you have sensitive workloads, you might need additional protection that can follow the data as it moves through the application stack. Fine-grained data protection techniques such as field-level encryption allow for the protection of sensitive data fields in larger application payloads while leaving non-sensitive fields in plaintext. This approach lets an application perform business functions on non-sensitive fields without the overhead of encryption, and allows fine-grained control over what fields can be accessed by what parts of the application. Read m ore here…

Cybersecurity Breaking News – Top Stories

  • Security issue when register/install new account/app via Google account
    by /u/Voldemort_15 (cybersecurity) on September 30, 2022 at 6:07 pm

    Hi all, I post this question to support Google but no one answered after 4 days. Hope it is OK to ask here. I see many websites that allow you to register new account quickly via Google account. However, there are statements before you click agree like: "View and manage documents that this application has been installed in" "Allow this application to run when you are not present" "View and manage data associated with the application""Display and run third-party web content in prompts and sidebars inside Google applications" "You may be sharing sensitive info with this site or app. You can always see or remove access in your Google Account. Learn how Google helps you share data safely." ... Some things likes you give all control of your Google account to this party. Do you think it is safe to allow to register/install by this option? Many times, this is the only option to register/install. Thank you in advance! submitted by /u/Voldemort_15 [link] [comments]

  • Password Spray Triggered Alert? How to tell it's false positive
    by /u/TheYansterr (cybersecurity) on September 30, 2022 at 6:00 pm

    Hello, we had an alert from one of our cisco endpoint security for password spray event. But i am confused because it is coming from an ACS server. Over 200 login attempts with 17 successful logons. Usernames are coming from the ACS and Admin account. I do know we're upgrading our servers but I'm new to the company so I have no idea yet how data flow is like but no one seems to be taking this event seriously. So my question is, is it common for servers to trigger a password spray? If not what are the next steps I should do to mitigate this? Thanks submitted by /u/TheYansterr [link] [comments]

  • ZINC weaponizing open-source software - Microsoft Security Blog
    by /u/speckz (cybersecurity) on September 30, 2022 at 4:02 pm

    submitted by /u/speckz [link] [comments]

  • There’s an upcoming cybersecurity & third party risk summit in October being hosted by Global Resilience Federation, outside of DC. Is anyone in this sub attending? Here’s a link- would be awesome to network in person.
    by /u/hiihaveareddit (cybersecurity) on September 30, 2022 at 3:50 pm

    submitted by /u/hiihaveareddit [link] [comments]

  • Cloud workload protection/runtime protection
    by /u/andrewdoesit (cybersecurity) on September 30, 2022 at 3:43 pm

    Curious as to what y’all’s experience is with some of the cloud workload products are. It seems like there isn’t a whole lot out there and I’d love to hear some feedback on what you’re using and how you like it. submitted by /u/andrewdoesit [link] [comments]

  • New Malware Families Found Targeting VMware ESXi Hypervisors
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on September 30, 2022 at 2:42 pm

    Threat actors have been found deploying never-before-seen post-compromise implants in VMware's virtualization software to seize control of infected systems and evade detection. Google's Mandiant threat intelligence division referred to it as a "novel malware ecosystem" that impacts VMware ESXi, Linux vCenter servers, and Windows virtual machines, allowing attackers to maintain persistent access

  • Any useful cybersecurity software under $5k?
    by /u/EmotionNo6674 (cybersecurity) on September 30, 2022 at 1:57 pm

    Hello Team! I am looking for any recommendations for any software/hardware (no computers/laptops) that you found useful in IR, Pen testing, or general cybersecurity from your experence. We are a small security shop but manage a few thousand endpoints/systems, and I got some cash to spend on random software and/or physical accessories. Any thoughts are welcome. submitted by /u/EmotionNo6674 [link] [comments]

  • internal application pen/security testing
    by /u/_l0la (cybersecurity) on September 30, 2022 at 1:56 pm

    hi cyber security professionals... so i am handling pen testing for my company and one area which i dont have much knowledge in is internal application security testing. my background is network and security engineer. i am aware of SAST, and DAST, which my company is currently investigating a potential platform to purchase. but in terms of annual pentesting, what services do you think i could include in the yearly pen testing activities. (and so search for in suppliers' services) some i have come across are threat modelling, code review.... anything else any of you guys include? or anything you would say is more important than others. i am already ok with all the external facing stuff e.g. apis, web apps, etc. but it is the internal in house stuff im looking for. thanks, submitted by /u/_l0la [link] [comments]

  • New Microsoft Exchange zero-days actively exploited in attacks
    by /u/wewewawa (cybersecurity) on September 30, 2022 at 1:36 pm

    submitted by /u/wewewawa [link] [comments]

  • Microsoft says two new Exchange zero-day bugs under active attack, but no immediate fix
    by /u/rangeva (cybersecurity) on September 30, 2022 at 1:07 pm

    submitted by /u/rangeva [link] [comments]

  • Top cybersecurity stories for the week of 09-26-22 to 09-30-22
    by /u/CISO_Series_Producer (cybersecurity) on September 30, 2022 at 12:36 pm

    Below are the top headlines we’ve been reporting this whole week on Cyber Security Headlines. If you’d like to hear and participate in a discussion about them, the CISO Series does a live 20-minute show every Friday at 12:30pm PT/3:30pm ET. Each week we welcome a different cyber practitioner to offer some color to the week's stories. Our guest this week is Sara Lazarus, VP and head of trust and security, Stavvy. If you want to get involved you can watch live and participate in the discussion on YouTube Live (https://www.youtube.com/watch?v=5IYwMt_4d30), or you can just subscribe to the Cyber Security Headlines podcast and get it into your feed. Here are some of the stories we plan to cover: London Police arrest 17-year-old hacker suspected of Uber and GTA 6 breaches The City of London Police on Friday revealed that it has arrested a 17-year-old from Oxfordshire on suspicion of hacking. The department said the arrest was made as part of an investigation in partnership with the U.K. National Crime Agency's cybercrime unit. No further details about the nature of the investigation were disclosed, although it's suspected that the law enforcement action may have something to do with the recent string of high-profile hacks aimed at Uber and Rockstar Games. Both the intrusions are alleged to have been committed by the same threat actor, who goes by the name Tea Pot (aka teapotuberhacker). Uber, for its part, has pinned the breach on an attacker (or attackers) that it believes is associated with the LAPSUS$ extortion gang, two of whom are facing fraud charges. According to cybersecurity company Flashpoint, the real world identity of the hacker behind the two incidents is said to have been outed on an online illicit forum. (The Hacker News) Study finds organizations deluged with cybersecurity incidents A new report from the security vendor Trellix found that the average SecOps team managed 51 cybersecurity incidents per day. 36% reported seeing significantly higher, dealing with 50 to 200 incidents daily. 46% agreed to being “inundated by a never-ending stream of cyber-attacks.” Siloed systems remained a common pain point, with 60% saying poorly integrated products reduced organizational efficiency in responding. This also appears to cost organizations money, with 84% saying they estimated losses from the incidents at up to 10% of annual revenue. (InfoSecurity Magazine) Finnish intelligence warns Russia ‘highly likely’ to turn to cyber in winter The head of the Finnish Security Intelligence Service (Suojelupoliisi or SUPO) says it is “highly likely that Russia will turn to the cyber environment over the winter” for espionage due to challenges impacting its human intelligence work. In the unclassified National Security Overview 2022 published on Thursday, SUPO said that Russia’s traditional intelligence gathering approach using spies with diplomatic cover “has become substantially more difficult since Russia launched its war of aggression in Ukraine, as many Russian diplomats have been expelled from the West.” SUPO assessed that Russian citizens who occupied critical positions in Finland were particularly at risk of coercion from the Russian authorities. (The Record) Attackers impersonate CircleCI platform to compromise GitHub accounts GitHub is warning of an ongoing phishing campaign targeting its users to steal credentials and two-factor authentication (2FA) codes by impersonating the CircleCI DevOps platform. The company learned of the attacks against its users on September 16, it pointed out that the phishing campaign has impacted many victim organizations except GitHub. Phishing messages claims that a user’s CircleCI session expired and attempt to trick recipients into logging in using GitHub credentials. The company pointed out that the accounts protected by hardware security keys are not vulnerable to this attack. (Security Affairs) Lazarus Group targets macOS users We’ve seen a number of threat groups use the surging job market as a perfect vector for cyber attacks. The security researchers at SentinelOne report that the North Korea-linked Lazarus Group operates a campaign targeting macOS users. This lures users with job offers at Crypto.com. ESET and Malwarebytes reported on the campaign originally last month, targeting Windows users with similar crypto-related jobs. It’s not clear how the campaign specifically delivers the initial malware payload. Some reports suggest private messaging on LinkedIn. These likely represent short-term campaigns focused on theft, given the threat actors do not obfuscate any binaries in the attacks. (InfoSecurity Magazine) Geopolitics behind recent DDoS surge It seems like in 2022, we’ve talked about another record breaking DDoS attack every couple of weeks. A new report from NETSCOUT found that these likely come from a rise in wars and regional disputes in the year. The company tracked over six million DDoS incidents, finding they used 57% more bandwidth than last year. The overall number of DDoS attacks remained consistent, the extra bandwidth reflects more intensity. Countries with ties to the war in Ukraine saw the most impact. Finland saw a 258% increas in DDoS attacks since applying for NATO membership. Ireland, India, Taiwan, Belize, Romania, Italy, Lithuania, Norway, Poland, and Latvia also saw notable increases. (The Record) Leaked ransomware builder used in attacks Last week, a LockBit 3.0 builder leaked on Twitter. This came as the result of a seeming fallout between the ransomware operator and the developer. The leak opened the door for anyone to build a functional encryptor and decryptor for attacks. Bleeping Computer confirmed that a new ransomware group called 'Bl00Dy Ransomware Gang' did just that against a Ukrainian victim. Their previous work largely used Conti ransomware, targeting a group of medical practices in New York. The group did some light modifications to LockBit 3.0, but functionally it remains identical. (Bleeping Computer) Cloudflare hopes Turnstile can replace CAPTCHAs CAPTCHAs feature inherent shortcomings, offering slow, cryptic, and arguably effective human verification. To avoid these, Cloudflare released a beta for Turnstile which it calls “a user-friendly, privacy preserving alternative” to CAPTCHA. Rather than visual puzzles, Turnstile uses JavaScript-based rotating browser challenges that read the browser environment for indicators of human behavior. These challenges get more sophisticated the more indicators of non-human behavior it detects. Turnstyle uses browser information, not human interaction. Cloudflare says this can reduce the verification process to one second. (TechCrunch) Fast Company goes dark after cyber attack Late on September 27th, Apple News sent notifications from the publication Fast Company that contained racist and obscene language. Apple subsequently suspended its channel on the app. Fast Company confirmed a threat actor breached its Apple News account, saying it suspended its feed and shut down FastCompany.com while it investigates. This came after the attacker appeared to post a message on the site before the take down, claiming to have access to a commonly shared password with admin access. The post also pointed to a dark web forum that claims it will release thousands of employee records and draft posts from the publication. The attacker said it didn’t obtain customer information as the site stored that information on a separate server. (The Verge) Researchers uncover covert attack campaign targeting military contractors A new covert attack campaign singled out multiple military and weapons contractor companies with spear-phishing emails to trigger a multi-stage infection process designed to deploy an unknown payload on compromised machines. The highly-targeted intrusions, dubbed STEEP#MAVERICK by Securonix, also targeted a strategic supplier to the F-35 Lightning II fighter aircraft. Starting in late summer 2022 the infection chains begin with a phishing mail with a ZIP archive attachment containing a shortcut file that claims to be a PDF document about "Company & Benefits," which is then used to retrieve a stager -- an initial binary that's used to download the desired malware -- from a remote server. (The Hacker News) IRS warns of "industrial scale" smishing surge In a news alert yesterday, the tax agency said it had identified thousands of fake domains so far in 2022, used to facilitate the so-called “smishing” scams, and designed to steal victims’ personal and financial information. Spoofed to appear as if sent from the IRS, these text messages often use lures like fake COVID relief, tax credits or help setting up an IRS online account, it said. They might request personal information or covertly download malware to the user’s device by tricking them into clicking on a malicious link. “This is phishing on an industrial scale so thousands of people can be at risk of receiving these scam messages,” said IRS commissioner Chuck Rettig. (InfoSecurity Magazine) submitted by /u/CISO_Series_Producer [link] [comments]

  • Cyber Attacks Against Middle East Governments Hide Malware in Windows logo
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on September 30, 2022 at 11:52 am

    An espionage-focused threat actor has been observed using a steganographic trick to conceal a previously undocumented backdoor in a Windows logo in its attacks against Middle Eastern governments. Broadcom's Symantec Threat Hunter Team attributed the updated tooling to a hacking group it tracks under the name Witchetty, which is also known as LookingFrog, a subgroup operating under the TA410

  • New Malware Campaign Targeting Job Seekers with Cobalt Strike Beacons
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on September 30, 2022 at 10:20 am

    A social engineering campaign leveraging job-themed lures is weaponizing a years-old remote code execution flaw in Microsoft Office to deploy Cobalt Strike beacons on compromised hosts. "The payload discovered is a leaked version of a Cobalt Strike beacon," Cisco Talos researchers Chetan Raghuprasad and Vanja Svajcer said in a new analysis published Wednesday. "The beacon configuration contains

  • Why Organisations Need Both EDR and NDR for Complete Network Protection
    by noreply@blogger.com (The Hacker News) (The Hacker News) on September 30, 2022 at 10:10 am

    Endpoint devices like desktops, laptops, and mobile phones enable users to connect to enterprise networks and use their resources for their day-to-day work. However, they also expand the attack surface and make the organisation vulnerable to malicious cyberattacks and data breaches. Why Modern Organisations Need EDR According to the 2020 global risk report by Ponemon Institute, smartphones,

  • North Korean Hackers Weaponizing Open-Source Software in Latest Cyber Attacks
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on September 30, 2022 at 10:02 am

    A "highly operational, destructive, and sophisticated nation-state activity group" with ties to North Korea has been weaponizing open source software in their social engineering campaigns aimed at companies around the world since June 2022. Microsoft's threat intelligence teams, alongside LinkedIn Threat Prevention and Defense, attributed the intrusions with high confidence to Zinc, which is

  • What are your canned responses in Cyber Security?
    by /u/securitysushi (cybersecurity) on September 30, 2022 at 10:01 am

    Hi folks, I was wondering what kind of responses you regularly use in your work? I write the same sentences manually over and over again and thought I start a list of canned responses (something like http://cannedtxt.com/ but for security). For example: We will monitor these activities and share the necessary information as it progresses As of now there are no known incidents specific with $company about this matter Thank you for your IT security awareness No signs of compromise or malicious behavior has been found on $server. What are your canned responses? submitted by /u/securitysushi [link] [comments]

  • Microsoft Confirms 2 New Exchange Zero-Day Flaws Being Used in the Wild
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on September 30, 2022 at 9:01 am

    Microsoft officially disclosed it investigating two zero-day security vulnerabilities impacting Exchange Server 2013, 2016, and 2019 following reports of in-the-wild exploitation. "The first vulnerability, identified as CVE-2022-41040, is a Server-Side Request Forgery (SSRF) vulnerability, while the second, identified as CVE-2022-41082, allows remote code execution (RCE) when PowerShell is

  • Hacking group hides backdoor malware inside Windows logo image
    by /u/Anastasia_IT (cybersecurity) on September 30, 2022 at 8:48 am

    submitted by /u/Anastasia_IT [link] [comments]

  • MS Exchange 0 Day
    by /u/tigerfistsmiling (cybersecurity) on September 30, 2022 at 8:45 am

    submitted by /u/tigerfistsmiling [link] [comments]

  • WARNING: New Unpatched Microsoft Exchange Zero-Day Under Active Exploitation
    by /u/Glad_Living3908 (cybersecurity) on September 30, 2022 at 7:54 am

    submitted by /u/Glad_Living3908 [link] [comments]

  • Reports emerging that a new zero day exists in Microsoft Exchange
    by /u/Realistic-Cap6526 (cybersecurity) on September 30, 2022 at 7:25 am

    submitted by /u/Realistic-Cap6526 [link] [comments]

  • Quiet employee
    by /u/Environmental-State7 (cybersecurity) on September 30, 2022 at 5:14 am

    I have an employee who would not say anything during a meeting or incidents. If we assign him stuff, he will do it with accuracy. If we put him on a spot with a question, he would go blank and not answer correctly or stutter and not speak clearly. He got certifications but because he is so quiet, I don’t know what he knows. During an incident, we want our employees to speak up and help. I’ve asked him to speak up more when there are incidents in the past, but still nothing from him. It may be my fault as I didn’t give him any directions. How can I help this employee improve in this area? Do you have employees like this? How do you adjust and make it work? submitted by /u/Environmental-State7 [link] [comments]

  • Fake CISO Profiles on LinkedIn Target Fortune 500s
    by /u/SquidFistHK (cybersecurity) on September 30, 2022 at 4:51 am

    submitted by /u/SquidFistHK [link] [comments]

  • Ex-NSA employee in Colorado arrested for selling secrets to a foreign power
    by /u/regalrecaller (cybersecurity) on September 30, 2022 at 4:41 am

    submitted by /u/regalrecaller [link] [comments]

  • WARNING: New Unpatched Microsoft Exchange Zero-Day Under Active Exploitation
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on September 30, 2022 at 4:25 am

    Security researchers are warning of previously undisclosed flaws in fully patched Microsoft Exchange servers being exploited by malicious actors in real-world attacks to achieve remote code execution on affected systems. That's according to Vietnamese cybersecurity company GTSC, which discovered the shortcomings as part of its security monitoring and incident response efforts in August 2022. The

  • What will you choose: Security solutions vs Incident Response?
    by /u/vskhosa (cybersecurity) on September 30, 2022 at 12:56 am

    I am trying to weigh in the pros and cons of these two security paths. I am at crossroads between the two and have to decide which side I should go for a brighter future career. Little bit about myself - I have just over 8 years of combined experience in IT operations, system admin and security operations. That was my progression. I have been in cybersecurity for just over 4 years now. I have gained significant experience over the years and I am CISSP. In my current role, I do SOC tasks along with moderate python related security solutions tasks. From here I have two paths, I can either go full on security solutions or I can move on to the incident response team where I will be involved in threat hunting, On call IR etc. I have always wanted to go towards solutions because I like programming. What could be the downsides (if any) of going towards security solutions and what good things I might be missing if I don't go to the IR side? submitted by /u/vskhosa [link] [comments]

  • Cyber and Information Warfare in Ukraine: What Do We Know Seven Months In?
    by /u/aknalid (cybersecurity) on September 30, 2022 at 12:16 am

    submitted by /u/aknalid [link] [comments]

  • We're developing a FOSS threat hunting tool integrating SIEM with a data science / automation framework through Jupyter Notebooks (Python). Looking for opinions about how seamless the lab setup should be and other details.
    by /u/Jonathan-Todd (cybersecurity) on September 29, 2022 at 9:50 pm

    This is not my first time posting about this tool, but I'm getting to a point in the development where I'm unsure about certain implementation details and would love some opinions from others in the field, if anyone cares to chime in. What is threat hunting? A SOC needs to catch threats in real-time, put out fires, chase down alerts. They need to rely heavily on automation (SIEM / EDR alerts) to meet the demands of so much work. Attackers leverage this fact by optimizing against the tools, operating in the gray space around the rules and alerts used, or by disabling the tools. But this often produces a very odd-looking artifact, easily identifiable to a human operator looking at the traffic or endpoint. Threat Hunting (TH) is just when an operator or team not tasked with putting out those fires has time to put human eyes on raw data. Put simply: SOC = Tools enhanced by people. Tools alert, people determine true / false positive. High volume, lots of fires, little time to look at raw data. Threat Hunter = People enhanced by tools. People use tools to find things missed by tools, with other tools. Lower volume, no fires, time can go toward putting eyes on raw data and submitting requests for information (RFIs) from network owner. These are my understandings as a junior analyst without a very broad experience - I haven't worked in a SOC yet. So forgive me for a perhaps imperfect explanation. First of all, the popular idea behind Threat Hunting (TH) is to pick one TTP at a time and hunt that. Form a hypothesis. Test it. Repeat. Well with tens of thousands of TTPs out there, that's not a very fast process. I think we can do better by applying automation and data science to the process, without becoming a SOC. Where automation and Data Science Comes In Here are a few things automation and data science could help with: High volume of techniques to hunt for: You can't afford to trust the SOC has implemented all the basic fundamentals. If you just skip to hunting advanced TTPs, it'll be pretty embarrassing if you missed something obvious because you thought surely the SOC would already be alerting on that. So every threat hunt will probably begin with iterating over a list of basic places to look for evil in a network and endpoints. Tools like Sysinternals (on Windows) can help hunt these basics, but you still need to iterate over every Windows endpoint, for example. Which takes us to our next point: High volume of traffic and endpoints to hunt in: There might be hundreds, thousands, or tens of thousands of hosts in the environment you're hunting, so without automation many hunting techniques just won't work at this scale. Some clues are hidden in too much data to sift through without automation. Baselining is one of the most powerful tools at a security professional's disposal and it requires some form of automation to work with that high-volume data and identify anomalies. This is where data-science shines in TH. Our Solution So, a colleague and I (neither of us incredibly experienced in the domain), both knowing Python (and working in a field where many know Python) were thinking about how we could maximize our contribution to Threat Hunting. The non-superstar dilemma. I'm not the fastest thinker, I get distracted a lot, and I don't have a ton of experience. Once a hunt begins, I won't be the superstar clacking away at the keyboard searching a hundred registries by hand, rapidly searching through Am/Shimcache, writing queries in the SIEM and remembering just the right property to access on a certain protocol to find anomalies. I'm not that kind of superstar operator. But I can research a TTP and protocols / endpoint activities involved in that TTP and build a plan to hunt it. So why not automate that? What if we could build a tool which not only automates hunting for a TTP, but standardizes a format to automate, link to MITRE ATT&CK, and visualize data outputs in a step-by-step process so that other TH'ers can design their own "Hunting Playbooks" in this same format and share them in a public repo (or build up a private repo, if you're an MSSP and don't want attackers to know all your tricks). That way not only can we all share these playbooks, but when a talented analyst leaves your team, as long as their hunting practices where codified into playbooks, your team keeps that expertise forever? And better yet, what if we could talk to SIEM APIs with this notebook to generate Dashboards with the results of these playbooks so that analysts not comfortable working with Jupyter Notebooks can just do their normal workflow and see the data visualizations in the SIEM, for example with Kibana? We liked that idea, so we've been developing it. Finally, My Questions For each playbook, we believe it's really important to have validation. Just as good tool developers write unit tests to validate the output of their code, we wanted to incorporate validation of these TTP hunting playbooks. We thought this would also reduce friction for other TH'ers to pick up the tool and easily launch their own environment and tweak it to test their own ideas rather than having to learn how to launch a decent lab which can be either expensive (cloud) or complicated (local), or both. This involves a few steps, especially since we want to keep every aspect of the tool FOSS: Launch Environment Infrastructure (VM) - To simulate a TTP in a reliably reproducible way, Infrastructure-as-Code orchestrating the lab seems like the obvious choice here. Terraform is really good at this and is FOSS. But cloud is expensive and mostly not FOSS. However, Terraform works with the FOSS OpenStack cloud platform, which you can install on any Linux VM. So that's what we're going with. Which brings us to Question #1: Would most of you see setting up your own OpenStack VM as undesirable friction? Should we consider using Ansible or some similar tool to set up and configure OpenStack as part of this tool's functionality with basically 1-click seamlessness? It would be more work and more code to maintain for us, and I can't seem to decide whether it's more of a need or a want. A certain amount of friction will turn people away from trying a tool, so we're trying to find the sweet-spot. And we're fairly new to DevOps so we're not entirely sure that we're choosing the best FOSS tech stack for the job, or overlooking some integration or licensing detail here. Launch SIEM (Docker) - This question recently got even more complicated than I expected. It has been our intention to use Elastic Search / ELK as the FOSS SIEM component. When we started this project, ELK Stack was using a FOSS model, but recent news seems to indicate Elastic may be moving away from that model. This is worrying, since the SIEM used needs to be popular, and ELK is the only FOSS platform which comes close to the popularity of, say, Splunk. Question #2: Is ELK going to be moving away from FOSS model? The future seems unclear as far as that goes. Launch Threat Emulation (Docker) - For this we're using Caldera, a FOSS threat emulation framework by MITRE. Launch Jupyter (Docker) - Where the framework is executed from and interacted with (for visualization support). 4.5 (edit) Framework analyzes SIEM & EDR data - Elastic produced this incredibly powerful Python library called Eland which lets you stream an Elastic index in as a pandas dataframe. Indexes can be massive. Way too big to load into a DF all at once but Eland pipes data in and out behind the scenes so that your DataFrame works just like a normal one and you still access all that data as if it were all there locally. ELK APIs and Elastic Security (Formerly known as the Endgame EDR) are communicated with by the playbook / framework. Some abstraction makes this simple and keeps inputs / outputs standard across all playbooks. Hunt - Human operators use the Hunting Playbook and input timestamps where the relevant ATT&CK Techniques were observed. If the Playbook is effective, the user should be able to use the output to correctly identify the emulated TTP's artifacts. Validate - The framework compares the timestamps / ATT&CK Techniques submitted by the operator to validate effectiveness and reveals any missed Techniques along with timestamps they should have occurred. This is done by the framework interacting with Caldera's API for the emulated attack's logs. So overall, this process requires the user install and run a Python package which will kick off everything else, with two requirements: VM with OpenStack running (or we could try to orchestrate with this Ansible, as posed in Question #1). Docker. Basically my questions come down to a TL;DR of: Are we using the right infrastructure? How streamlined / orchestrated does setup need to be? Is there a better approach to setting it all up that we haven't thought of? Maybe we should be orchestrating, for example, all of the components within OpenStack instead of some parts being OpenStack and others being Docker. submitted by /u/Jonathan-Todd [link] [comments]

  • Microsoft Teams Vulnerability to Privilege Escalation
    by /u/patoden (cybersecurity) on September 29, 2022 at 8:10 pm

    9/29/22 I recently came across suspicious activity on a corporate network. I noticed an unknown actor was going around the environment and using privileged access to execute suspicious powershell during off hours. Other unusual activity I noticed coming from within Microsoft Teams. I think this vulnerability is still well and alive - Squirrel Exploit - Microsoft Teams - https://techmonitor.ai/technology/cybersecurity/microsoft-teams-vulnerability Here's the reason that I say that whenever I cross check the HASH of Microsoft Teams websites like VirusTotal and www.joesandbox.com people are reporting dropped files, unusual contacted ips, suspicious powershell commands, obfuscated commands found, Queries to processes, domains, bundled files, and unusual execution parents. Suspicious Hash from Microsoft Teams - Looked up Hash - 156cafa6da98a57e481aab74ef748726bd4dce2912536fb59e65d9a57a3ae7a7 https://www.virustotal.com/gui/file/156cafa6da98a57e481aab74ef748726bd4dce2912536fb59e65d9a57a3ae7a7/community (<-- this link multiple people are reporting the HASH as Malicious and possible greyware, all of the file names match the TeamsSetup.exe I've downloaded) https://www.joesandbox.com/analysis/668278/0/html (<-- Same Hash and I see the same malicious indicators. ) Other suspicious Hash from Microsoft Teams - Looked up Hash - d6f5d7d5c3e1cc6501d3363a765b5fe96f3467ac5ca6b2826c5a41d6851236ba https://www.virustotal.com/gui/file/d6f5d7d5c3e1cc6501d3363a765b5fe96f3467ac5ca6b2826c5a41d6851236ba/behavior (<-- other things reported things are: execution, persistence, privilege escalation, defense evasion, discovery) Below is more information on the threat. Source URL : (Download Link) https://go.microsoft.com/fwlink/p/?LinkID=2187217&clcid=0x409&culture=en-us&country=US&Lmsrc=groupChatMarketingPageWeb&Cmpid=directDownloadv2Win64 Original IP from 5/14/22: 23.64.233.116 The reported indictors are: checks-network-adapters detect-debug-environment direct-cpu-clock-access overlay peexe runtime-modules signed Security impact Tampering Reported product Teams Version/build1.5.00.9163 I reported this to MSRC and this is the response I got back: (I will try re-reporting it but I was wondering if anyone has come across anything like this? Hello, Thank you for contacting the Microsoft Security Response Center (MSRC). What you are reporting appears to be related to a suspected malicious site, IP, malicious email, etc. Please note that this email address is unable to assist with this type of issue. As such, this email thread has been closed and will no longer be monitored. Please see one of the options below: If this is a Microsoft owned email address or website you can find assistance at the at the following address: "Security Incident and Abuse Reporting> <https://cert.microsoft.com/report.aspx> This form is to report suspected security issues or abuse of Microsoft Online Services, such as Bing, Hotmail, Windows Live, Windows Azure, and Office 365. This includes malicious network activity originating from a Microsoft IP address. It also includes distribution of malicious content or other illicit or illegal material through a Microsoft Online Service. Again, we appreciate your report. Regards, MSRC submitted by /u/patoden [link] [comments]

  • New attack campaign utilized a new 0-day RCE vulnerability on Microsoft Exchange Server
    by /u/CyberMasterV (cybersecurity) on September 29, 2022 at 7:50 pm

    submitted by /u/CyberMasterV [link] [comments]

  • Company woke up this morning to a ransomware attack. Infected every computer connected to the network and all virtual servers, including a backup server isolated from the main network. Any advice on looking for its entry point?
    by /u/meowlicious1 (cybersecurity) on September 29, 2022 at 4:14 pm

    Edit: the ransomware is Stealbit Edit 2: Thank you to everyone so far. Edit 3: Found a batch file on the main controller. Preserving the original VMs and making new ones from tape backups to get running while old ones can be used for investigation. submitted by /u/meowlicious1 [link] [comments]

  • Brazilian Prilex Hackers Resurfaced With Sophisticated Point-of-Sale Malware
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on September 29, 2022 at 2:15 pm

    A Brazilian threat actor known as Prilex has resurfaced after a year-long operational hiatus with an advanced and complex malware to steal money by means of fraudulent transactions. "The Prilex group has shown a high level of knowledge about credit and debit card transactions, and how software used for payment processing works," Kaspersky researchers said. "This enables the attackers to keep

  • Researchers Uncover Covert Attack Campaign Targeting Military Contractors
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on September 29, 2022 at 12:00 pm

    A new covert attack campaign singled out multiple military and weapons contractor companies with spear-phishing emails to trigger a multi-stage infection process designed to deploy an unknown payload on compromised machines. The highly-targeted intrusions, dubbed STEEP#MAVERICK by Securonix, also targeted a strategic supplier to the F-35 Lightning II fighter aircraft. "The attack was carried out

  • Five Steps to Mitigate the Risk of Credential Exposure
    by noreply@blogger.com (The Hacker News) (The Hacker News) on September 29, 2022 at 11:45 am

    Every year, billions of credentials appear online, be it on the dark web, clear web, paste sites, or in data dumps shared by cybercriminals. These credentials are often used for account takeover attacks, exposing organizations to breaches, ransomware, and data theft.  While CISOs are aware of growing identity threats and have multiple tools in their arsenal to help reduce the potential risk, the

  • Swachh City Platform Suffers Data Breach Leaking 16 Million User Records
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on September 29, 2022 at 10:12 am

    A threat actor by the name of LeakBase has shared a database containing personal information allegedly affecting 16 million users of Swachh City, an Indian complaint redressal platform. Leaked details include usernames, email addresses, password hashes, mobile numbers, one-time passwords, last logged-in times, and IP addresses, among others, according to a report shared by security firm CloudSEK

  • Hackers Aid Protests Against Iranian Government with Proxies, Leaks and Hacks
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on September 29, 2022 at 9:56 am

    Several hacktivist groups are using Telegram and other tools to aid anti-government protests in Iran to bypass regime censorship restrictions amid ongoing unrest in the country following the death of Mahsa Amini in custody. "Key activities are data leaking and selling, including officials' phone numbers and emails, and maps of sensitive locations," Israeli cybersecurity firm Check Point said in

  • Microsoft has restricted the Russian Federation from accessing updates to Windows 11
    by /u/GaryofRiviera (cybersecurity) on September 29, 2022 at 12:22 am

    submitted by /u/GaryofRiviera [link] [comments]

  • Researchers Warn of New Go-based Malware Targeting Windows and Linux Systems
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on September 28, 2022 at 2:00 pm

    A new, multi-functional Go-based malware dubbed Chaos has been rapidly growing in volume in recent months to ensnare a wide range of Windows, Linux, small office/home office (SOHO) routers, and enterprise servers into its botnet. "Chaos functionality includes the ability to enumerate the host environment, run remote shell commands, load additional modules, automatically propagate through

  • Cyber Criminals Using Quantum Builder Sold on Dark Web to Deliver Agent Tesla Malware
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on September 28, 2022 at 12:36 pm

    A recently discovered malware builder called Quantum Builder is being used to deliver the Agent Tesla remote access trojan (RAT). "This campaign features enhancements and a shift toward LNK (Windows shortcut) files when compared to similar attacks in the past," Zscaler ThreatLabz researchers Niraj Shivtarkar and Avinash Kumar said in a Tuesday write-up. Sold on the dark web for €

  • Improve your security posture with Wazuh, a free and open source XDR
    by noreply@blogger.com (The Hacker News) (The Hacker News) on September 28, 2022 at 12:15 pm

    Organizations struggle to find ways to keep a good security posture. This is because it is difficult to create secure system policies and find the right tools that help achieve a good posture. In many cases, organizations work with tools that do not integrate with each other and are expensive to purchase and maintain. Security posture management is a term used to describe the process of

  • Hackers Using PowerPoint Mouseover Trick to Infect System with Malware
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on September 28, 2022 at 10:09 am

    The Russian state-sponsored threat actor known as APT28 has been found leveraging a new code execution method that makes use of mouse movement in decoy Microsoft PowerPoint documents to deploy malware. The technique "is designed to be triggered when the user starts the presentation mode and moves the mouse," cybersecurity firm Cluster25 said in a technical report. "The code execution runs a

  • Facebook Shuts Down Covert Political 'Influence Operations' from Russia and China
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on September 28, 2022 at 8:45 am

    Meta Platforms on Tuesday disclosed it took steps to dismantle two covert influence operations originating from China and Russia for engaging in coordinated inauthentic behavior (CIB) so as to manipulate public debate. While the Chinese operation sets its sights on the U.S. and the Czech Republic, the Russian network primarily targeted Germany, France, Italy, Ukraine and the U.K. with themes

  • Critical WhatsApp Bugs Could Have Let Attackers Hack Devices Remotely
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on September 28, 2022 at 5:03 am

    WhatsApp has released security updates to address two flaws in its messaging app for Android and iOS that could lead to remote code execution on vulnerable devices. One of them concerns CVE-2022-36934 (CVSS score: 9.8), a critical integer overflow vulnerability in WhatsApp that results in the execution of arbitrary code simply by establishing a video call. The issue impacts the WhatsApp and

  • Ukraine Says Russia Planning Massive Cyberattacks on its Critical Infrastructures
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on September 27, 2022 at 1:54 pm

    The Ukrainian government on Monday warned of "massive cyberattacks" by Russia targeting critical infrastructure facilities located in the country and that of its allies. The attacks are said to be targeting the energy sector, the Main Directorate of Intelligence of the Ministry of Defense of Ukraine (GUR) said. "By the cyberattacks, the enemy will try to increase the effect of missile strikes on

  • New NullMixer Malware Campaign Stealing Users' Payment Data and Credentials
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on September 27, 2022 at 1:19 pm

    Cybercriminals are continuing to prey on users searching for cracked software by directing them to fraudulent websites hosting weaponized installers that deploy malware called NullMixer on compromised systems. "When a user extracts and executes NullMixer, it drops a number of malware files to the compromised machine," cybersecurity firm Kaspersky said in a Monday report. "It drops a wide variety

  • Experts Uncover 85 Apps with 13 Million Downloads Involved in Ad Fraud Scheme
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on September 27, 2022 at 12:04 pm

    As many as 75 apps on Google Play and 10 on Apple App Store have been discovered engaging in ad fraud as part of an ongoing campaign that commenced in 2019. The latest iteration, dubbed Scylla by Online fraud-prevention firm HUMAN Security, follows similar attack waves in August 2019 and late 2020 that go by the codename Poseidon and Charybdis, respectively. Prior to their removal from the app

  • Why Continuous Security Testing is a Must for Organizations Today
    by noreply@blogger.com (The Hacker News) (The Hacker News) on September 27, 2022 at 11:39 am

    The global cybersecurity market is flourishing. Experts at Gartner predict that the end-user spending for the information security and risk management market will grow from $172.5 billion in 2022 to $267.3 billion in 2026.  One big area of spending includes the art of putting cybersecurity defenses under pressure, commonly known as security testing. MarketsandMarkets forecasts the global

  • North Korea's Lazarus Hackers Targeting macOS Users Interested in Crypto Jobs
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on September 27, 2022 at 9:46 am

    The infamous Lazarus Group has continued its pattern of leveraging unsolicited job opportunities to deploy malware targeting Apple's macOS operating system. In the latest variant of the campaign observed by cybersecurity company SentinelOne last week, decoy documents advertising positions for the Singapore-based cryptocurrency exchange firm Crypto[.]com have been used to mount the attacks. The

  • Hacker Behind Optus Breach Releases 10,200 Customer Records in Extortion Scheme
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on September 27, 2022 at 6:14 am

    The Australian Federal Police (AFP) on Monday disclosed it's working to gather "crucial evidence" and that it's collaborating with overseas law enforcement authorities following the hack of telecom provider Optus. "Operation Hurricane has been launched to identify the criminals behind the alleged breach and to help shield Australians from identity fraud," the AFP said in a statement. The

  • Researchers Identify 3 Hacktivist Groups Supporting Russian Interests
    by noreply@blogger.com (Ravie Lakshmanan) (The Hacker News) on September 26, 2022 at 2:33 pm

    At least three alleged hacktivist groups working in support of Russian interests are likely doing so in collaboration with state-sponsored cyber threat actors, according to Mandiant. The Google-owned threat intelligence and incident response firm said with moderate confidence that "moderators of the purported hacktivist Telegram channels 'XakNet Team,' 'Infoccentr,' and 'CyberArmyofRussia_Reborn

Big Data and Data Analytics 101 – Top 100 AWS Certified Data Analytics – Specialty Questions and Answers Dumps

AWS Certified Security – Specialty Questions and Answers Dumps

You can translate the content of this page by selecting a language in the select box.

If you’re looking to take your data analytics career to the next level, then this AWS Data Analytics Specialty Certification Exam Preparation blog is a must-read! With over 100 exam questions and answers, plus data science and data analytics interview questions, cheat sheets and more, you’ll be fully prepared to ace the DAS-C01 exam. 

In this blog, we talk about big data and data analytics; we also give you the last updated top 100 AWS Certified Data Analytics – Specialty Questions and Answers Dumps

AWS Data analytics DAS-C01 Exam Prep
AWS Data analytics DAS-C01 Exam Prep

The AWS Certified Data Analytics – Specialty (DAS-C01) examination is intended for individuals who perform in a data analytics-focused role. This exam validates an examinee’s comprehensive understanding of using AWS services to design, build, secure, and maintain analytics solutions that provide insight from data.

Download the App for an interactive experience:

AWS DAS-C01 Exam Prep on iOS

AWS DAS-C01 Exam Prep on android

AWS DAS-C01 Exam Prep on Windows

The AWS Certified Data Analytics – Specialty (DAS-C01) covers the following domains:

Domain 1: Collection 18%

Domain 2: Storage and Data Management 22%

Domain 3: Processing 24%

Domain 4: Analysis and Visualization 18%

Domain 5: Security 18%

If you are looking for an all-in-one solution to help you prepare for the AWS Cloud Practitioner Certification Exam, look no further than this AWS Cloud Practitioner CCP CLFC01 book below.


data analytics specialty
data analytics specialty

Below are the Top 100 AWS Certified Data Analytics – Specialty Questions and Answers Dumps and References

http://enoumen.com/2021/11/07/top-100-data-science-and-data-analytics-interview-questions-and-answers/

 
 

Question1: What combination of services do you need for the following requirements: accelerate petabyte-scale data transfers, load streaming data, and the ability to create scalable, private connections. Select the correct answer order.

A) Snowball, Kinesis Firehose, Direct Connect

Invest in your future today by enrolling in this Azure Fundamentals - Microsoft Azure Certification and Training ebook below. This Azure Fundamentals Exam Prep Book will prepare you for the Azure Fundamentals AZ900 Certification Exam.


B) Data Migration Services, Kinesis Firehose, Direct Connect

C) Snowball, Data Migration Services, Direct Connect

D) Snowball, Direct Connection, Kinesis Firehose

ANSWER1:

A

Notes/Hint1:

AWS has many options to help get data into the cloud, including secure devices like AWS Import/Export Snowball to accelerate petabyte-scale data transfers, Amazon Kinesis Firehose to load streaming data, and scalable private connections through AWS Direct Connect.

Reference1: Big Data Analytics Options 

AWS Data Analytics Specialty Certification Exam Preparation App is a great way to prepare for your upcoming AWS Data Analytics Specialty Certification Exam. The app provides you with over 300 questions and answers, detailed explanations of each answer, a scorecard to track your progress, and a countdown timer to help keep you on track. You can also find data science and data analytics interview questions and detailed answers, cheat sheets, and flashcards to help you study. The app is very similar to the real exam, so you will be well-prepared when it comes time to take the test.

AWS Data analytics DAS-C01 Exam Prep

 


We know you like your hobbies and especially coding, We do too, but you should find time to build the skills that’ll drive your career into Six Figures. Cloud skills and certifications can be just the thing you need to make the move into cloud or to level up and advance your career. 85% of hiring managers say cloud certifications make a candidate more attractive. Start your cloud journey with these excellent books below:

ANSWER2:

C

Notes/Hint2:

Reference1: Relationalize PySpark

 

Question 3: There is a five-day car rally race across Europe. The race coordinators are using a Kinesis stream and IoT sensors to monitor the movement of the cars. Each car has a sensor and data is getting back to the stream with the default stream settings. On the last day of the rally, data is sent to S3. When you go to interpret the data in S3, there is only data for the last day and nothing for the first 4 days. Which of the following is the most probable cause of this?

A) You did not have versioning enabled and would need to create individual buckets to prevent the data from being overwritten.

B) Data records are only accessible for a default of 24 hours from the time they are added to a stream.

C) One of the sensors failed, so there was no data to record.

D) You needed to use EMR to send the data to S3; Kinesis Streams are only compatible with DynamoDB.

ANSWER3:

B

Notes/Hint3: 

Streams support changes to the data record retention period of your stream. An Amazon Kinesis stream is an ordered sequence of data records, meant to be written to and read from in real-time. Data records are therefore stored in shards in your stream temporarily. The period from when a record is added to when it is no longer accessible is called the retention period. An Amazon Kinesis stream stores records for 24 hours by default, up to 168 hours.

Reference3: Kinesis Extended Reading

AWS Data analytics DAS-C01 Exam Prep

 

Question 4:  A publisher website captures user activity and sends clickstream data to Amazon Kinesis Data Streams. The publisher wants to design a cost-effective solution to process the data to create a timeline of user activity within a session. The solution must be able to scale depending on the number of active sessions.
Which solution meets these requirements?

A) Include a variable in the clickstream data from the publisher website to maintain a counter for the number of active user sessions. Use a timestamp for the partition key for the stream. Configure the consumer application to read the data from the stream and change the number of processor threads based upon the counter. Deploy the consumer application on Amazon EC2 instances in an EC2 Auto Scaling group.

B) Include a variable in the clickstream to maintain a counter for each user action during their session. Use the action type as the partition key for the stream. Use the Kinesis Client Library (KCL) in the consumer application to retrieve the data from the stream and perform the processing. Configure the consumer application to read the data from the stream and change the number of processor threads based upon the
counter. Deploy the consumer application on AWS Lambda.

C) Include a session identifier in the clickstream data from the publisher website and use as the partition key for the stream. Use the Kinesis Client Library (KCL) in the consumer application to retrieve the data from the stream and perform the processing. Deploy the consumer application on Amazon EC2 instances in an
EC2 Auto Scaling group. Use an AWS Lambda function to reshard the stream based upon Amazon CloudWatch alarms.

D) Include a variable in the clickstream data from the publisher website to maintain a counter for the number of active user sessions. Use a timestamp for the partition key for the stream. Configure the consumer application to read the data from the stream and change the number of processor threads based upon the counter. Deploy the consumer application on AWS Lambda.

ANSWER4:

C

Notes/Hint4: 

Partitioning by the session ID will allow a single processor to process all the actions for a user session in order. An AWS Lambda function can call the UpdateShardCount API action to change the number of shards in the stream. The KCL will automatically manage the number of processors to match the number of shards. Amazon EC2 Auto Scaling will assure the correct number of instances are running to meet the processing load.

Reference4: UpdateShardCount API

 

Question 5: Your company has two batch processing applications that consume financial data about the day’s stock transactions. Each transaction needs to be stored durably and guarantee that a record of each application is delivered so the audit and billing batch processing applications can process the data. However, the two applications run separately and several hours apart and need access to the same transaction information. After reviewing the transaction information for the day, the information no longer needs to be stored. What is the best way to architect this application?

A) Use SQS for storing the transaction messages; when the billing batch process performs first and consumes the message, write the code in a way that does not remove the message after consumed, so it is available for the audit application several hours later. The audit application can consume the SQS message and remove it from the queue when completed.

B)  Use Kinesis to store the transaction information. The billing application will consume data from the stream and the audit application can consume the same data several hours later.

C) Store the transaction information in a DynamoDB table. The billing application can read the rows while the audit application will read the rows then remove the data.

D) Use SQS for storing the transaction messages. When the billing batch process consumes each message, have the application create an identical message and place it in a different SQS for the audit application to use several hours later.

SQS would make this more difficult because the data does not need to persist after a full day.

ANSWER5:

B

Notes/Hint5: 

Kinesis appears to be the best solution that allows multiple consumers to easily interact with the records.

Reference5: Amazon Kinesis

Get mobile friendly version of the quiz @ the App Store

AWS DAS-C01 Exam Prep on iOS

AWS DAS-C01 Exam Prep on android

AWS DAS-C01 Exam Prep on Windows

Question 6: A company is currently using Amazon DynamoDB as the database for a user support application. The company is developing a new version of the application that will store a PDF file for each support case ranging in size from 1–10 MB. The file should be retrievable whenever the case is accessed in the application.
How can the company store the file in the MOST cost-effective manner?

A) Store the file in Amazon DocumentDB and the document ID as an attribute in the DynamoDB table.

B) Store the file in Amazon S3 and the object key as an attribute in the DynamoDB table.

C) Split the file into smaller parts and store the parts as multiple items in a separate DynamoDB table.

D) Store the file as an attribute in the DynamoDB table using Base64 encoding.

ANSWER6:

B

Notes/Hint6: 

Use Amazon S3 to store large attribute values that cannot fit in an Amazon DynamoDB item. Store each file as an object in Amazon S3 and then store the object path in the DynamoDB item.

Reference6: S3 Storage Cost –  DynamODB Storage Cost

 

Question 7: Your client has a web app that emits multiple events to Amazon Kinesis Streams for reporting purposes. Critical events need to be immediately captured before processing can continue, but informational events do not need to delay processing. What solution should your client use to record these types of events without unnecessarily slowing the application?

A) Log all events using the Kinesis Producer Library.

B) Log critical events using the Kinesis Producer Library, and log informational events using the PutRecords API method.

C) Log critical events using the PutRecords API method, and log informational events using the Kinesis Producer Library.

D) Log all events using the PutRecords API method.

ANSWER2:

C

Notes/Hint7: 

The PutRecords API can be used in code to be synchronous; it will wait for the API request to complete before the application continues. This means you can use it when you need to wait for the critical events to finish logging before continuing. The Kinesis Producer Library is asynchronous and can send many messages without needing to slow down your application. This makes the KPL ideal for the sending of many non-critical alerts asynchronously.

Reference7: PutRecords API

AWS Data analytics DAS-C01 Exam Prep

 

Question 8: You work for a start-up that tracks commercial delivery trucks via GPS. You receive coordinates that are transmitted from each delivery truck once every 6 seconds. You need to process these coordinates in near real-time from multiple sources and load them into Elasticsearch without significant technical overhead to maintain. Which tool should you use to digest the data?

A) Amazon SQS

B) Amazon EMR

C) AWS Data Pipeline

D) Amazon Kinesis Firehose

ANSWER8:

D

Notes/Hint8: 

Amazon Kinesis Firehose is the easiest way to load streaming data into AWS. It can capture, transform, and load streaming data into Amazon S3, Amazon Redshift, and Amazon Elasticsearch Service, enabling near real-time analytics with existing business intelligence tools and dashboards.

Reference8: Amazon Kinesis Firehose

 

Question 9: A company needs to implement a near-real-time fraud prevention feature for its ecommerce site. User and order details need to be delivered to an Amazon SageMaker endpoint to flag suspected fraud. The amount of input data needed for the inference could be as much as 1.5 MB.
Which solution meets the requirements with the LOWEST overall latency?

A) Create an Amazon Managed Streaming for Kafka cluster and ingest the data for each order into a topic. Use a Kafka consumer running on Amazon EC2 instances to read these messages and invoke the Amazon SageMaker endpoint.

B) Create an Amazon Kinesis Data Streams stream and ingest the data for each order into the stream. Create an AWS Lambda function to read these messages and invoke the Amazon SageMaker endpoint.

C) Create an Amazon Kinesis Data Firehose delivery stream and ingest the data for each order into the stream. Configure Kinesis Data Firehose to deliver the data to an Amazon S3 bucket. Trigger an AWS Lambda function with an S3 event notification to read the data and invoke the Amazon SageMaker endpoint.

D) Create an Amazon SNS topic and publish the data for each order to the topic. Subscribe the Amazon SageMaker endpoint to the SNS topic.


ANSWER9:

A

Notes/Hint9: 

An Amazon Managed Streaming for Kafka cluster can be used to deliver the messages with very low latency. It has a configurable message size that can handle the 1.5 MB payload.

Reference9: Amazon Managed Streaming for Kafka cluster

 

Question 10: You need to filter and transform incoming messages coming from a smart sensor you have connected with AWS. Once messages are received, you need to store them as time series data in DynamoDB. Which AWS service can you use?

A) IoT Device Shadow Service

B) Redshift

C) Kinesis

D) IoT Rules Engine

ANSWER10:

D

Notes/Hint10: 

The IoT rules engine will allow you to send sensor data over to AWS services like DynamoDB

Reference10: The IoT rules engine

Get mobile friendly version of the quiz @ the App Store

Question 11: A media company is migrating its on-premises legacy Hadoop cluster with its associated data processing scripts and workflow to an Amazon EMR environment running the latest Hadoop release. The developers want to reuse the Java code that was written for data processing jobs for the on-premises cluster.
Which approach meets these requirements?

A) Deploy the existing Oracle Java Archive as a custom bootstrap action and run the job on the EMR cluster.

B) Compile the Java program for the desired Hadoop version and run it using a CUSTOM_JAR step on the EMR cluster.

C) Submit the Java program as an Apache Hive or Apache Spark step for the EMR cluster.

D) Use SSH to connect the master node of the EMR cluster and submit the Java program using the AWS CLI.


ANSWER11:

B

Notes/Hint11: 

A CUSTOM JAR step can be configured to download a JAR file from an Amazon S3 bucket and execute it. Since the Hadoop versions are different, the Java application has to be recompiled.

Reference11:  Automating analytics workflows on EMR

Question 12: You currently have databases running on-site and in another data center off-site. What service allows you to consolidate to one database in Amazon?

A) AWS Kinesis

B) AWS Database Migration Service

C) AWS Data Pipeline

D) AWS RDS Aurora

ANSWER12:

B

Notes/Hint12: 

AWS Database Migration Service can migrate your data to and from most of the widely used commercial and open source databases. It supports homogeneous migrations such as Oracle to Oracle, as well as heterogeneous migrations between different database platforms, such as Oracle to Amazon Aurora. Migrations can be from on-premises databases to Amazon RDS or Amazon EC2, databases running on EC2 to RDS, or vice versa, as well as from one RDS database to another RDS database.

Reference12: DMS

 

 

Question 13:  An online retail company wants to perform analytics on data in large Amazon S3 objects using Amazon EMR. An Apache Spark job repeatedly queries the same data to populate an analytics dashboard. The analytics team wants to minimize the time to load the data and create the dashboard.
Which approaches could improve the performance? (Select TWO.)


A) Copy the source data into Amazon Redshift and rewrite the Apache Spark code to create analytical reports by querying Amazon Redshift.

B) Copy the source data from Amazon S3 into Hadoop Distributed File System (HDFS) using s3distcp.

C) Load the data into Spark DataFrames.

D) Stream the data into Amazon Kinesis and use the Kinesis Connector Library (KCL) in multiple Spark jobs to perform analytical jobs.

E) Use Amazon S3 Select to retrieve the data necessary for the dashboards from the S3 objects.

ANSWER13:

C and E

Notes/Hint13: 

One of the speed advantages of Apache Spark comes from loading data into immutable dataframes, which can be accessed repeatedly in memory. Spark DataFrames organizes distributed data into columns. This makes summaries and aggregates much quicker to calculate. Also, instead of loading an entire large Amazon S3 object, load only what is needed using Amazon S3 Select. Keeping the data in Amazon S3 avoids loading the large dataset into HDFS.

Reference13: Spark DataFrames 

 

Question 14: You have been hired as a consultant to provide a solution to integrate a client’s on-premises data center to AWS. The customer requires a 300 Mbps dedicated, private connection to their VPC. Which AWS tool do you need?

A) VPC peering

B) Data Pipeline

C) Direct Connect

D) EMR

ANSWER14:

C

Notes/Hint14: 

Direct Connect will provide a dedicated and private connection to an AWS VPC.

Reference14: Direct Connect

AWS Data analytics DAS-C01 Exam Prep

 

Question 15: Your organization has a variety of different services deployed on EC2 and needs to efficiently send application logs over to a central system for processing and analysis. They’ve determined it is best to use a managed AWS service to transfer their data from the EC2 instances into Amazon S3 and they’ve decided to use a solution that will do what?

A) Installs the AWS Direct Connect client on all EC2 instances and uses it to stream the data directly to S3.

B) Leverages the Kinesis Agent to send data to Kinesis Data Streams and output that data in S3.

C) Ingests the data directly from S3 by configuring regular Amazon Snowball transactions.

D) Leverages the Kinesis Agent to send data to Kinesis Firehose and output that data in S3.

ANSWER15:

D

Notes/Hint15: 

Kinesis Firehose is a managed solution, and log files can be sent from EC2 to Firehose to S3 using the Kinesis agent.

Reference15: Kinesis Firehose

 

Question 16: A data engineer needs to create a dashboard to display social media trends during the last hour of a large company event. The dashboard needs to display the associated metrics with a latency of less than 1 minute.
Which solution meets these requirements?

A) Publish the raw social media data to an Amazon Kinesis Data Firehose delivery stream. Use Kinesis Data Analytics for SQL Applications to perform a sliding window analysis to compute the metrics and output the results to a Kinesis Data Streams data stream. Configure an AWS Lambda function to save the stream data to an Amazon DynamoDB table. Deploy a real-time dashboard hosted in an Amazon S3 bucket to read and display the metrics data stored in the DynamoDB table.

B) Publish the raw social media data to an Amazon Kinesis Data Firehose delivery stream. Configure the stream to deliver the data to an Amazon Elasticsearch Service cluster with a buffer interval of 0 seconds. Use Kibana to perform the analysis and display the results.

C) Publish the raw social media data to an Amazon Kinesis Data Streams data stream. Configure an AWS Lambda function to compute the metrics on the stream data and save the results in an Amazon S3 bucket. Configure a dashboard in Amazon QuickSight to query the data using Amazon Athena and display the results.

D) Publish the raw social media data to an Amazon SNS topic. Subscribe an Amazon SQS queue to the topic. Configure Amazon EC2 instances as workers to poll the queue, compute the metrics, and save the results to an Amazon Aurora MySQL database. Configure a dashboard in Amazon QuickSight to query the data in Aurora and display the results.


ANSWER16:

A

Notes/Hint16: 

Amazon Kinesis Data Analytics can query data in a Kinesis Data Firehose delivery stream in near-real time using SQL. A sliding window analysis is appropriate for determining trends in the stream. Amazon S3 can host a static webpage that includes JavaScript that reads the data in Amazon DynamoDB and refreshes the dashboard.

Reference16: Amazon Kinesis Data Analytics can query data in a Kinesis Data Firehose delivery stream in near-real time using SQL

 

Question 17: A real estate company is receiving new property listing data from its agents through .csv files every day and storing these files in Amazon S3. The data analytics team created an Amazon QuickSight visualization report that uses a dataset imported from the S3 files. The data analytics team wants the visualization report to reflect the current data up to the previous day. How can a data analyst meet these requirements?

A) Schedule an AWS Lambda function to drop and re-create the dataset daily.

B) Configure the visualization to query the data in Amazon S3 directly without loading the data into SPICE.

C) Schedule the dataset to refresh daily.

D) Close and open the Amazon QuickSight visualization.

ANSWER17:

B

Notes/Hint17:

Datasets created using Amazon S3 as the data source are automatically imported into SPICE. The Amazon QuickSight console allows for the refresh of SPICE data on a schedule.

Reference17: Amazon QuickSight and SPICE

AWS Data analytics DAS-C01 Exam Prep

Question 18: You need to migrate data to AWS. It is estimated that the data transfer will take over a month via the current AWS Direct Connect connection your company has set up. Which AWS tool should you use?

A) Establish additional Direct Connect connections.

B) Use Data Pipeline to migrate the data in bulk to S3.

C) Use Kinesis Firehose to stream all new and existing data into S3.

D) Snowball

ANSWER18:

D

Notes/Hint18:

As a general rule, if it takes more than one week to upload your data to AWS using the spare capacity of your existing Internet connection, then you should consider using Snowball. For example, if you have a 100 Mb connection that you can solely dedicate to transferring your data and need to transfer 100 TB of data, it takes more than 100 days to complete a data transfer over that connection. You can make the same transfer by using multiple Snowballs in about a week.

Reference18: Snowball

 

Question 19: You currently have an on-premises Oracle database and have decided to leverage AWS and use Aurora. You need to do this as quickly as possible. How do you achieve this?

A) It is not possible to migrate an on-premises database to AWS at this time.

B) Use AWS Data Pipeline to create a target database, migrate the database schema, set up the data replication process, initiate the full load and a subsequent change data capture and apply, and conclude with a switchover of your production environment to the new database once the target database is caught up with the source database.

C) Use AWS Database Migration Services and create a target database, migrate the database schema, set up the data replication process, initiate the full load and a subsequent change data capture and apply, and conclude with a switch-over of your production environment to the new database once the target database is caught up with the source database.

D) Use AWS Glue to crawl the on-premises database schemas and then migrate them into AWS with Data Pipeline jobs.

https://aws.amazon.com/dms/faqs/

ANSWER19:

C

Notes/Hint19: 

DMS can efficiently support this sort of migration using the steps outlined. While AWS Glue can help you crawl schemas and store metadata on them inside of Glue for later use, it isn’t the best tool for actually transitioning a database over to AWS itself. Similarly, while Data Pipeline is great for ETL and ELT jobs, it isn’t the best option to migrate a database over to AWS.

Reference19: DMS

 

Question 20: A financial company uses Amazon EMR for its analytics workloads. During the company’s annual security audit, the security team determined that none of the EMR clusters’ root volumes are encrypted. The security team recommends the company encrypt its EMR clusters’ root volume as soon as possible.
Which solution would meet these requirements?

A) Enable at-rest encryption for EMR File System (EMRFS) data in Amazon S3 in a security configuration. Re-create the cluster using the newly created security configuration.

B) Specify local disk encryption in a security configuration. Re-create the cluster using the newly created security configuration.

C) Detach the Amazon EBS volumes from the master node. Encrypt the EBS volume and attach it back to the master node.

D) Re-create the EMR cluster with LZO encryption enabled on all volumes.

ANSWER20:

B

Notes/Hint20: 

Local disk encryption can be enabled as part of a security configuration to encrypt root and storage volumes.

Reference20: EMR Cluster Local disk encryption

Question 21: A company has a clickstream analytics solution using Amazon Elasticsearch Service. The solution ingests 2 TB of data from Amazon Kinesis Data Firehose and stores the latest data collected within 24 hours in an Amazon ES cluster. The cluster is running on a single index that has 12 data nodes and 3 dedicated master nodes. The cluster is configured with 3,000 shards and each node has 3 TB of EBS storage attached. The Data Analyst noticed that the query performance of Elasticsearch is sluggish, and some intermittent errors are produced by the Kinesis Data Firehose when it tries to write to the index. Upon further investigation, there were occasional JVMMemoryPressure errors found in Amazon ES logs.

What should be done to improve the performance of the Amazon Elasticsearch Service cluster?

A) Improve the cluster performance by increasing the number of master nodes of Amazon Elasticsearch.
 
B) Improve the cluster performance by increasing the number of shards of the Amazon Elasticsearch index.
       
C) Improve the cluster performance by decreasing the number of data nodes of Amazon Elasticsearch.
 
D) Improve the cluster performance by decreasing the number of shards of the Amazon Elasticsearch index.
 
ANSWER21:
D
 
Notes/Hint21:
“Amazon Elasticsearch Service (Amazon ES) is a managed service that makes it easy to deploy, operate, and scale Elasticsearch clusters in AWS Cloud. Elasticsearch is a popular open-source search and analytics engine for use cases such as log analytics, real-time application monitoring, and clickstream analysis. With Amazon ES, you get direct access to the Elasticsearch APIs; existing code and applications work seamlessly with the service.
 
Each Elasticsearch index is split into some number of shards. You should decide the shard count before indexing your first document. The overarching goal of choosing a number of shards is to distribute an index evenly across all data nodes in the cluster. However, these shards shouldn’t be too large or too numerous.
 
A good rule of thumb is to try to keep a shard size between 10 – 50 GiB. Large shards can make it difficult for Elasticsearch to recover from failure, but because each shard uses some amount of CPU and memory, having too many small shards can cause performance issues and out of memory errors. In other words, shards should be small enough that the underlying Amazon ES instance can handle them, but not so small that they place needless strain on the hardware. Therefore the correct answer is: Improve the cluster performance by decreasing the number of shards of Amazon Elasticsearch index.
 
Reference:  ElasticsSearch
 

Question 22: A data lake is a central repository that enables which operation?

 
A) Store unstructured data from a single data source
 
B) Store structured data from any data source
 
C)  Store structure and unstructured data from any source
 
D) Store structured and unstructured data from a single source
 
ANSWER22:
C
 
Notes/Hint22:
Data lake is a centralized repository for large amounts of structured and unstructured data to enable direct analytics.
 
 
Reference: Data Lakes
 
 

Question 23: What is the most cost-effective storage option for your data lake?

 
A) Amazon EBS
 
B) Amazon S3
 
C) Amazon RDS
 
D) Amazon Redshift
 
ANSWER23:
B
 
 
Notes/Hint23:
Amazon S3
 
 

Question 24: Which services are used in the processing layer of a data lake architecture? (SELECT TWO)

 
A. AWS Snowball
 
B. AWS Glue
 
C. Amazon EMR
 
D. Amazon QuickSight
 
ANSWER24:
B and C
 
 
Notes/Hint24:
Amazon Glue and Amazon EMR
 

Question 25: Which services can be used for data ingestion into your data lake? (SELECT TWO)

A) Amazon Kinesis Data Firehose

B) Amazon QuickSight

C) Amazon Athena

D) AWS Storage Gateway

ANSWER25:
A and D
 
 
Notes/Hint25:
Amazon Kinesis Data Firehose and  and Amazon Storage Gateway
 
Reference: Data Lakes
 

Question 26: Which service uses continuous data replication with high availability to consolidate databases into a petabyte-scale data warehouse by streaming data to amazon Redshift and Amazon S3?

A) AWS Storage Gateway

B) AWS Schema Conversion Tool

C) AWS Database Migration Service

D) Amazon Kinesis Data Firehose

ANSWER26:
C
 
 
Notes/Hint26:
AWS Database Migration Service
 
Reference: Data Lakes
 

Question 27: What is the AWS Glue Data Catalog?

A) A fully managed ETL (extract, transform, and load) pipeline service

B) A service to schedule jobs

C) A visual data preparation tool

D) An index to the location, schema, and runtime metrics of your data

ANSWER27:
D
 
 
Notes/Hint27:
An index to the location, schema, and runtime metrics of your data
 
Reference: Data Lakes
 

Questions 28: What AWS Glue feature “catalogs” your data?

A) AWS Glue crawler

B) AWS Glue DataBrew

C) AWS Glue Studio

D) AWS Glue Elastic Views

ANSWER28:
A
 
 
Notes/Hint28:
AWS Glue crawler
 
Reference: Data Lakes
 

Question 29: During your data preparation stage, the raw data has been enriched to support additional insights. You need to improve query performance and reduce costs of the final analytics solution.

Which data formats meet these requirements (SELECT TWO)

ANSWER29:
C and D
 
 
Notes/Hint29:
Apache Parquet and Apache ORC
Reference: Data Lakes
 

Question 30: Your small start-uo company is developing a data analytics solution. You need to clean and normalize large datasets, but you do not have developers with the skill set to write custom scripts. Which tool will help efficiently design and run the data preparation activities?

ANSWER30:
B
 
 
Notes/Hint30:
AWS Glue DataBrew
To be able to run analytics, build reports, or apply machine learning, you need to be sure the data you’re using is clean and in the right format. This data preparation step requires data analysts and data scientists to write custom code and perform many manual activities. When cleaning and normalizing data, it is helpful to first review the dataset to understand which possible values are present. Simple visualizations are helpful for determining whether correlations exist between the columns.
 
AWS Glue DataBrew is a visual data preparation tool that helps you clean and normalize data up to 80% faster so you can focus more on the business value you can get. DataBrew provides a visual interface that quickly connects to your data stored in Amazon S3, Amazon Redshift, Amazon Relational Database Service (RDS), any JDBC-accessible data store, or data indexed by the AWS Glue Data Catalog. You can then explore the data, look for patterns, and apply transformations. For example, you can apply joins and pivots, merge different datasets, or use functions to manipulate data.
Reference: Data Lakes
 

Question 30: In which scenario would you use AWS Glue jobs?

A) Analyze data in real-time as data comes into the data lake

B) Transform data in real-time as data comes into the data lake

C) Analyze data in batches on schedule or on demand

D) Transform data in batches on schedule or on demand.

ANSWER30:
D
 
 
Notes/Hint30:
An AWS Glue job encapsulates a script that connects to your source data, processes it, and then writes it out to your data target. Typically, a job runs extract, transform, and load (ETL) scripts. Jobs can also run general-purpose Python scripts (Python shell jobs.) AWS Glue triggers can start jobs based on a schedule or event, or on demand. You can monitor job runs to understand runtime metrics such as completion status, duration, and start tim

Question 31: Your data resides in multiple data stores, including Amazon S3, Amazon RDS, and Amazon DynamoDB. You need to efficiently query the combined datasets.

Which tool can achieve this, using a single query, without moving data?

A) Amazon Athena Federated Query

B) Amazon Redshift Query Editor

C) SQl Workbench

D) AWS Glue DataBrew

ANSWER31:
A
 
 
Notes/Hint31:
With Amazon Athena Federated Query, you can run SQL queries across a variety of relational, non-relational, and custom data sources. You get a unified way to run SQL queries across various data stores. 
 
Athena uses data source connectors that run on AWS Lambda to run federated queries. A data source connector is a piece of code that can translate between your target data source and Athena. You can think of a connector as an extension of Athena’s query engine. Pre-built Athena data source connectors exist for data sources like Amazon CloudWatch Logs, Amazon DynamoDB, Amazon DocumentDB, Amazon RDS, and JDBC-compliant relational data sources such MySQL and PostgreSQL under the Apache 2.0 license. You can also use the Athena Query Federation SDK to write custom connectors. To choose, configure, and deploy a data source connector to your account, you can use the Athena and Lambda consoles or the AWS Serverless Application Repository. After you deploy data source connectors, the connector is associated with a catalog that you can specify in SQL queries. You can combine SQL statements from multiple catalogs and span multiple data sources with a single query.
 

Question 32: Which benefit do you achieve by using AWS Lake Formation to build data lakes?

A) Build data lakes quickly

B) Simplify security management

C) Provide self-service access to data

D) All of the above

ANSWER32:
D
 
 
Notes/Hint32:
Build data lakes quickly
With Lake Formation, you can move, store, catalog, and clean your data faster. You simply point Lake Formation at your data sources, and Lake Formation crawls those sources and moves the data into your new Amazon S3 data lake. Lake Formation organizes data in S3 around frequently used query terms and into right-sized chunks to increase efficiency. Lake Formation also changes data into formats like Apache Parquet and ORC for faster analytics. In addition, Lake Formation has built-in machine learning to deduplicate and find matching records (two entries that refer to the same thing) to increase data quality.
 
Simplify security management
You can use Lake Formation to centrally define security, governance, and auditing policies in one place, versus doing these tasks per service. You can then enforce those policies for your users across their analytics applications. Your policies are consistently implemented, eliminating the need to manually configure them across security services like AWS Identity and Access Management (AWS IAM) and AWS Key Management Service (AWS KMS), storage services like Amazon S3, and analytics and machine learning services like Amazon Redshift, Amazon Athena, and (in beta) Amazon EMR for Apache Spark. This reduces the effort in configuring policies across services and provides consistent enforcement and compliance.
 
Provide self-service access to data
With Lake Formation, you build a data catalog that describes the different available datasets along with which groups of users have access to each. This makes your users more productive by helping them find the right dataset to analyze. By providing a catalog of your data with consistent security enforcement, Lake Formation makes it easier for your analysts and data scientists to use their preferred analytics service. They can use Amazon EMR for Apache Spark (in beta), Amazon Redshift, or Amazon Athena on diverse datasets that are now housed in a single data lake. Users can also combine these services without having to move data between silos.
 
 

Question 33: What are the three stages to set up a data lake using AWS Lake Formation? (SELECT THREE)

A) Register the storage location
B) Create a database
C) Populate the database
D) Grant permissions
 
ANSWER33:
A B and D
 
 
Notes/Hint33:
Register the storage location
Lake Formation manages access to designated storage locations within Amazon S3. Register the storage locations that you want to be part of the data lake.
 
Create a database
Lake Formation organizes data into a catalog of logical databases and tables. Create one or more databases and then automatically generate tables during data ingestion for common workflows.
 
Grant permissions
Lake Formation manages access for IAM users, roles, and Active Directory users and groups via flexible database, table, and column permissions. Grant permissions to one or more resources for your selected users.
 
 
 
Question 34: Which of the following AWS Lake Formation tasks are performed by the AWS Glue service? (SELECT THREE)
 
A) ETL code creation and job monitoring
B) Blueprints to create workflows
C) Data catalog and serverless architecture
D) Simplify securty management
 
ANSWER34:
A B and C
 
 
Notes/Hint34:
Lake Formation leverages a shared infrastructure with AWS Glue, including console controls, ETL code creation and job monitoring, blueprints to create workflows for data ingest, the same data catalog, and a serverless architecture. While AWS Glue focuses on these types of functions, Lake Formation encompasses all AWS Glue features AND provides additional capabilities designed to help build, secure, and manage a data lake. See the AWS Glue features page for more de
 
 

Question 35:  A digital media customer needs to quickly build a data lake solution for the data housed in a PostgreSQL database. As a solutions architect, what service and feature would meet this requirement?

 
A) Copy PostgreSQL data to an Amazon S3 bucket and build a data lake using AWS Lake Formation
B) Use AWS Lake Formation blueprints
C) Build a data lake manually
D) Build an analytics solution by directly accessing the database.
 
ANSWER35:
B
 
 
Notes/Hint35:
A blueprint is a data management template that enables you to easily ingest data into a data lake. Lake Formation provides several blueprints, each for a predefined source type, such as a relational database or AWS CloudTrail logs. From a blueprint, you can create a workflow. Workflows consist of AWS Glue crawlers, jobs, and triggers that are generated to orchestrate the loading and update of data. Blueprints take the data source, data target, and schedule as input to configure the workflow.
 

Question 36: AWS Lake Formation has a set of suggested personas and IAM permissions. Which is a required persona?

 
A) Data lake administrator
B) Data engineer
C) Data analyst
D) Business analyst
 
ANSWER36:
A
 
 
Notes/Hint36:
Data lake administrator (Required)
A user who can register Amazon S3 locations, access the Data Catalog, create databases, create and run workflows, grant Lake Formation permissions to other users, and view AWS CloudTrail logs. The user has fewer IAM permissions than the IAM administrator but enough to administer the data lake. Cannot add other data lake administrators.
 
Data engineer (Optional) A user who can create and run crawlers and workflows and grant Lake Formation permissions on the Data Catalog tables that the crawlers and workflows create.
 
Data analyst (Optional) A user who can run queries against the data lake using, for example, Amazon Athena. The user has only enough permissions to run queries.
 
Business analyst (Optional) Generally, an end-user application specific persona that would query data and resource using a workflow role.
 
 

Question 37: Which three types of blueprints does AWS Lake Formation support? (SELECT THREE)

 
A) ETL code creation and job monitoring
B) Database snapshot
C) Incremental database
D) Log file sources (AWS CloudTrail, ELB/ALB logs)
 
ANSWER37:
B C and D
 
 
Notes/Hint37:
AWS Lake Formation blueprints simplify and automate creating workflows. Lake Formation provides the following types of blueprints:
• Database snapshot – Loads or reloads data from all tables into the data lake from a JDBC source. You can exclude some data from the source based on an exclude pattern.
 
• Incremental database – Loads only new data into the data lake from a JDBC source, based on previously set bookmarks. You specify the individual tables in the JDBC source database to include. For each table, you choose the bookmark columns and bookmark sort order to keep track of data that has previously been loaded. The first time that you run an incremental database blueprint against a set of tables, the workflow loads all data from the tables and sets bookmarks for the next incremental database blueprint run. You can therefore use an incremental database blueprint instead of the database snapshot blueprint to load all data, provided that you specify each table in the data source as a paramete
 
• Log file – Bulk loads data from log file sources, including AWS CloudTrail, Elastic Load Balancing logs, and Application Load Balancer logs.
 

Question 38: Which one of the following is the best description of the capabilities of Amazon QuickSight?

 
A) Automated configuration service build on AWS Glue
B) Fast, serverless, business intelligence service
C) Fast, simple, cost-effective data warehousing
D) Simple, scalable, and serverless data integration
 
ANSWER38:
B C and D
 
 
Notes/Hint38:
B. Scalable, serverless business intelligence service is the correct choice.
See the brief descriptions of several AWS Analytics services below:
AWS Lake Formation Build a secure data lake in days using Glue blueprints and workflows
 
Amazon QuickSight Scalable, serverless, embeddable, ML-powered BI Service built for the cloud
 
Amazon Redshift Analyze all of your data with the fastest and most widely used cloud data warehouse
 
AWS Glue Simple, scalable, and serverless data integration

Djamga Data Sciences Big Data – Data Analytics Youtube Playlist

2- Prepare for Your AWS Certification Exam

3- LinuxAcademy

Big Data – Data Analytics Jobs:

 

Big Data – Data Analytics – Data Sciences Latest News:

DATA ANALYTICS Q&A:

 
 

[/bg_collapse]

Clever Questions, Answers, Resources about:

  • Data Sciences
  • Big Data
  • Data Analytics
  • Data Sciences
  • Databases
  • Data Streams
  • Large DataSets

What Is a Data Scientist?

Data Scientist (n.): Person who is better at statistics than any software engineer and better at software engineering than any statistician. – Josh Wills

Data scientists apply sophisticated quantitative and computer science skills to both structure and analyze massive stores or continuous streams of unstructured data, with the intent to derive insights and prescribe action. – Burtch Works Data Science Salary Survey, May 2018

More than anything, what data scientists do is make discoveries while swimming in data… In a competitive landscape where challenges keep changing and data never stop flowing, data scientists help decision makers shift from ad hoc analysis to an ongoing conversation with data. – Data Scientist: The Sexiest Job of the 21st Century, Harvard Business Review

Do All Data Scientists Hold Graduate Degrees?

Data scientists are highly educated. With exceedingly rare exception, every data scientist holds at least an undergraduate degree. 91% of data scientists in 2018 held advanced degrees. The remaining 9% all held undergraduate degrees. Furthermore,

  • 25% of data scientists hold a degree in statistics or mathematics,
  • 20% have a computer science degree,
  • an additional 20% hold a degree in the natural sciences, and
  • 18% hold an engineering degree.

The remaining 17% of surveyed data scientists held degrees in business, social science, or economics.

How Are Data Scientists Different From Data Analysts?

Broadly speaking, the roles differ in scope: data analysts build reports with narrow, well-defined KPIs. Data scientists often to work on broader business problems without clear solutions. Data scientists live on the edge of the known and unknown.

We’ll leave you with a concrete example: A data analyst cares about profit margins. A data scientist at the same company cares about market share.

How Is Data Science Used in Medicine?

Data science in healthcare best translates to biostatistics. It can be quite different from data science in other industries as it usually focuses on small samples with several confounding variables.

How Is Data Science Used in Manufacturing?

Data science in manufacturing is vast; it includes everything from supply chain optimization to the assembly line.

What are data scientists paid?

Most people are attracted to data science for the salary. It’s true that data scientists garner high salaries compares to their peers. There is data to support this: The May 2018 edition of the BurtchWorks Data Science Salary Survey, annual salary statistics were

Note the above numbers do not reflect total compensation which often includes standard benefits and may include company ownership at high levels.

How will data science evolve in the next 5 years?

Will AI replace data scientists?

What is the workday like for a data scientist?

It’s common for data scientists across the US to work 40 hours weekly. While company culture does dictate different levels of work life balance, it’s rare to see data scientists who work more than they want. That’s the virtue of being an expensive resource in a competitive job market.

How do I become a Data Scientist?

The roadmap given to aspiring data scientists can be boiled down to three steps:

  1. Earning an undergraduate and/or advanced degree in computer science, statistics, or mathematics,
  2. Building their portfolio of SQL, Python, and R skills, and
  3. Getting related work experience through technical internships.

All three require a significant time and financial commitment.

There used to be a saying around datascience: The road into a data science starts with two years of university-level math.

What Should I Learn? What Order Do I Learn Them?

This answer assumes your academic background ends with a HS diploma in the US.

  1. Python
  2. Differential Calculus
  3. Integral Calculus
  4. Multivariable Calculus
  5. Linear Algebra
  6. Probability
  7. Statistics

Some follow up questions and answers:

Why Python first?

  • Python is a general purpose language. R is used primarily by statisticians. In the likely scenario that you decide data science requires too much time, effort, and money, Python will be more valuable than your R skills. It’s preparing you to fail, sure, but in the same way a savings account is preparing you to fail.

When do I start working with data?

  • You’ll start working with data when you’ve learned enough Python to do so. Whether you’ll have the tools to have any fun is a much more open-ended question.

How long will this take me?

  • Assuming self-study and average intelligence, 3-5 years from start to finish.

How Do I Learn Python?

If you don’t know the first thing about programming, start with MIT’s course in the curated list.

These modules are the standard tools for data analysis in Python:

Curated Threads & Resources

  1. MIT’s Introduction to Computer Science and Programming in Python A free, archived course taught at MIT in the fall 2016 semester.
  2. Data Scientist with Python Career Track | DataCamp The first courses are free, but unlimited access costs $29/month. Users usually report a positive experience, and it’s one of the better hands-on ways to learn Python.
  3. Sentdex’s (Harrison Kinsley) Youtube Channel Related to Python Programming Tutorials
  4. /r/learnpython is an active sub and very useful for learning the basics.

How Do I Learn R?

If you don’t know the first thing about programming, start with R for Data Science in the curated list.

These modules are the standard tools for data analysis in Python:

Curated Threads & Resources

  1. R for Data Science by Hadley WickhamA free ebook full of succinct code examples. Terrific for learning tidyverse syntax.Folks with some math background may prefer the free alternative, Introduction to Statistical Learning.
  2. Data Scientist with R Career Track | DataCamp The first courses are free, but unlimited access costs $29/month. Users usually report a positive experience, and it’s one of the few hands-on ways to learn R.
  3. R Inferno Learners with a CS background will appreciate this free handbook explaining how and why R behaves the way that it does.

How Do I Learn SQL?

Prioritize the basics of SQL. i.e. when to use functions like POW, SUM, RANK; the computational complexity of the different kinds of joins.

Concepts like relational algebra, when to use clustered/non-clustered indexes, etc. are useful, but (almost) never come up in interviews.

You absolutely do not need to understand administrative concepts like managing permissions.

Finally, there are numerous query engines and therefore numerous dialects of SQL. Use whichever dialect is supported in your chosen resource. There’s not much difference between them, so it’s easy to learn another dialect after you’ve learned one.

Curated Threads & Resources

  1. The SQL Tutorial for Data Analysis | Mode.com
  2. Introduction to Databases A Free MOOC supported by Stanford University.
  3. SQL Queries for Mere MortalsA $30 book highly recommended by /u/karmanujan

How Do I Learn Calculus?

Fortunately (or unfortunately), calculus is the lament of many students, and so resources for it are plentiful. Khan Academy mimics lectures very well, and Paul’s Online Math Notes are a terrific reference full of practice problems and solutions.

Calculus, however, is not just calculus. For those unfamiliar with US terminology,

  • Calculus I is differential calculus.
  • Calculus II is integral calculus.
  • Calculus III is multivariable calculus.
  • Calculus IV is differential equations.

Differential and integral calculus are both necessary for probability and statistics, and should be completed first.

Multivariable calculus can be paired with linear algebra, but is also required.

Differential equations is where consensus falls apart. The short it is, they’re all but necessary for mathematical modeling, but not everyone does mathematical modeling. It’s another tool in the toolbox.

Curated Threads & Resources about Data Science and Data Analytics

How Do I Learn Probability?

Probability is not friendly to beginners. Definitions are rooted in higher mathematics, notation varies from source to source, and solutions are frequently unintuitive. Probability may present the biggest barrier to entry in data science.

It’s best to pick a single primary source and a community for help. If you can spend the money, register for a university or community college course and attend in person.

The best free resource is MIT’s 18.05 Introduction to Probability and Statistics (Spring 2014). Leverage /r/learnmath, /r/learnmachinelearning, and /r/AskStatistics when you get inevitably stuck.

How Do I Learn Linear Algebra?

Curated Threads & Resources https://www.youtube.com/watch?v=fNk_zzaMoSs&index=1&list=PLZHQObOWTQDPD3MizzM2xVFitgF8hE_ab

What does the typical data science interview process look like?

For general advice, Mastering the DS Interview Loop is a terrific article. The community discussed the article here.

Briefly summarized, most companies follow a five stage process:

  1. Coding Challenge: Most common at software companies and roles contributing to a digital product.
  2. HR Screen
  3. Technical Screen: Often in the form of a project. Less frequently, it takes the form of a whiteboarding session at the onsite.
  4. Onsite: Usually the project from the technical screen is presented here, followed by a meeting with the director overseeing the team you’ll join.
  5. Negotiation & Offer

Preparation:

  1. Practice questions on Leetcode which has both SQL and traditional data structures/algorithm questions
  2. Review Brilliant for math and statistics questions.
  3. SQL Zoo and Mode Analytics both offer various SQL exercises you can solve in your browser.

Tips:

  1. Before you start coding, read through all the questions. This allows your unconscious mind to start working on problems in the background.
  2. Start with the hardest problem first, when you hit a snag, move to the simpler problem before returning to the harder one.
  3. Focus on passing all the test cases first, then worry about improving complexity and readability.
  4. If you’re done and have a few minutes left, go get a drink and try to clear your head. Read through your solutions one last time, then submit.
  5. It’s okay to not finish a coding challenge. Sometimes companies will create unreasonably tedious coding challenges with one-week time limits that require 5–10 hours to complete. Unless you’re desperate, you can always walk away and spend your time preparing for the next interview.

Remember, interviewing is a skill that can be learned, just like anything else. Hopefully, this article has given you some insight on what to expect in a data science interview loop.

The process also isn’t perfect and there will be times that you fail to impress an interviewer because you don’t possess some obscure piece of knowledge. However, with repeated persistence and adequate preparation, you’ll be able to land a data science job in no time!

What does the Airbnb data science interview process look like? [Coming soon]

What does the Facebook data science interview process look like? [Coming soon]

What does the Uber data science interview process look like? [Coming soon]

What does the Microsoft data science interview process look like? [Coming soon]

What does the Google data science interview process look like? [Coming soon]

What does the Netflix data science interview process look like? [Coming soon]

What does the Apple data science interview process look like? [Coming soon]

Question: How is SQL used in real data science jobs?

Real life enterprise databases are orders of magnitude more complex than the “customers, products, orders” examples used as teaching tools. SQL as a language is actually, IMO, a relatively simple language (the db administration component can get complex, but mostly data scientists aren’t doing that anyways). SQL is an incredibly important skill though for any DS role. I think when people emphasize SQL, what they really are talking about is the ability to write queries that interrogate the data and discover the nuances behind how it is collected and/or manipulated by an application before it is written to the dB. For example, is the employee’s phone number their current phone number or does the database store a history of all previous phone numbers? Critically important questions for understanding the nature of your data, and it doesn’t necessarily deal with statistics! The level of syntax required to do this is not that sophisticated, you can get pretty damn far with knowledge of all the joins, group by/analytical functions, filtering and nesting queries. In many cases, the data is too large to just select * and dump into a csv to load into pandas, so you start with SQL against the source. In my mind it’s more important for “SQL skills” to know how to generate hypotheses (that will build up to answering your business question) that can be investigated via a query than it is to be a master of SQL’s syntax. Just my two cents though!

AWS DAS-C01 Exam Prep on iOS

AWS DAS-C01 Exam Prep on android

AWS DAS-C01 Exam Prep on Windows

Data Visualization example: 12000 Years of Human Population Dynamic

[OC] 12,000 years of human population dynamics from dataisbeautiful

Human population density estimates based on the Hyde 3.2 model.

Capitol insurrection arrests per million people by state

[OC] Capitol insurrection arrests per million people by state from dataisbeautiful

Data Source: Made in Google Sheets using data from this USA Today article (for the number of arrests by arrestee’s home state) and this spreadsheet of the results of the 2020 Census (for the population of each state and DC in 2020, which was used as the denominator in calculating arrests/million people).

AWS Data analytics DAS-C01 Exam Prep

 

For more information about analytics architecture, visit the AWS Big Data Blog: AWS serverless data analytics pipeline reference architecture here

 

Basic Data Lake Architecture

Data Analytics Architecture on AWS

Data Analytics Architecture on AWS
Data Analytics Architecture on AWS

Data Analytics Process

Data Analytics Process
Data Analytics Process

AWS Data Analytics Specialty Certification DAS-C01 Exam Prep on iOS

AWS DAS-C01 Exam Prep on android

AWS DAS-C01 Exam Prep on Windows

 

Data Lake Storage:

Data Lake STorage on AWS
Data Lake STorage on AWS – S3

 

AWS DAS-C01 Exam Prep on iOS

AWS DAS-C01 Exam Prep on android

AWS DAS-C01 Exam Prep on Windows

Event Driven Data Analytics Workflow on AWS