this post was submitted on 12 May 2024
17 points (94.7% liked)
Melbourne
1859 readers
53 users here now
This community is a place created for the people of Melbourne and Victoria. We are a positive, welcoming and inclusive community. We might not agree about everything, but we always strive to stay civil and respectful.
The focus of our discussions is based around things that effect Victoria, but we are also free to discuss our local perspective on wider issues. Or head to the regular Daily Random Discussion thread to talk about anything.
Ongoing discussions, FAQs & Resources (still under construction)
Adoption Certificate for Nellie, the Daily Thread numbat (with thanks to @Catfish)
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
MADE IT TO ROUND 2!!!!!
Now I have a week to brush up on some tech stuff (active directory mainly), and we should be good!
I've found a good 6 hour tutorial on YouTube that'll do the trick.
Go go Simon!
Yay! Yeah you'll get the hang of active directory.
I did it ages ago at uni but haven't really had to use it much. Got my VM setup and a few 6 hour videos ready to go lol
@Gibsonisafluffybutt @imoldgreeeg Yay! Congratulations Simon π
Woohoo! Good stuff!
That is so cool.
Yaaaaassssss!!! You got this! Fuck yeah!
Ad? Or AAD? Remember for bonus points call it βextra idβ these days. Throw in a reference to conditional access policies. If that donβt give the security guys a semi nothing will.
That's fucking hilarious π€£ but you're absolutely spot on. They want basic AD knowledge which is pretty straightforward. Just brushing up.
I actually did work on IAM and conditional access at my last job, but only as a project manager.
Absolutely bring that up. Fair to assume they are directory synced to the cloud. honestly conditional access is one of the coolest things Microsoft have done in the last 10 years!!
For inside knowledge: Microsoft apparently working on enabling more complex passwords in entra id. Iβm very excited about this because itβs stupid that you have to have an on premises active directory to be able to set minimum complexity requirements.
Interesting! I've been hearing that two factor isn't enough anymore is that true?
This job, it's linked to the courts, so everything is still on prem. Although, maybe if I get this job I can start an initiative to move to the cloud.
Correct, mfa ainβt enough. Especially in sensitive settings like the courts. Government gets twitchy about data going out of the country. You might even find dealing with the courts the mandate IS on prem.
But Iβve had clients/customers/whatever click on links and have their auth token stolen from the browser, allowed an attacker to come in totally bypassing mfa. Iβve also had customers have their phone number ported away to steal the sms auth. Shit is scary.
Pretty sure the court is mandated to be on prem if I recall from the interview. Browser stuff can be mitigated to a degree, but how the fuck do you stop number porting and Sim cloning?
So MS are dropping SMS auth totally. MFA requires an app, or it will. Its a VERY slow rollout.