Certified Azure Red Team Professional (CARTP)
The Certified Azure Red Team Professional (CARTP) certification requires a hands-on, practical assessment in a live multi-tenant Azure environment. To earn this certification, a student must successfully complete a series of realistic challenges within a 24-hour exam period, culminating in the compromise of all tenant resources & enterprise applications and submission of a report. This certification emphasizes practical application over theoretical knowledge.
Attacking and Defending Azure AD Cloud Course
I found the course to be both thorough and enjoyable. Despite having some prior knowledge of Azure Active Directory, I encountered several new concepts that challenged my previous understanding of the subject. Additionally, I was very pleased with the instruction provided by Nikhil Mittal, who was highly approachable and supportive of student inquiries and feedback.
Given the extensive scope of Azure Active Directory and the incorporation of various cyber kill chains, the course is divided into four modules. It may be necessary to revisit certain modules or navigate between them to fully grasp the material, as outlined in the course content.
Module I:
- Introduction to Azure AD
- Discovery and Recon of services and applications
- Enumeration
- Initial Access Attacks (Enterprise Apps, App Services, Logical Apps, Function Apps, Unsecured Storage, Phishing, Consent Grant Attacks)
Module II:
- Authenticated Enumeration (Storage Accounts, Key vaults, Blobs, Automation Accounts, Deployment Templates, etc)
- Privilege Escalation (RBAC roles, Azure AD Roles, Across subscriptions)
Module III:
- Lateral Movement (Pass-the-PRT, Pass-the-Certificate, Across Tenant, cloud to on-prem, on-prem to cloud)
- Persistence techniques
Module IV:
- Data Mining
- Defenses, Monitoring and Auditing (CAP, PIM, PAM, Security Center, JIT, Risk policies, MFA, MTPs, Azure Sentinel)
- Bypassing Defenses
- Collect your course completion certificate, and schedule your Certified Azure Red Team Professional (CARTP) exam
Attacking and Defending Azure AD Cloud Lab
I thought it was really interesting that the lab was designed to mimic real-world organizations across multiple tenants with on-premises integration. It was a very impressive setup. The lab component of this course is comprised of various learning objectives that align with the material covered in the lectures. These objectives serve as checkpoints for ensuring comprehension of the subject matter. It is generally advisable to review these objectives after each lecture, rather than attempting to complete the lab in parallel with the sessions, as this may cause you to miss out on valuable class discussions. The Altered Security also provided a Flag Verification feature for a student who works in the lab. The flag format might be some results from enumerating or after abusing some things that you can provide the flag value to the Flag Verification. Moreover, the Final CTF Flag is diving into 4 flags for each tenant. I have completed all of them. The CTF was challenging with well-hidden information. I highly encourage you to participate in the CTF with another student.
One negative aspect was that I found it challenging to follow the lab manual because the chapters kept switching between kill chains, which made it difficult to understand. However, I can see why it was structured that way.
Certified Azure Red Team Professional Exam
The Certified Azure Red Team Professional Exam is the straightforward one. I suggest that you prepare all of your tools before beginning the exam. The exam setting is quite similar to the lab setting. The purpose of the exam lab is to get the final flag by compromised all tenant resources and enterprise applications. You have 24 hours to complete the exam’s practical portion. After that, you have 48 hours to finish and submit your exam report.
There was no unnecessary complexity, unlike in some other exams from the Altered Security. The exam focused solely on Azure Active Directory-related complexity and the flag was simply referred to as flag. I was confident in my understanding of the material and was able to navigate the exam without issue. I highly value the simplicity of the exam. It was straightforward and clear-cut, requiring a good understanding of the material.
Resources
Conclusion
This Attacking and Defending Azure AD Cloud course is just the beginning of the Red Teaming field. As you know, there are CRTE, CRTM, CRTO, CRTL, and so much more courses. In the Cybersecurity career pathway, I thought, I could not learn all the things but I will find my specialist and study more in detail in the future.
Special Thanks
Thank you to my colleagues, friends, and family for your guidance. Finally, I am a Certified Azure Red Team Professional (CARTP)!
No more Pass-the-Hash, just only Pass-the-PRT.
