Certified Az Red Team Professional

The Certified Az Red Team Professional (CARTP) is a completely hands-on certification. To be certified, a student must solve practical and realistic challenges in a live multi-Tenant Azure environment. The exam for CARTP is a 24 hours hands-on exam. The student needs to compromise all the resources across tenants and submit a report. A certification holder has demonstrated the skills to understand and assess security of an Azure environment. A non-exhaustive list of skills and techniques that the certification holder has demonstrated: - Azure services Discovery - Initial Access Attacks (Enterprise Apps, App Services, Logical Apps, Function Apps, Unsecured Storage, Phishing, Consent Grant Attacks) - Authenticated Enumeration (Storage Accounts, Key vaults, Blobs, Automation Accounts, Deployment Templates etc) - Privilege Escalation (RBAC roles, Azure AD Roles, Across subscriptions) - Lateral Movement (Pass-the-PRT, Pass-the-Certificate, Across Tenant, cloud to on-prem, on-prem to cloud) - Persistence techniques (Hybrid Identity, Golden SAML, Service Principals, Dynamic Groups) - Data Mining - Defenses