July 27 2016

CISSP exam passed

Today I passed the CISSP Certified Information Systems Security Professional exam.

I attended a week training course run by Les Bell (https://www.lesbell.com.au/) via ALC training (http://www.alctraining.com.au/course/cissp-certified-information-systems-security-professional/course-overview/).   There was some excellent material in this course and Les also provides access to his online training portal that has some great resources. In addition, I spent around a two months studying and I found the material below to be the most helpful:

  • CISSP Training – By CyberSecStudy – free audio podcast, great for listening to in the car – https://itunes.apple.com/au/podcast/cissp-training/id969825909?mt=2
  • CISSP All-in-One Exam Guide, 6th Edition – Shon Harris (from Amazon)
  • CISSP Practice Exams, 3rd Edition – Shon Harris (from Amazon)
  • The Sunflower CISSP summary v1.1

The last 3 sources are slightly dated as they talk about the 10 domains (as opposed to the new 8 domains) however I found the content was still relevant.

The exam, 6 hours and 250 questions long, requires real life work experience across all facets of IT – without this experience there is no chance of understanding the concepts and subsequently no chance of being able to answer questions on the extremely wide variety of topics.

April 8 2016

Microsoft MCSE Private Cloud recertification – exam 70-981

As you may know, the current iteration of MCSE certifications require recertification every 3 years.  For the Private Cloud stream, this requires an exam – 70-981.  I sat and passed this today.

Something that seems not to be published widely is that you can recertify some MSCE streams without sitting an exam – from https://www.microsoft.com/en-au/learning/certification-exam-policies.aspx

Q. Is it possible to fulfil the requirement without taking a recertification exam
A. Yes. Candidates can now get recertified by taking a series of courses with Microsoft Virtual Academy. Read the list of available certifications, required courses and additional details to get recertified through Microsoft Virtual Academy.

Preparation for the exam is difficult – there are no study guides or reference material – you are just ‘expected to know’.

My observation is that it is basically a mix of the 70-246 and 70-247 exams, not really any new material – pretty disappointing, some of the questions seemed familiar so I wouldn’t be surprised if the exam content has just been reused.  The main areas covered are:

  • System Center Operations Manager
  • System Center Service Manager
  • System Center Virtual Machine Manager
  • System Center Orchestrator
  • System Center Data Protection Manager
  • System Center App Controller
  • System Center Configuration Manager
  • Azure portal

Would I sit this again? Probably not.  While I’m sure the intention for recertification is well placed, it just seems like a money-grab – $206AU for the exam fee.  There are no benefits to me as an IT professional apart from keeping the certification active – I haven’t learnt any new skills or gained any additional knowledge – I’ve basically sat the same exam that I sat 3 years ago and in that time there has been significant change to the System Center and Azure offerings but this wasn’t reflected in the exam.

 

 

April 7 2016

Upgrade from Windows 8.1 Enterprise to Windows 10 Professional

I had a scenario where I needed to upgrade from Windows 8.1 Enterprise to Windows 10 Professional using the free Microsoft upgrade via Windows Update.  The free update usually doesn’t work on Enterprise versions of Windows 8.1.  To get this to work:

Open a command prompt with Administrator rights and run 4 commands to update the registry:

reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion" /v ProductName /d "Windows 8.1 Professional" /f
reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion" /v EditionID /d "Professional" /f

reg add "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion" /v ProductName /d "Windows 8.1 Professional" /f
reg add "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion" /v EditionID /d "Professional" /f

Then Check for Updates via Windows Update and KB3035583 appears.
After installing that update and running Check for Updates again, you will see the ‘Get Windows 10’ icon appear in the taskbar.

Follow the prompts and the machine will undertake a Windows 10 inplace upgrade with all your data intact.

In my scenario I found that once Windows 10 was up and running I needed to enter a valid Windows 10 product key for Windows to be able to activate.

 

 

November 13 2015

Azure Multi-Factor Authentication Server as a RADIUS server

This week I had a need to set up a RADIUS server in my lab.  I decided to use an on-premise version of Azure Multi-Factor Authentication Server.  It literally took just 5 minutes to set up and I was then receiving One-Time-Passwords via SMS for a measly sum of $0.17 (AU) per authentication.  This is a very simple, flexible and impressive solution.  More info and step-by-step instructions here:

 

August 10 2015

Windows 10 peer-to-peer (P2P) patching

Reviewing Microsoft 10 over the last week, I am very happy with the approach that Microsoft are taking with their ‘Windows Update Delivery Optimization’.  In short, this is peer-to-peer (P2P) sharing of Microsoft updates and Apps instead of content delivery directly from Microsoft servers. I like the concept behind this and I believe that this is an delivery method that we’ll start to see more of from other Internet-based software and service providers in the coming years.

The main concepts behind this are:

  • WUDO lets you get Windows updates and Windows Store apps from sources in addition to Microsoft.
  • Windows doesn’t download the entire file from one place. Instead, the download is broken down into smaller parts. Windows uses the fastest, most reliable download source for each part of the file.
  • WUDO creates a local cache, and stores files that it has downloaded in that cache for a short period of time. Depending on the settings, Windows then send parts of those files to other PCs on the local network or PCs on the Internet that are downloading the same files.
  • Delivery Optimization is turned on by default for all editions of Windows 10 (an opt-out scenario as opposed to opt-in), with the following differences:
    • Windows 10 Enterprise and Windows 10 Education: The PCs on your local network option is turned on by default.
    • All other editions of Windows 10: The PCs on your local network and PCs on the Internet option is turned on by default.
  • Users can turn this feature on and off, and can also set whether they can get and send updates to either just PCs on their local network or to PCs on the Internet as well.

There isn’t any detailed technical information available from Microsoft on how this works so one can only assume that it may be a larger implementation of Microsoft’s SCCM BranchCache concept.

 

June 22 2015

System Center Endpoint Protection (SCEP) support for Windows Server 2003

As we all know, as of July 14 2015, Windows Server 2003 will no longer be a supported operating system. This means that customers using Windows Server 2003 will no longer receive new security updates, non-security updates, free or paid assisted support options or online technical content updates from Microsoft.

However, it isn’t that well publicised that on this same date, customers using System Center Endpoint Protection on Windows Server 2003 will stop receiving updates to antimalware definitions and the engine for Windows Server 2003.

As a result, the SCEP agent will stop functioning.  Starting on July 14 2015, systems running Windows XP and Windows Server 2003 that have the System Center 2012 Endpoint Protection client installed will receive the following system tray notification:

SCEP notification

SCEP notification

SCEP notification

SCEP notification

Time to get off Windows 2003!