Thursday, December 31, 2015

New products of the month Dec 2015

New products of the week
Our roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.

GigaVUE-FM appliance
Key features: The GigaVUE-FM appliance simplifies the management and orchestration of visibility infrastructure and enables enterprises to increase the scale and reach of Gigamon’s Visibility Fabric with additional, dedicated compute capacity.

ImageCenter ADS-3000N
Key features: High-Speed desktop scanner with Gigabit Ethernet and SuperSpeed USB 3.0 connectivity offering powerful features for mid-to-large size workgroups that simplify the way documents are captured, managed, processed, and delivered.

SafeBeyond iOS App
Key features: SafeBeyond launches video capture app on iOS allowing users to more spontaneously record, capture, save and store their invaluable memories and moments.

Couchbase Server 4.1
Pricing: Community Edition is free with support available through the community. Enterprise Edition provides professional support and starts at $5,600 per node.

Key features: A distributed NoSQL database engineered for performance, scalability and availability. Added features include full CRUD support for SQL-based query language N1QL, prepared statements and covering indexes for faster queries.

Modular Data Line Fallback Switch
Key features: Automatic or on-demand A-B fallback switching for RJ45 Ethernet 10/100/1000, T1/E1 and RS-232/422/485 data lines. Accommodates up to 16 modules, allowing switching capacity to be expanded as needed.

StealthAUDIT 7.1
Key features: Enterprise-scale, flexible unstructured data access management to track who owns, manages or accesses sensitive unstructured data. Delivers new support for Microsoft Azure cloud-based directory service, NAS and UNIX support, etc.

Thunder TPS 3.2
Key features: A10 Networks announced enhancements to its multi-vector DDoS protection solution, Thunder TPS (Threat Protection System)—including the ability to send alerts to Verisign’s cloud-based DDoS Protection Service using the OpenHybrid API. Thunder TPS 3.2 now enables more organizations to intelligently provide an always-on application experience.

Attunity CloudBeam for Google Cloud SQL
Key features: Attunity CloudBeam accelerates transfer between on-premises enterprise data sources and Google Cloud SQL. Customers can leverage this solution to enable cloud-based Business Intelligence and Big Data analytics applications.
Certkingdom 20% Discount Promotion Coupon Code: 45K2D47FW4
Posted by at No comments:
Labels:

Friday, December 11, 2015

70-697 Practice Test - Windows 10 Devices in 2016

Welcome to the free practice test for 70-697 - Configuring Windows Devices. This simulated multiple-choice test was handwritten for the benefit of other IT professionals including engineers, helpdesk and managers. It contains 15 random questions selected from a wide range of Windows 10 topics - all relevant to the 70-697 subject material.

The questions will help to compliment your study material, providing the opportunity to test what you’ve learnt and improve your chance of passing the exam first time. Remember, if you enjoy the questions and answers then please share this page with friends and work colleagues.

Background
The 70-697 Specialist exam was introduced in 2015 for the Windows 10 MCSE certification path. Unlike exams from the Windows 8 series which tended to focus on a core principle the 70-697 exam covers a wider range of topics.

Candidates should bear this in mind when studying for the exam as it will test your experience across a wider spectrum of subjects including cloud based Intune management, virtualization and apps.

Topics you need to know
The exam is an even split between each of the following high level topics:
Windows Store and cloud apps
Desktop and device deployment
Intune device management
Networking
Storage
Data access and protection
Remote access
Updates and Recovery

● Exam 70-697 Configuring Windows Devices is near completion, and should soon be available. Passing this exam will confer a Microsoft Specialist certification, and it serves as the “recommended prerequisite” for the MCSE: Enterprise Devices and Apps certification (in lieu of exams 70-687 Configuring Windows 8.1 and 70-688 Supporting Windows 8.1). - See more at: http://www.certkingdom.com/Exam-70-697.php

You should be comfortable answering questions around the Windows Store and cloud apps, with an understanding of Microsoft Office 365 and the inner workings of Intune for sideloading apps to devices.

Several authentication mechanisms are available in Windows 10; certificates, Microsoft Passport, virtual smartcards, picture password, biometrics etc. You should be comfortable answering questions for each of these authentication types and any corresponding authorisation processes.

Many of the classic Windows configuration questions reappear, such as profiles and roaming with a focus on virtualization (Hyper-V) and mobile options such as Windows To Go and Wi-Fi Direct.

Networking and storage have their own subject areas which focus on classic networking principles such as name resolution and network adapters. On the storage side expect BitLocker to make an appearance in addition to classic questions on NTFS and data recovery.

Buzz Topics
Intune - provides mobile device management, mobile application management, and PC management capabilities from the cloud.
Hyper-V - software infrastructure and basic management tools that you can use to create and manage a virtualized computing environment.
BitLocker - a full disk encryption feature designed to protect data by providing encryption for entire volumes.
Windows To Go - boot and run from USB mass storage devices such as USB flash drives and external hard disk drives

Azure RemoteApp - brings the functionality of the on-premises Microsoft RemoteApp program, backed by Remote Desktop Services, to Azure. Azure RemoteApp helps you provide secure, remote access to applications from many different user devices.

Important
After reading this article, if your preparing for career change and looking for MCITP Online Training Certkingdom.com is the best online training provider that provide the all the and complete MCITP certification exams training in just one package, certkingdom self study training kits, save your money on bootcamps, training institutes, It’s also save your traveling and time. All training materials are “Guaranteed” to pass your exams and get you certified on the fist attempt, due to best training CertKingdom become no1 site.

Posted by at No comments:
Labels: , , , , , ,

Tuesday, December 1, 2015

70-246 Monitoring and Operating a Private Cloud with System Center 2012

QUESTION 1
Your company has a private cloud that is managed by using a System Center 2012 Operations Manager infrastructure.
The Operations Manager management server role is installed on a server named Server1.
You deploy a server named Server2, and then join Server2 to the domain.
You log on to Server2 and install the Operations Manager agent. You specify Server1 as the management server.
You notice that Server1 did not discover Server2.
You need to add Server2 as an agent-managed device.
What should you do from the Operations Manager console?

A. Modify the Global Management Server Settings - Security settings.
B. Create a new discovery rule.
C. Import the Windows Servers Base Operating System Management Pack.
D. Run the Discovery Wizard - Computer and Device Management Wizard.

Answer:

QUESTION 2
Your network contains an Active Directory domain named contoso.com that connects to a Windows Azure environment. You deploy System Center 2012 R2 Data Protection Manager (DPM) to the domain.
You need to ensure that you can use DPM to back up to the Windows Azure environment.
Which three actions should you perform? Each correct answer presents part of the solution.

A. From Windows Azure, create an endpoint.
B. On the DPM server, allow inbound traffic on TCP port 135.
C. Install the Windows Azure Backup agent.
D. Install a certificate on the DPM server and the upload the certificate to Windows Azure.
E. Create a backup vault.

Answer:

QUESTION 3
Your company has a private cloud that is managed by using a System Center 2012 infrastructure.
You deploy Data Protection Manager (DPM) to a server named DPM1.
A server named Server1 has the Hyper-V server role installed and hosts a virtual machine named VM1.
From DPM1, you perform a full backup of Server1.
You discover that you are unable to restore individual files from VM1.
You need to ensure that you can restore individual files from VM1 by using the DPM Administrator console.
What should you do first?

A. On VM1, install Windows Server Backup.
B. On DPM1, install the Hyper-V server role.
C. On VM1, install the integration features.
D. On DPM1, attach the VHD of VM1.

Answer: B

Explanation: The integration features are also required but the “first” step according to the link below is to install the Hyper-V role on the DPM server.
Ref: http://technet.microsoft.com/en-us/library/hh758184.aspx

QUESTION 4
Your company has a private cloud that is managed by using a System Center 2012 infrastructure.
The company defines the Service Level Agreement (SLA) for a web application as 99 percent uptime.
You need to create service level objectives (SLOs) that meet the SLA requirement.
Which object or objects should you create from the Service Manager Console? (Each correct answer presents part of the solution. Choose all that apply.)

A. a queue
B. a connector
C. a channel
D. a calendar
E. a metric
F. a subscription

Answer:

QUESTION 5
Your company has a private cloud that is managed by using a System Center 2012 infrastructure.
The network contains an Operations Manager infrastructure and a Service Manager infrastructure.
You need to configure Service Manager to create incidents automatically based on Operations Manager alerts.
Which object should you create from the Service Manager Console?

A. A subscription
B. A queue
C. An incident event workflow
D. A connector

Answer:
Posted by at No comments:
Labels: , , , , , , ,

Monday, November 23, 2015

74-409 Server Virtualization with Windows Server Hyper-V and System Center

QUESTION 1
Your role as Network Administrator at ABC.com includes the management of the company’s
virtual infrastructure.
A Windows Server 2012 R2 server named ABC-HV1 runs the Hyper-V role and hosts virtual
machines for users in the Finance department.
You need to configure a new virtual machine (VM) to host a new Finance application named App1.
You create a new VM named ABC-App1VM on ABC-HV1. You configure ABC-App1VM with two
virtual network adapters.
You need to configure the VM to ensure that the App1 remains available to Finance users in the
event of a failure of one of the virtual network adapters.
Which of the following PowerShell cmdlets should you run to configure the VM?

A. Add-VMNetworkAdapter
B. Set-VMNetworkAdapter
C. Enable-VMMigration
D. Enable-VMSwitchExtension
E. Set-VMNetworkAdapterVlan

Answer: B

Explanation:

QUESTION 2
You work as a network administrator at ABC.com. The network consists of a single Windows
Server 2012 Active Directory Domain Services (AD DS) domain.
The network includes a virtual infrastructure that includes host servers running Microsoft Hyper-V
2012 R2.
A virtual machine (VM) named ABC-AppVM1 runs an application used by users in the company’s
production department. The VM has a data partition that hosts a large database for the
application.
You need to install an application update on ABC-AppVM1. You need to ensure that you can
restore ABC-AppVM1 to its previous state in the event of a problem with the update.
Which of the following solutions would enable you to restore the VM to its previous state while
minimizing the disk space used on ABC-AppVM1?

A. You should export the VM before applying the update.
B. You should run the Copy-VMFile PowerShell cmdlet before applying the update.
C. You should configure VM replication before applying the update.
D. You should create a checkpoint of the VM before applying the update.

Answer: D

Explanation:

QUESTION 3
Your role as Network Administrator at ABC.com includes the management of the company’s
virtual infrastructure.
The virtual infrastructure consists of 100 virtual machines (VMs) running on Windows Server 2012
R2 Hyper-V host servers. Some Hyper-V host servers have locally attached storage and some
Hyper-V host servers connect to a Fiber Channel SAN.
Some VMs are Generation 1 VMs and some are Generation 2 VMs. The VMs run either Windows
Server 2008 R2 or Windows Server 2012 R2. The virtual hard disks are a mix of VHD format or
VHDX format.
You need to ensure that all VMs support online virtual hard disk resizing.
How can you ensure that all VMs support online virtual hard disk resizing?

A. By upgrading all Windows Server 2008 R2 VMs to Windows Server 2012 R2.
B. By converting all VHD format disks to VHDX format disks.
C. By converting all Generation 1 VMs to Generation 2 VMs.
D. By connecting all Hyper-V host servers that have locally attached storage to the Fiber Channel
SAN.

Answer: B

Explanation:

QUESTION 4
Your role as Network Administrator at ABC.com includes the management of the company’s
virtual infrastructure.
The physical network contains two switches named Switch1 and Switch2.
You are configuring a new Windows Server 2012 R2 server named ABC-HV10 as a Hyper-V host
server.
ABC-HV10 has four physical network adapters named NIC1, NIC2, NIC3 and NIC4. You connect
NIC1 and NIC2 to Switch1 and NIC3 and NIC4 to Switch2.
ABC-HV10 will host a virtual machine (VM) named ABC-AppVM1. The VM will run a custom lineof-
business (LOB) application named CorpApp1.
You need to ensure that CorpApp1 remains available to users in the event of a failure of one of the
physical network adapters on ABC-HV10 or a failure of one of the network switches.
You also want to increase the network bandwidth available to the VM without modifying the
configuration of the network switches.
Which two of the following actions should you perform to configure ABC-HV10 before creating the
VM? (Choose two).

A. Configure NIC1 and NIC2 as a NIC team.
B. Configure NIC1 and NIC3 as a NIC team.
C. Configure the NIC team to use Static Teaming (Switch Dependent) mode.
D. Configure the NIC team to use LACP (Switch Dependent) mode.
E. Configure the NIC team to use Switch Independent mode.

Answer: B,E

Explanation:

QUESTION 5
You work as a network administrator at ABC.com. The network consists of a single Windows
Server 2012 Active Directory Domain Services (AD DS) domain.
The company has a Development department. You want to configure four virtual machines (VMs)
to be used by users in the Development department for testing applications.
Two of the VMs will run Windows Server 2012 R2 and the other two will run Windows Server 2008 R2.
You install a new Windows Server 2012 R2 Hyper-V server named ABC-DevHV1 to host the VMs
for the Development department. ABC-DevHV1 has locally attached disk storage with a limited capacity.
You need to maximize the disk performance of the VMs.
What should you do?

A. You should configure dynamically expanding virtual disks for all four VMs.
B. You should configure pass-through virtual disks for all four VMs.
C. You should configure fixed virtual disks for all four VMs.
D. You should configure dynamically expanding virtual disks for the Windows Server 2008 R2 VMs
and fixed virtual disks for the Windows Server 2012 R2 VMs.
E. You should configure differencing disks for all four VMs.

Answer: C

Explanation:

Posted by at No comments:
Labels: , , , , , ,

Tuesday, November 10, 2015

98-361 Software Development Fundamentals

QUESTION 1
You are employed as a developer at ABC.com. You make use of C# and ASP.NET for
development purposes.
You have been asked to create a new program for ABC.com. Prior to creating the new program,
you plan to create an algorithm to fully comprehend how the processes of the program must run.
The algorithm will list the required actions for completing a process in the appropriate sequence.
You are informed that your method for creating the algorithm should be as simple, and clear as
possible.
What option should you use?

A. You should consider making use of the flowchart method.
B. You should consider making use of the pivotchart method.
C. You should consider making use of the data table method.
D. You should consider making use of the XML method.

Answer: A

Explanation:

QUESTION 2
You are employed as a developer at ABC.com. You are creating a .NET Framework application.
You have been instructed to make sure that you make use of Common Intermediate Language
(CLI) for programming the application.
What options are TRUE with regards to CLI? (Choose all that apply.)

A. CIL is the highest-level human-readable programming language defined by the Common
Language Infrastructure specification.
B. CIL is the highest-level human-readable programming language defined by the Common
Language Infrastructure specification.
C. CIL is an object-oriented assembly language, and is entirely stack-based.
D. CIL is an object-oriented assembly language, but is not stack-based.

Answer: A,C

Explanation:

QUESTION 3
You are employed as a developer at ABC.com. You make use of Visual Basic .Net for
development purposes.
You have written the code shown below for declaring an array of a new application:
Dim myArray as String = { apples, pears, plums, grapes, oranges, bananas}
You want to return the third item in your array.
What code would you employ?

A. myArray[1]
B. myArray[2]
C. myArray[3]
D. myArray[4]
E. myArray[5]
F. myArray[6]

Answer: B

Explanation:

QUESTION 4
You are employed as a developer at ABC.com. You are in the process of creating code for a
method that does not retrieve a value for the calling code.
You want to make sure that this is reflected when declaring the method.
What option should you use?

A. You should consider making use of the void keyword in the method declaration.
B. You should consider making use of the sealed C# statement in the method declaration.
C. You should consider making use of the internal C# statement in the method declaration.
D. You should consider making use of the public C# statement in the method declaration.
E. You should consider making use of the protected C# statement in the method declaration.

Answer: A

Explanation:

QUESTION 5
You are employed as a developer at ABC.com. You make use of C# and ASP.NET for
development purposes.
You have received instructions to create a new program for ABC.com using C#. You are informed
that the new program should allow for intricate multi-way branching. Furthermore, the code used
must not be difficult to make sense of.
What is the option you should use?

A. You should consider making use of the foreach C# statement.
B. You should consider making use of the while C# statement.
C. You should consider making use of the protected C# statement.
D. You should consider making use of the switch C# statement.

Answer: D

Explanation:



Posted by at No comments:
Labels: , , , , , ,

Monday, October 19, 2015

70-331 Core Solutions of Microsoft SharePoint Server 2013

QUESTION 1
You create a User Profile Synchronization connection. You need to grant the necessary
permissions to the synchronization account. What should you do?

A. Grant the account Full Control on the ActiveUsers OU.
B. Grant the account Full Control on the AuthenticatedUsers AD security group.
C. Grant the account Read permission on the domain.
D. Grant the account the Replicate Directory Changes permission on the domain.
Correct
Answer: D

QUESTION 2
You need to ensure that content authors can publish the specified files. What should you do?

A. Create multiple authoring site collections. Create a site that contains lists, document libraries,
and a Pages library. Create an asset library in a new site collection, and enable anonymous
access to the library on the publishing web application.
B. Create multiple authoring site collections. Create a site that contains lists, document libraries,
and a Pages library. Create an asset library in the authoring site collection, and enable
anonymous access to the library on the authoring web application.
C. Create one authoring site collection. Create a site that contains multiple lists, document
libraries, and Pages libraries. Create an asset library in a new site collection, and enable
anonymous access to the library on the publishing web application.
D. Create multiple authoring site collections. Create a site that contains multiple lists, document
libraries, and Pages libraries. Create an asset library in a new site collection, and enable
anonymous access to the library on the publishing web application.
Correct
Answer: B

QUESTION 3
HOTSPOT
You need to ensure that user-selected subscription content automatically appear on users' My
Sites. Which configuration option should you choose? (To answer, select the appropriate option
in the answer area.)
Hot Area:



Correct Answer:




QUESTION 4
You need to import employee photos into SharePoint user profiles by using the least amount of
administrative effort. Which three actions should you perform? (Each correct answer presents
part of the solution. Choose three.)

A. Define a mapping for the thumbnailPhoto attribute of the Picture user profile property.
B. Run the Update-SPUserSolution Windows PowerShell cmdlet.
C. Run an incremental synchronization of the User Profile Synchronization service.
D. Run a full synchronization of the User Profile Synchronization service.
E. Run the Update-SPProfilePhotoStore Windows PowerShell cmdlet.
F. Define a mapping for the photo attribute of the Picture user profile property.
Correct
Answer: ADE

QUESTION 5
DRAG DROP
You need to install the appropriate versions of Windows Server, Microsoft SQL Server, and
Microsoft .NET Framework in the server environment. Which operating system and applications
should you install? (To answer, drag the appropriate operating systems and applications to the
correct server layers in the answer area. Each operating system or application may be used once,
more than once, or not at all. You may need to drag the split bar between panes or scroll to view
content.)
Select and Place:



Correct Answer:




QUESTION 6
You copy the content of the SharePoint installation media and software updates to your hard
drive. You need to meet the setup requirements for future SharePoint server installations. What
should you do?

A. Extract the content of each file to the Updates folder by running the /extract:<path>
command.
B. Upgrade the installation media by running the /lang:<lcid> command.
C. Extract the content of each file to the Setup folder by running the /extract:<path> command.
D. Extract the content of each file to the PrerequisiteInstallerFiles folder by running the /
extract:<path> command.
Correct
Answer: A




Posted by at No comments:
Labels: , , , , , ,

Monday, September 28, 2015

How to get security right when embracing rapid software development

Five steps to reduce risk while moving to continuous updates

Accelerated software development brings with it particular advantages and disadvantages. On one hand, it increases the speed to market and allows for fast, frequent code releases, which trump slow, carefully planned ones that unleash a torrent of features at once. Continuous release cycles also allow teams to fine-tune software. With continuous updates, customers don’t have to wait for big releases that could take weeks or months.

Embracing failure without blame is also a key tenet of rapid acceleration. Teams grow faster this way, and management should embrace this culture change. Those who contribute to accidents can give detailed accounts of what happened without fear of repercussion, providing valuable learning opportunities for all involved.

However, when things are moving as quickly as rapid acceleration allows, outages, security vulnerabilities and bugs become bigger concerns. Mistakes can occur, potentially leading to security problems. The upside: Automation of tasks can actually reduce mistakes and thus remove potential security issues.

When development is rushed without security awareness, wrong software, unencrypted apps, or insecure apps could be installed; audits and compliances could fail; intellectual property or private customer data may be leaked. Security is essential to the success of any development project — make it a priority.

How to Accelerate Safely
Minimize security concerns associated with rapid acceleration by talking to all stakeholders involved. Everyone needs to be brought into the discussion. Members of the development team, along with operations and security, should analyze the existing system and vocalize their visions for the new one prior to closing gaps with tools, automation and testing.

To implement a rapid approach to software development while reducing the potential risks, consider these five steps:

* Automate everything. Your team must take time to identify bottlenecks (the delivery process, infrastructure, testing, etc.) and find methods to automate anything that doesn’t need to be completed manually.

Consider establishing a system for continuous deployment. This allows automatic deployment of every software update to production and delivery. Continuous integration should also be a priority so changes and code added to the pipeline are automatically isolated, tested, and reported on before automation tools integrate code into the code base. Automation not only reduces waste in the process, but it also produces a repeatable process and outcome, which are squarely in the wheelhouse of security’s desires.

* Be agile but not unrealistic. Instead of spending an exorbitant amount of time on planning, flesh out the requirements and begin the process. Start by designating people to stay ahead of development, keep the project on track, and ensure deliverables are completed on schedule. Through it all, keep operations — and your company — transparent.

If someone runs in with a high-priority request, the project manager or product owner can say, “No, we can’t finish that in this sprint, but we can add it to the backlog with a high-priority mark and work it into an upcoming sprint.” Agile programming is a pull model, not a push model. Management needs to understand how this works and support it.

If the sprint’s allocated stories are completed early, more work can then be pulled in. That said, don’t let others push unplanned work on the team. Agile programming requires team agreement to complete a specific amount of work in a specific time frame.

* Work across departments. When departments move together rapidly, tensions will inevitably rise. Security should be brought into the fold so these issues don’t cause speed bumps. Sales teams, marketing teams, or teams invested in the end product need to have an equal seat at the table. Planning should be a collaborative effort among all stakeholders.

* Separate duties and systems. Often, as companies attempt to embrace rapid acceleration, a need for separation of duties may arise as just one of many compliance requirements. Only select employees should have access to production and test systems.

* Work as a team. Ensure everyone understands the company’s compliance and controls requirements. Be creative to ensure requirements are met without creating speed bumps. Also, consider how controls could be automated. Finally, check with your auditor to make sure what you’ve implemented meets the requirements.

Security will always be a concern with development, and that concern only intensifies when processes speed up. As long as your teams work together, communicate clearly, know their places and expectations, and hold one another accountable, you can hasten the development process while keeping security fears at bay.

Posted by at No comments:
Labels: , ,

Saturday, September 19, 2015

Why Windows 10 is the most secure Windows ever

With Device Guard and Credential Guard, Windows enjoys unprecedented protection from malware and advanced persistent threats

Microsoft added two game-changing security features for enterprise users in Windows 10, but until recently, the company has been relatively quiet about them.

So far the buzz has mainly been about Windows Hello, which supports face and fingerprint recognition. But Device Guard and Credential Guard are the two standout security features of Windows 10 -- they protect the core kernel from malware and prevent attackers from remotely taking control of the machine. Device Guard and Credential Guard are intended for business systems and are available only in Windows 10 Enterprise and Windows 10 Education.

“Clearly, Microsoft thought a lot about the kind of attacks taking place against enterprise customers and is moving security forward by leaps and bounds,” said Ian Trump, a security lead at LogicNow.

Device Guard relies on Windows 10’s virtualization-based security to allow only trusted applications to run on devices. Credential Guard protects corporate identities by isolating them in a hardware-based virtual environment. Microsoft isolates critical Windows services in the virtual machine to block attackers from tampering with the kernel and other sensitive processes. The new features rely on the same hypervisor technology already used by Hyper-V.

Using hardware-based virtualization to extend whitelisting and protecting credentials was a “brilliant move” by Microsoft, said Chester Wisniewski, senior security strategist for Sophos Canada, an antivirus company.

Microsoft published tehnical guides for Device Guard and Credential Guard on TechNet last week.
Apps on lockdown

Device Guard relies on both hardware and software to lock down the machine so that it can run only trusted applications. Applications must have a valid cryptographic signature from specific software vendors -- or from Microsoft if the application comes from the Windows Store.

Although there have been reports of malware code writers stealing certificates to sign malware, a significant majority of malware is unsigned code. The reliance of Device Guard on signed policies will block most malware attacks.

“It is a great way to protect against zero-day attacks that make it by antimalware defenses,” Trump said.

While this approach is similar to what Apple does with its App Store for iOS and OS X and with its Gatekeeper app-signing technology in OS X for verified developers who offer non-App Store apps, there's a twist: Microsoft recognizes that enterprises need a wide array of applications. Businesses can sign their own software without having to make changes to the code, and for applications they know and trust (custom software they bought, for example), they can sign those applications, too. In this way, organizations can create a list of trusted applications independent of whether the developer obtained a valid signature from Microsoft.

This puts organizations in control of which sources Device Guard considers trustworthy. Device Guard comes with tools that can make it easy to sign Universal or even Win32 apps that may not have been originally signed by the software vendor. Clearly, Microsoft is looking for middle ground between a total lockdown and keeping everything open, enabling organizations to “have their cake and eat it, too,” Wisniewski said.

Under the hood, Device Guard is more than another whitelisting mechanism. It handles whitelisting in a way that is actually effective because the information is protected by the virtual machine. That is, malware or an attacker with administrator privileges cannot tamper with the policy checks.

Device Guard isolates Windows services that verify whether drivers and kernel-level code are legitimate in a virtual container. Even if malware infects the machine, it cannot access that container to bypass the checks and execute a malicious payload. Device Guard goes beyond the older AppLocker feature, which could be accessed by attackers with administrative privileges. Only an updated policy signed by a trusted signer can change the app control policy that has been set on the device.

“It’s exciting for Windows to put this right in the box,” said Trump. “It may become a corporate standard.”
Isolating secrets

Credential Guard may not be as exciting as Device Guard, but it addresses an important facet of enterprise security: It stores domain credentials within a virtual container, away from the kernel and user mode operating system. This way, even if the machine is compromised, the credentials are not available to the attacker.

Advanced persistent attacks rely on the ability to steal domain and user credentials to move around the network and access other computers. Typically, when users log into a computer, their hashed credentials are stored in the operating system’s memory. Previous versions of Windows stored credentials in the Local Security Authority, and the operating system accessed the information using remote procedure calls. Malware or attackers lurking on the network were able to steal these hashed credentials and use them in pass-the-hash attacks.

By isolating those credentials in a virtual container, Credential Guard prevents attackers from stealing the hash, restricting their ability to move around the network. The combination of Device Guard and Credential Guard could go a long way toward locking down an environment and stopping APT attacks.

“Microsoft’s Implementation may not be as easy as some vendors, and Microsoft may not have a fancy dashboard, but to include security features like these [Credential Guard, Device Guard, Microsoft Hello two-factor authentication, and BitLocker] you have an operating system worthy of the title ‘Enterprise’ and a very hard target to hack," Trump said.
Not for everyone

Exciting features aren’t enough to spur adoption. While Windows 10 will make inroads in the enterprise, the hardware requirements and infrastructure changes will delay widespread adoption of Device Guard and Credential Guard for at least four or five years, Wisniewski predicted.

The hardware requirements are hefty. To enable Device Guard and Credential Guard, the machines need Secure Boot, support for 64-bit virtualization, Unified Extensible Firmware Interface (UEFI) firmware, and the Trusted Platform Module (TPM) chip. Only enterprise hardware, not consumer PCs, includes such features. For example, business laptops such as Lenovo ThinkPad and Dell Latitude models typically have these specs, but consumer models such as the Lenovo Yoga 3 Pro do not. The hypervisor-level protections are available only if the machine has a processor with virtualization extensions, such as Intel VT-x and AMD-V.

Employees regularly working in the field or traveling extensively throughout the year are more likely to opt for a lighter laptop -- and most Ultrabooks do not have TPM inside. “The executives are the ones I worry about,” Wisniewski said, as they're the ones most at risk of attack and more likely to be using consumer models.

The hardware isn’t the only barrier to getting started; most organizations will also need to make changes to infrastructure and processes. Many IT teams don’t currently use UEFI or Secure Boot because they impact existing workflows. IT may be concerned about getting locked out of computers with Secure Boot; it’s easier to wipe a machine and load a stock corporate image when setting it up. Likewise, some machines may run critical applications with specific requirements that cannot be upgraded.

Fortunately, Device Guard and Credential Guard don't require an all-or-nothing decision. IT can build a new domain with Device Guard and Credential Guard protections turned on and move users who meet the hardware requirements. The machines that can’t be upgraded can be left in the existing domain. This lets IT maintain a “clean” network with signed policy and protected credentials and focus their attention on the older, “dirty” domains. “Don’t hold the entire network back for just one thing,” Wisniewski said.

Few enterprises believe the current state of enterprise Windows security is acceptable. Device Guard and Credential Guard actually offer a way forward, albeit one that demands a substantial investment. With Windows 10, “Microsoft is telling enterprises, ‘If you want good technology you need to do security [our way],’” Wisniewski said. Time will tell whether enterprises are willing to follow that path.

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com
Posted by at No comments:
Labels: ,

Friday, August 28, 2015

BitTorrent patches flaw that could amplify distributed denial-of-service attacks

Attackers could use the vulnerability to force BitTorrent applications to send malicious traffic

BitTorrent fixed a vulnerability that would have allowed attackers to hijack BitTorrent applications -- used by hundreds of millions of users -- in order to amplify distributed denial-of-service (DDoS) attacks.

The vulnerability was located in libuTP, a reference implementation of the Micro Transport Protocol (uTP) that's used by many popular BitTorrent clients including uTorrent, Vuze, Transmission and the BitTorrent mainline client.

The flaw was disclosed earlier this month in a paper presented at the 9th USENIX Workshop on Offensive Technologies by four researchers from City University London, Mittelhessen University of Applied Sciences in Friedberg, Germany and cloud networking firm PLUMgrid.

DDoS amplification is an increasingly popular technique among attackers and can generate very large traffic volumes. It involves sending rogue requests to a large number of servers that appear to originate from the IP (Internet Protocol) address of a target chosen by attackers. This tricks those servers into sending their responses to the spoofed IP address instead of the original sender, flooding the victim with data packets.

The technique has the effect of hiding the source of the original traffic, which is known as reflection, but can also significantly amplify it if the generated responses are larger in size than the requests that triggered them.

This type of attack typically affects protocols that rely on the User Datagram Protocol (UDP) for data transmission, because UDP does not perform source address validation. In their paper, the four researchers showed that uTP is one such protocol.

They showed that an attacker could send a connection request with a spoofed address to a BitTorrent client, forcing it to send an acknowledgement (ACK) packet to the victim. The attacker could then send a second request with the same spoofed address and a random ACK number to initiate a BitTorrent handshake.

The BitTorrent client would accept this second request as well and would send a handshake response to the victim. However, since the victim would not expect the packet, it wouldn't respond back, forcing the BitTorrent client to resend the data up to four times, amplifying the traffic that the attackers can generate.

In order to fix the issue, BitTorrent, the company that maintains libuTP, modified the library so that it properly verifies the ACK number accompanying the second request. If it doesn't match the one sent to the victim in the first packet, it will drop the connection.

The change does not prevent DDoS reflection but kills the amplification effect.

It would be fairly difficult for an attacker to guess the acknowledgement number for a sufficiently large number of reflectors, a BitTorrent engineer said in a blog post Thursday that explains the fix in detail.

The latest versions of uTorrent, BitTorrent mainline and BitTorrent Sync, which are developed by the company, have included the fix since Aug. 4.

The change does not affect backwards compatibility with older versions of those applications nor with third-party BitTorrent clients that use libuTP, a BitTorrent engineer said via email. "Nonetheless, we encourage other developers to ensure their implementations properly enforce acknowledgment number sequencing."

Other protocols designed by the company that rely on libuTP, like the Message Stream Encryption (MSE), are also protected.

Posted by at No comments:
Labels: , , ,

Friday, August 21, 2015

Microsoft tells some Insiders to stop using Windows 10 preview

Tuesday's build 10525 warns Insiders, 'You may not use this software if you have not validly acquired a license for the software from Microsoft'

With the resumption of Windows 10 builds to testers, Microsoft has told users they may not have the right to run the software and again begun marking copies with small watermarks.

Microsoft released Windows 10 build 10525 to its Insiders preview participants Tuesday, restarting the early-look program after a four-week hiatus while it pushed the production code to users.

During the pause, the watermark identifying the build as a preview was removed. The watermark has now returned for users who installed a Windows 10 preview. The watermark read, "Windows 10 Pro Insider Preview. Evaluation copy. Build 10525 [emphasis added]."

More importantly, Microsoft has warned users that they may not be legal. "You may not use this software if you have not validly acquired a license for the software from Microsoft," stated the text that appeared when users clicked on the link marked "Read the Microsoft Software License Terms" from Settings/System/About.

"If you do not have express written permission from Microsoft to access the software then you must immediately cease using the software and remove the software from your machine," the copy continued [emphasis added].

The abbreviated license's intention was similar to that of the end-user license agreement (EULA) tied to the production version. "Updating or upgrading from non-Genuine software with software from Microsoft or authorized sources does not make your original version or the updated/upgraded version Genuine, and in that situation, you do not have a license to use the software," that EULA read.

In Computerworld's case, the new watermark and license text appeared on build 10525 after Windows 10 was updated Tuesday from build 10240. That copy of Windows 10 was originally installed on a virtual machine from a disk image -- or .iso file -- downloaded from Microsoft's website. The virtual machine had been newly created, and the Insider preview had been installed from scratch: In other words, it was not backed by a valid Windows 7 or 8.1 license from which an upgrade was authorized.

Others have done the same.
In fact, the practice had been the focus of considerable interest in June, when Microsoft took several tries to explain who of those on the preview program could continue to run Windows 10 after its July 29 launch.

The final word? "Let me start by restating very clearly that Windows 10, whether you get it on 7/29 or whether you got it in a preview form through the Windows Insider Program, is intended to be installed on [a] Genuine Windows device," said Gabriel Aul, engineering general manager for Microsoft's operating system, in a June 22 blog.

"Genuine" is Microsoft-speak for a legitimate, activated copy of its software.
"This is not a path to attain a license for Windows XP or Windows Vista systems. If your system upgraded from a Genuine Windows 7 or Windows 8.1 license, it will remain activated, but if not, you will be required to roll back to your previous OS version or acquire a new Windows 10 license. If you do not roll back or acquire a new license the build will eventually expire," Aul added.

In comments on Twitter around the same time, Aul spelled out what appeared to be a loophole, tweeting assurances that as long as testers continued to run a pre-release build linked to their Microsoft Account -- no matter how it was installed -- Windows 10 would remain activated. "This is pre-release software and is activated with a pre-release key," Aul said of the Insider previews. "Each individual build will expire after a time, but you'll continue to receive new builds, so by the time an older pre-release build expires you'll have received a new one."

Computerworld's copy of build 10525 remained activated, presumably by the kind of pre-release product activation key code Aul referenced.

However, activation does not legality dispense, even if there may not be a way for Microsoft to easily stop users from running an Insiders preview sans an underlying valid license. Nor may it want to: Insiders is an important part of both Microsoft's feedback loop and its external testing regimen.

Once Microsoft completes an update internally, it will be seeded to Insiders, and Insiders only, who will run it for at least a month. At the end of that month, Microsoft will decide if the update is suitably stable -- and that bugs uncovered by participants have been patched -- for the much larger number of consumers tapped into the "Current Branch" distribution track.
Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com


Posted by at No comments:
Labels: , ,

Monday, August 17, 2015

FIVE things you need to know about Google and Alphabet

A look at what’s changing, what's not and what it all means for Google and its research

With Google restructuring its business and moving under the umbrella of new parent company Alphabet, executives may be trying to get back some of their old start-up swagger.

The restructuring will bring a lot of changes to what is easily one of the world's most well-known companies. But company officials haven't offered any information about the move since co-founder Larry Page offered up a blog post Monday.

So what does all of this mean for users and for the industry?
Jeff Kagan, an independent industry analyst, said Google's move is akin to a "middle-aged facelift." What's unclear is just what that will entail.

With that in mind, here are the five things you should know about Google's restructuring:
Don't worry

Like Google search, Maps or your Android phone? That's great. No need to worry about them for now.

"I don't think there will be changes to product," said Brad Shimmin, an analyst with Current Analysis. "All the road maps they have in place will continue. At least for the foreseeable future, which is about 18 months in this industry, all the plans Google has had in play will remain."

It's simple: Things like search and Android have been the money makers for Google. The company has no reason to shake them up.

"Companies periodically have to go through restructuring to position themselves for the future," said Scott Strawn, an analyst with IDC. "This isn't about product. This is just the way the business world works.... I don't see any real product changes right now."

Let Google be Google
Now that Google has been trimmed of research projects like autonomous cars, Google Glass, drones and smart contact lenses, the company will be far more focused on core Internet-related businesses.

Google executives will no longer be splitting their attention between search and high-altitude balloons, or between Android and funding startups. Instead, they can focus on the products and services that make money for the company -- and that should mean more advances in those areas and more agility against competitors.

"It allows Google, the Internet property, to be more fiscally responsible and focused on what that company does," said Shimmin. "Because they were pulled in so many different directions, [co-founders] Sergey [Brin] and Larry [Page] had a lot to contend with, in terms of prioritization and coordination. Leaving Google on its own should make the company more successful because executives won't have to worry about so much else. They won't have to worry about the success of Google Glass and how they might affect the whole business."

The restructuring also means that Google's research projects will get their own executives and their own singular attention.

Relieved of the hefty administrative chores related to managing the Google colossus, the company's research arm can give more attention to things like Internet connectivity balloons, Google Fi and wearables.

"This new structure could help focus the founders' attention, and resources, on all of the much smaller companies and technologies that Google has either purchased or developed over the past several years," said Dan Olds, an analyst with The Gabriel Consulting Group. "We could also see these ancillary businesses receive more authority to make decisions on their own, which could drive quicker innovation and greater consumer impact."

Shimmin agreed, adding that Alphabet companies like Google X, which has been behind projects like Glass and driverless cars, will have more freedom under the new business structure.

"They won't have to worry about pulling resources away from their responsible revenue-making entities," he said. "Research will have its own set of finances. This lets the big multinational company sit separately, while the small, start-up-like entrepreneurial parts are set free. If they're going to have the focus to do more research, we'll see some innovations that have greater vision to them."

A happier Wall Street?
Wall Street's big investors are hopeful that the restructuring means they'll get a clearer look at how the company spends its money and where these different research projects are heading.

For some time, Wall Street has been pushing Google to be more transparent financially. How much is it spending on high-altitude balloons and drones? What is the expected revenue for Google Glass?

The company, despite Wall Street's insistence, has been mum on the subject. Now, though, that could change.

All of the businesses underneath the Alphabet umbrella should provide more financial information. Alphabet is expected to segment out its financials by its fourth-quarter earnings report, which should make Wall Street happy and could boost Alphabet's stock.

"This is Google becoming more transparent," said Kagan. "They were never really transparent and that has been causing them to stumble.... Google is a Silicon Valley creation. Everyone in Silicon Valley loves the young. Google has been growing and getting older, less youthful. This will hopefully help Google look more youthful to investors, workers, users and partners."

Google's new chief
As part of the restructuring, Sundar Pichai, who had been a vice president at Google overseeing Android, Chrome and Google apps, has been named CEO of the new trimmer Google.

"This is the man," said Shimmin. "This is the guy who brought us Android and the guy who has already basically been running their biggest cash cow. He's very charismatic and he's definitely [at the] CEO level of competence and swagger that you would expect to see from a company like Google. I think he's the perfect choice."

For a man who already has had so much success at Google, Pichai now can run Google's core businesses without having to figure out how other projects fit in and how to relate them to the board of directors and stock holders.

"With Pichai at the helm, I am hoping to see a Google more focused on all things Google as we've known it," said Patrick Moorhead, an analyst with Moor Insights & Strategy. "Pichai will need to make yet another run at being successful in social media, which has eluded Google so far."

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

Posted by at No comments:
Labels:

Wednesday, August 5, 2015

Don't bother with Microsoft Windows 10 until you read this

This OS release might fix many problems and resolve some usability problems, but make sure you look before you leap

Wait, doesn’t it always make sense to download something for free? Microsoft released its brand-new operating system this week, and you can grab it at no cost, but make sure you know exactly what you are getting into before you upgrade.

Let me be your guinea pig on this one. I’ve been testing the beta for several weeks. HP just sent me an Elite X2 laptop with Windows 10 preloaded. And, I’ve been testing and using Windows since the 2.0 release back when people used to question a “windowing” interface. I’ve been testing Windows laptops for a decade or more.

The first thing you should do before making the upgrade is to look closely at the gear you have attached to your computer. I mean closely. You might already know that Microsoft has put great effort into making sure just about every printer and scanner in the known universe will work with the new OS, but what if you own one from an unknown universe? More to the point, if you have really odd peripherals — say, a 3D printer or maybe a drone that needs constant driver updates — think twice about jumping on the download so quickly. Check with the peripheral maker first.

Second, ask yourself some tough questions about why you are updating. Are you an early adopter? It’s definitely less risky than being one of the first people to drive an autonomous car or use a new VR headset when there are so few VR apps. You can expect Chrome to run smoothly (I’m using Google Docs on Chrome running on Windows 10 right now). But any new OS will have some issues. Maybe they are security-related. Maybe your accounting app will crash. Be ready to spend time tinkering and have a good backup plan (and a good backup). At least do the upgrade during a time when you don't have a ton of projects due.

I do most of my work in the cloud these days, and I always have a few computers floating around. It’s an incredibly low-risk upgrade for me. If one of them crashed, I'd grab another, I tend to live on the edge (and the Edge) when it comes to computing, but then again, I don’t have to do the payroll for hundreds of employees or develop a marketing brochure using Photoshop by 5 o'clock tonight.

If you get past those hurdles, it’s time to think about why the upgrade makes sense. It’s a smarter interface. The Start menu is now located back where it belongs, on the left-corner of the screen instead of taking over your entire screen with tile apps. That means it is easier to use. Before, you had to know where to find simple features like how to turn the computer off. Microsoft has mostly addressed the usability problems in Windows 8 with this release. It's getting great reviews.

It’s faster, easier and smarter. It’s also not going to change your world in a million ways. Windows 10 has not made much of a difference in how I work, the apps I use, or the fact that I tend to do most of my work in a browser these days. I don't mean that as a diss, I'm just not that OS-centric these days, There’s still some question about whether it will run reliably, and there’s no way to know unless you try it with your apps on your computer for a few days or weeks. It’s pretty tough to go back to a previous OS. Anything new in technology should be evaluated for the value it provides to you, not just because it is new, available, free or good.

I’m not saying to skip this release at all. After complaining about Windows 8 over and over again, I will say that Windows 10 is a big step forward in making the OS more user-friendly. I’m happy with the update so far and haven’t have any problems. Your mileage (and patience level) will vary. As with any new OS, just be careful before you jump into the fray.
Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com


Posted by at No comments:
Labels:

Monday, July 27, 2015

Free tools to find out if your computer is infected with Hacking Team malware

Rook Security offers Milano, a free tool to scan your PC for any possible Hacking Team malware infection. Facebook offers osquery to detect Hacking Team’s Remote Control System on OS X. Lookout has mobile covered and can detect surveillance malware on Android and iOS platforms.

Are you 100% sure your devices aren’t infected by Hacking Team surveillance malware whether that means you might be a target of some government or a victim of some cyber scum-sucker who re-purposed Hacking Team’s malware? Sure Adobe and Microsoft have issued emergency patches in response to the leaked Hacking Team exploits, but wouldn’t it be wise to scan your computer and make sure it’s not infected? Now you can check if your computer is compromised by Hacking Team’s spyware as Rook Security released a free detection tool, dubbed ‘Milano,’ to help individuals and organizations find out if their machines are infected.

Rook Security has been collaborating with the FBI Indianapolis Cyber Task Force over the “malicious and weaponizable” exploits found in the leaked Hacking Team files. To reduce the potential impact to critical infrastructure, they worked together to identify malicious files that could be weaponized. Their objectives were also to “create IOCs and briefs for the affected vendors, clients, critical infrastructure, FBI, U.S. Secret Service, DHS, ISPs and others;” to examine if any clients were impacted, and to “create a capability that can be used to determine if they were compromised by Hacking Team files.”

The newest version of Milano was improved from 40 file hashes to 312 malicious or weaponizable file hashes, Rook Security’s Tom Gorup said yesterday when announcing the release of Milano v1.0.1. The updated IOC’s (Indicators of Compromise) are bundled with the new Milano version. “It is not necessary to download both Milano and the IOC files. We provided both to allow users to leverage this information with any tool in their arsenal.”

Gorup added:
Up to this point we have focused our efforts on a Windows executable and DLL files. We have completed analysis of over 800 windows, exe, and dll files resulting in 312 total executable files tagged as malicious or that have the ability to be utilized to support espionageware.

Additionally, our analysis continues and is focused on Linux and OSX specific files. We have identified 126 files specific to Linux at this point. As we complete the analysis of these files we will be releasing new IOC files, so please check back here on our blog for more information.

Milano features will be enhanced in the “near future” to include “auto OS detection, auto ICO update, and OpenIOC formatted files as an input. Once released, these features will provide Milano with the ability to run as a script with the functionality to identify which operating system is running and search for the OS specific IOC’s. The auto update feature will update the IOC’s it is hunting for every time it executes. This will ensure that future updates of IOC’s will be automatically applied each time Milano is executed.”

You can use Milano to perform a quick scan or a deep scan to find Hacking Team associated files. Hacking Team’s Unified Extensible Firmware Interface (UEFI) BIOS rootkit is particularly worrisome; it can keep its Remote Control System (RCS) agent installed on its targets’ systems by surreptitiously reinstalling. That's “even if the user formats the hard disk, reinstalls the OS, and even buys a new hard disk, the agents are implanted after Microsoft Windows is up and running.” Just in case Milano can catch that, a deep scan would seem like the best option even though it takes a while to run.

After downloading and unzipping Milano v1.01, you will see a document with Rook’s Hacking Team data review as well as a folder called “RookMilano.” Open the RookMilano folder to see:

Rook Security
After extracting the Milano file contents, clicking on milano.exe should run the program...unless you are on a 64-bit machine. Rook Security told me the program is for 32-bit boxes, but Windows 8.1. 64-bit users can run the program by using command prompt and changing directories to where milano.exe is

When Milano opens, you’ll see a logo; press Enter. After you see the legal limitation of liability statement, then press Enter again. After you see a limitation of software services as-is statement, press Enter again. Then you are given the option to select “q” for quick scan or “d” for deep scan; select one and then hit Enter. You may be asked if you would like to use the default path for Windows; you can select either yes or no, but if you don’t know then try “y” for yes and press Enter.

As it scans each item, you will hopefully see “file clean.” After the scan is completed, any files that require review will be marked with A for detected via VirusTotal, B for detected via manual analysis, C for from malicious project, or D for undetermined. The results are saved as a text file. If you don’t see any file marked with the above notations, then happy day for it’s all good and clean.
Rook Security's Milano deep scan results

Rook’s Hacking Team data review includes a table with data from the GitHub HackingTeam Repository; Rook flagged some of the files with a “W” meaning it could be weaponized.

Previously the free surveillance malware detection tool Detekt could find traces of remote control system toolkits created by FinFisher and the Hacking Team. But it was only a matter of time before the spyware was tweaked by the vendors and that tool became obsolete. It would be wise to scan and know for sure that your machines aren’t infected, but if you need convincing to try Milano then consider what Amnesty International said when Detekt was released. “Imagine never being alone. Someone looking over your shoulder, recording every computer keystroke; reading and listening to your private Skype conversations; using your phone’s microphone and camera to monitor you and your colleagues, without you even knowing it.”

If you think that is unlikely, then think again as researcher Collin Mulliner found out the Hacking Team – “scumbags” who “sell to repressive governments”— had taken his open source exploit tools and rolled them into its Android surveillance software which it sold to spy-happy governments worldwide. “I'm pretty angry and sad to see my open source tools being used by Hacking Team to make products to spy on activists,” Mulliner said. In one example, Mulliner pointed at his Android voice call interception tool which Hacking Team took to capture audio such as conversations within earshot of infected Android phones.

Protection from Hacking Team malware for Android and iOS mobile devices
If that makes you concerned about the possibility of your phone being infected with Hacking Team’s surveillance malware, then Lookout sent an email saying its “customers, on both Android and iOS platforms, are protected from all current forms of Hacking Team spyware products.”

Detection of Hacking Team spyware for OS X
Lastly, Facebook released new osquery query packs to detect Hacking Team’s Remote Control System on OS X. “Attackers continue to develop and deploy Mac OS X backdoors. We've seen this with Flashback, IceFog, Careto, Adwind/Unrecom, and most recently, HackingTeam. The OS X-attacks pack has queries that identify known variants of malware, ranging from advanced persistent threats (APT) to adware and spyware. If a query in this pack produces results, it means a host in your Mac fleet is compromised with malware. This pack is high signal and should result in close to zero false positives.”
Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com


Posted by at No comments:
Labels:

Friday, July 17, 2015

Apple Watch: Success by any other product would, for some, smell sweeter

How you measure (and value) the success of a high tech product isn't just about numbers sold or profitability

What does success mean when we’re talking about selling products in the high-tech sector? The answer depends on which criteria you think define success. Some might argue for the number of users, adoption rate, or market share, while others might rely on revenue or profit.

While these are all measures of success they also aren’t the whole story. The fact is that success with high-tech products is always far more complex than a single measure … which brings me to the wave of articles this week declaring that the Apple Watch is becoming a failure.

Driving this wave was a report from Slice Intelligence on Apple Watch sales figures that was widely mis-interpreted, most notably in a Marketwatch article. According to Marketwatch:

Sales of the new Apple Watch have plunged by 90% since the opening week, according to a new market-research report.

Apple … has been selling fewer than 20,000 watches a day in the U.S. since the initial surge in April, and on some days fewer than 10,000, according to data from Palo Alto, Calif.-based Slice Intelligence.

That is a sharp decline from the week of the April 10 launch, when Apple sold about 1.5 million watches, or an average of about 200,000 a day, Slice estimates.

The problem with Marketwatch’s interpretation of Slice’s data lies in assumptions about the accuracy of Slice’s methodology. Here’s the background: Slice has an app that’s a “shopping assistant”; the company explains:

Watching your deliveries is more convenient and beautiful than ever--and now you can know at a glance exactly where your stuff is at all times. … Slice keeps an eye on your purchases for you—watching for price drops, tracking your packages, and alerting you on hazardous product recalls. Never enter a tracking number again! It’s all done automatically with the e-receipts in your email ...

The purchases referred to are only your online purchases and that’s why the reported steep decline in sales should be taken with a big pinch of salt. Marketwatch’s assumption was that the data were representative of the market as a whole, something that Slice points out in its report.

For example, the initial high sales were impressive and driven by people who pre-ordered. On the other hand, those of us who are more cautious, wanted to see the product before we bought it which has definitely resulted in delayed and in-store purchases that Slice knows nothing about. This makes the argument that the Apple Watch is a flop based on Slice’s report a pretty weak one. Sure, sales might be slowing but catastrophically? I don’t think so.

Moreover, the connected watch category is one that Apple now dominates. According to research firm IHS, Apple’s share of the market is around 56% and the company will ship something like 19 million units.

So, if you measure success by market dominance then I’d say the the Apple Watch is a huge success. What we don’t know for sure is whether the Apple Watch is profitable (the real sales figures and margins for the Apple Watch are not broken out in their financials) and from an IHS teardown it looks like the Watch might be a good little earner: “[the] Apple Watch has the lowest hardware costs compared to retail price of any Apple phone IHS Technology has researched.”

And, guess what, even if it were not profitable, it wouldn’t matter. Apple makes so much money on its core products (just under $102B from iPhones; just over $30B from iPads, $24B from Macs; $18B from iTunes and software) that any losses on the Apple Watch would be minimal (as a friend commented, “equivalent to a rounding error in their coffee fund”) and more than offset by the enhanced brand awareness and public relations value.

Now, looking at the Apple Watch from a reviewer’s viewpoint, I’d suggest that the Apple Watch has all the hallmarks of success because it’s pure Apple; outstanding in design, fairly useful (by which I mean considerably more useful than other connected watches I’ve tested), and it has a vibrant and growing third party application market.

So, given what we know about the Apple Watch and its sales and marketplace standing I’d say the product’s success is undeniable. What’s also undeniable is that there are a lot of people out there who’d like to see Apple taken down a peg. That’s something that may eventually happen but it won’t be because of the Apple Watch.
Posted by at No comments:
Labels: ,

Wednesday, July 8, 2015

Mozilla to pick up Firefox release pace, ship version 'soon' for Windows 10

Mozilla will accelerate the release of new features for its Firefox browser, dumping its current 18-week development schedule for something nimbler, a company manager told contributors last week.

The firm will also deliver a browser for Windows 10, a reversal of a 2014 decision to stop work on a touch-based version of Firefox for Microsoft's OS.
MORE ON NETWORK WORLD: 3D printing will transform these five industries

In a pair of messages that Dave Camp, director of Firefox engineering, posted to a mail list, as well as a blog post, Mozilla summarized some of the decisions it reached at an all-hands meeting in Whistler, a Canadian ski resort town north of Vancouver, BC, last week.

"Since Firefox began, the industry has continually evolved how it deploys code to users, and today it isn't done on an 18-week cycle," Camp wrote, referring to the current development cycle, which runs new features through three six-week stretches and a trio of browser builds. "We think there are big wins to be had in shortening the time that new features reach users. As Laura Thomson put it in her Whistler presentation -- 'The trains have served us well, but it's time to build a hyperloop.'"

Camp offered few details about the schedule plans, in large part because they haven't yet been worked out. Unlike other browser makers, Mozilla relies not only on paid developers but also on a community of volunteers, and typically holds public discussions with that community before it decides how to proceed.

"Some of these questions are going to take a while to answer, and will involve a bunch of concurrent discussions," Camp said.

Camp also touted a new concept for Firefox development he labeled "Great or Dead." The idea, he said, was that "every feature in the browser should be polished, functional and a joy to use." In instances where engineers can't meet that bar, the feature should be canned or instead passed to a partner.

Mozilla did the latter last month when it baked the Pocket reading list app into Firefox. Some, however, objected to Pocket's integration, while others argued that the service's privacy and licensing policies were contrary to Mozilla's.

In another message to the same development mailing list, Cook said that Mozilla would change how it implements partners' code. "Folks said that Pocket should have been a bundled add-on that could have been more easily removed entirely from the browser," Cook wrote. "We tend to agree with that, and fixing that for Pocket and any future partner integrations is one concrete piece of engineering work we need to get done."

Another high priority, said Cook, was Electrolysis, or "e10s" for short, Mozilla's attempt to bring multiple processes to Firefox by separating page rendering from content to make the browser more secure and more stable. Rival browsers, including Apple's Safari, Google's Chrome and Microsoft's Internet Explorer (IE), already operate with separate processes.

"One of the first things we need to get right is e10s," said Cook. "e10s is the only way to get the kind of snappy experience we need to make Firefox feel great. We're close, but it's going to take some effort to get over the line."

Mozilla recently beefed up the engineering staff working on e10s, a project that originated in 2009 but has long languished.

Mozilla's intent to speed up Firefox's release schedule was reminiscent of the accelerated tempo Microsoft has pledged for Windows 10 and its bundled Edge browser, which will ship later this month. It wasn't a complete surprise, then, that Mozilla teased a release of Firefox for Windows 10, saying that the browser, like the one it's been creating for Apple's iOS, would ship "soon."


In March 2014, Mozilla abruptly abandoned work on a touch-enabled Firefox for Windows 8, citing apathetic adoption of the previews and taking a swipe at Microsoft's bifurcated OS along the way. The cancellation put a match to two years of work by Mozilla's engineers and designers, although the company said it would not discard the code, but mothball it for possible use down the road.

That time has apparently come.

Mozilla did not provide any further information about Firefox for Windows 10 or iOS, other than to say that it planned to provide an "independent and high-performing alternative to the stock browser" on both platforms.

Mozilla's work on Firefox will be crucial to the company. The browser remains its most potent weapon -- efforts in mobile, particularly Firefox OS, have failed to capture the imagination of users -- because search deals cut with the likes of Yahoo are its primary money makers.

Firefox's user share has plummeted in the last two years, declining by 42% during the period. So far in 2015, however, its share has stabilized around 12% of all browsers worldwide, ending June with 12.1%, up slightly from the month prior. Firefox's losses have gone almost entirely to Chrome, which could reach the 30% milestone as early as November.
Posted by at No comments:
Labels:

Friday, June 26, 2015

How to train your Surface Pro 3: Tips, tricks, hacks

We’ve collected several tips for Microsoft’s popular tablet computer.

Surface Pro 3 tips
We’ve collected several tips for Microsoft’s popular tablet computer. Most are useful or interesting, one is kind of silly, and another is a nearly literal hack to the Surface Pro 3. Enjoy!
surface pro3 tips tricks 2

Train Surface Pro 3 to better recognize your handwriting
The Surface Pro 3 has software that’s already set to learn your handwriting when using the Surface Pen, for converting your written notes to typed text. If you use the tablet a lot for note taking, though, then you should run the Handwriting Personalization program and take a moment to train it to improve its recognition of what you write. There are two ways to do this: by writing specific characters and words you want it to recognize, or following the program as it instructs you to write out sentences or characters (letters, numbers, symbols) that it assigns you.

Deactivate the Windows button
When using the Surface Pro 3 as a tablet, it’s not uncommon to accidentally press the Windows logo button on its bezel. This can happen when you hold the device in landscape mode with both hands, and your thumb touches the button. Or, when using the Surface Pen, your palm, wrist or arm might trigger it. You can deactivate it by opening the Device Manager, double-clicking System devices, double-clicking the Surface Home Button, clicking the Drivers tab and then clicking the Disable button.

Make the Surface Pen more comfortable to hold
If the Surface Pen feels too small in your hand or slips from your grip, or your fingers or thumb accidentally press the buttons on its shaft, try adding a grip to it. Web-comic artist Daniel J. Hogan used the rubber grip from a mechanical pencil, cutting a slit along it so that the digital pen’s two buttons are exposed through it and can still be pressed. Check it out here.

Get a free replacement nib for the Surface Pen
The tip of the Surface Pen, which is called a nib, wears out over use. This is true for any digital pen, but there have been grumblings by some users that the nib in the Surface Pen wears out too quickly. Microsoft has been sending replacement nibs for free to Surface Pro 3 owners who call their technical support line. Or, if you live near a Microsoft Store location, it may be worth visiting it to see if they have nibs in stock to give.

Run Disk Cleanup to free up space on the SSD
Check for large temporary files that may be taking up a lot of space on your Surface Pro 3’s SSD. Launch File Explorer, Right-click on the “C:” drive and select “Properties” from the pop-up menu. Click the “Disk Cleanup” button. After the program has scanned your SSD, from the Disk Cleanup window, click the “Clean up system files” button. This operation will take a bit longer. When the Disk Cleanup window re-appears, scroll down through the list under “Files to delete” and note any large file sizes, such as “Temporary files.” Click a check next to the categories that are taking up lots space, and click the “OK” button next to clear them out.

Use a micro SD card to store personal folders or Windows apps
More involved ways to free up space on the Surface Pro 3’s SSD are to have your default personal folders (i.e. Documents, Music, Pictures, Videos) moved to a micro SD card, and to have your Windows apps installed onto the card. Alejandro Ramirez gives a thorough step-by-step on how to do either of these, and his tips apply to any Windows notebook or tablet that can use SD cards.

Replace the SSD with a larger one (don’t try this at home)
This hack is definitely not something we recommend: Cutting out a window in the back of the tablet’s case to access the SSD so you can replace it. But a man named Jorge Malagon did this by taking a diagram showing the inside components of the Surface Pro 3 and using it as a template to pinpoint where the SSD is situated behind the rear casing. Then with a Dremel tool he carefully cut open a square section over the SSD. You can see how he did it here.

Assign an “Insert” key function on the Type Cover keyboard
The Type Cover for the Surface Pro 3 lacks an “Insert” key. Most people don’t notice this, since it’s not a key used much nowadays, and not supported by many programs. You can use the Registry Editor to remap the Type Cover keyboard so it can execute an “Insert” key command, but Scott Hanselman, a programmer who works for Microsoft, recommends using a free program, SharpKeys, to do this. It’s easier and safer. He changed his Type Cover’s right-hand “Alt” key to serve as a de facto “Insert.”

Use a USB-powered fan to keep the Surface Pro 3 cool
To prevent overheating, the tablet slows its processor speed when things start to become too toasty, typically when running graphics intensive programs. This of course reduces performance. A YouTube user claims that connecting a USB-powered fan and aiming it at the back of the tablet can keep it cool. This “fix” sounds a little silly to us, since the fan is using the tablet’s battery, and as the battery level becomes low, the Surface Pro 3 will clock down its processor. But it could be handy to have a USB-powered fan with you when you’re going mobile with the Surface Pro 3.

Install Linux or OS X
You can turn your Surface Pro 3 into a “Hackintosh” by installing OS X 10.10 (“Yosemite”) on it. Unfortunately, this hobbyist’s effort has yet to get either the touchscreen or Wi-Fi of the Microsoft tablet working on the Macintosh OS. You’ll have better luck getting both features working with Ubuntu, but several tweaks may be necessary to get the hardware of the tablet to work fully. Development in making this Linux distro work flawlessly on the Surface Pro 3 is currently ongoing.
Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com
Posted by at No comments:
Labels: , , , ,

Tuesday, June 23, 2015

Google looks for content makers to test its Jump VR video camera

Google may have a strong interest in applicants who have creative backgrounds, like film making and directing

If you're an aspiring virtual reality content producer, Google wants to give you a chance to test the Jump camera system it developed for recording video to be used in VR environments.

People interested in trying their hand at capturing 360-degree video with Jump can fill out a form Google posted on Monday that asks basic biographical questions as well as details on how they would use the system.

Google didn't say how many "select creators" it would chose, but those who are picked will be able to start using the 16-camera rig this summer.

Google seems especially interested in people with creative backgrounds. The jobs that people can select in the form's occupation section include filmmaker, director, artist and production staff -- but there is an "other" section that allows write-ins if none of the above apply.

There's also a section where applicants can explain why they want to test Jump -- and "awesome answers might put you at the top of the list," Google said.

Google worked with GoPro to build Jump, which has 16 of the company's Hero4 cameras attached to a circular frame. Jump's price and availability weren't provided when the rig was shown at Google's I/O developer's conference in May. However, given that a Hero4 camera retails for approximately US$500, initial Jump buyers will likely have deep pockets.

The first videos created with Jump will appear on YouTube this summer, Google said at I/O. People will be able to experience them via the Google Cardboard viewer.



Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com
Posted by at No comments:
Labels: , ,

Wednesday, May 13, 2015

Exam 70-332 Advanced Solutions of Microsoft SharePoint Server 2013

Exam 70-332
Advanced Solutions of Microsoft SharePoint Server 2013

Published: 01 February 2013
Languages: English, Chinese (Simplified), French, German, Japanese, Portuguese (Brazil)
Audiences: IT professionals
Technology: Microsoft SharePoint Server 2013
Credit towards certification: MCP, MCSE

Skills measured
This exam measures your ability to accomplish the technical tasks listed below. The percentages indicate the relative weight of each major topic area in the exam. The higher the percentage, the more questions you are likely to see on that content area in the exam.

Please note that the questions may test on, but will not be limited to, the topics described in the bulleted text.

Plan business continuity management (21%)
Plan for SQL high availability and disaster recovery
Plan for SQL Server mirroring; plan for SQL Server clustering; plan for SQL Server AlwaysOn; plan for SQL Server Log Shipping; plan for storage redundancy; plan for login replication
Plan SharePoint high availability
Plan for service distribution; plan for service instance configuration; plan for physical server distribution; plan for network redundancy; plan for server load balancing; plan for SQL Server aliases

Plan backup and restore
Establish a SharePoint backup schedule; establish an SQL Server backup schedule; plan a non-production environment content refresh; plan for farm configuration recovery; plan for service application recovery; plan for content recovery

Plan for high availability and disaster recovery for SharePoint 2013
Tuning SQL Server 2012 for SharePoint 2013: (04) SQL Server and SharePoint availability
Plan for backup and recovery in SharePoint 2013

Plan a SharePoint environment (20%)
Plan a social workload
Plan communities; plan My Sites; plan social permissions; plan user profiles; plan activity feeds; plan connections
Plan and configure a search workload
Plan and configure search result relevancy; plan and configure index freshness; plan and configure result sources; plan and configure the end-user experience; plan and configure a search schema; analyse search analytics reports

Plan and configure a Web Content Management (WCM) workload

Plan and configure channels; plan and configure product catalogue and topic pages; plan and configure Design Manager; plan and configure content deployment; plan and configure display templates; plan and configure variations

Plan an Enterprise Content Management (ECM) workload

Plan and configure E-Discovery; plan and configure document routing; plan and configure co-authoring; plan and configure record disposition and retention; plan large document repositories; plan and configure software boundaries

Plan for SharePoint 2013
Capacity planning for SharePoint Server 2013
Module 9: SharePoint 2013 ECM and WCM considerations

Upgrade and migrate a SharePoint environment (20%)

Evaluate content and customisations

Perform migration pre-check tasks; analyse content database test results; configure web application authentication for upgrade; resolve orphan objects; resolve missing file system components; resolve configuration conflict issues

Plan an upgrade process

Plan removal of servers in rotation; configure a parallel upgrade; configure read-only access for content; configure upgrade farms; measure upgrade performance; plan an installation sequence

Upgrade site collection

Perform a health check; analyse and resolve health check results; plan and configure available site collection modes; plan and configure site collection upgrade availability; plan and configure EVAL mode; plan and configure site collection upgrade throttling

Upgrade and migrate to SharePoint 2013 (IT pros)
Plan for upgrade to SharePoint 2013
Upgrade a site collection to SharePoint 2013

Create and configure service applications (21%)
Create and configure app management

Create and configure the App Store; create and configure subscriptions; configure marketplace connections; configure DNS entries; configure wildcard certificates

Create and configure productivity services

Create and configure Microsoft Excel Services, Microsoft Access services, Microsoft Visio services, Microsoft Word Automation services, Microsoft PowerPoint Conversion services, and Translation Services

Configure service application federation

Plan services to federate; perform a certificate exchange; manage trusts; manage service application permissions; publish service applications; consume service applications

Create and configure a Business Connectivity Service (BCS) and Secure Store application

Import and configure BCS models; configure BCS model security; configure BCS for search; generate a Secure Store master key; manage Secure Store target application permissions; create Secure Store target applications

Preparation resources

Module 6: SharePoint 2013 service application architecture and individual service applications
Configure services and service applications in SharePoint 2013
Configure business connectivity services solutions for SharePoint 2013

Manage SharePoint solutions, BI, and systems integration (18%)

Manage SharePoint solutions and applications

Manage sandbox solution quotas; configure sandbox solution management; deploy farm solutions; upgrade farm solutions; deploy Apps; upgrade Apps

Plan and configure a BI infrastructure

Plan and configure Performance Point; plan and configure reporting services; plan and configure PowerPivot; plan and configure Excel Services; plan and configure PowerView; plan and configure BI security

Create and configure work management

Configure a connection to Exchange; configure a connection to Microsoft Project Server; manage trusts; plan Exchange configuration for E-Discovery

Preparation resources
Install and manage solutions for SharePoint 2013
Business intelligence scenarios and solutions
SharePoint 2013: Work management service application


QUESTION 1
You are instructed to make sure that the prerequisites with regards to the MyABC.ABC.com site
and the creation of site collections are suitably met.
You have Setup My Sites setting for the User Profile service application to make use of the URL of
the My Site host site collection.
Which of the following actions should you take NEXT?

A. You should consider configuring the Explicit exclusion type.
B. You should consider configuring the Explicit inclusion type.
C. You should consider configuring the Wildcard exclusion type.
D. You should consider configuring the Wildcard inclusion type.

Answer: B

Explanation:

QUESTION 2
You are preparing to configure authentication for the ABC360.ABC.com site as per the
requirements.
Which of the following actions should you take FIRST?

A. You should consider creating a new PerformancePoint target application.
B. You should consider creating a new Secure Store target application.
C. You should consider creating a new PerformancePoint target application.
D. You should consider creating a new Word Automation target application.

Answer: B

Explanation:

QUESTION 3
You have been instructed to make sure that language support meets the prerequisites.
Which of the following actions should you take?

A. You should consider creating one label and setting the locale to English (US).
B. You should consider creating one label and setting the locale to Dutch (HOL).
C. You should consider creating one label and setting the locale to French (FRA).
D. You should consider creating two labels and setting the locale of one label to English (US) and
the other to Dutch (HOL).

Answer: A

Explanation:

QUESTION 4
You have been asked to make sure that developers are assigned the correct permissions as per
the prerequisites.

A. You should consider making use of the Set Metadata Store Permissions option to assign the
Full permissions.
B. You should consider making use of the Set Metadata Store Permissions option to assign the
Read permissions.
C. You should consider making use of the Set Metadata Store Permissions option to assign the
Edit permissions.
D. You should consider making use of the Set Metadata Store Permissions option to assign the
Write permissions.

Answer: C

Explanation:

QUESTION 5
You are preparing to configure Excel Services to meet the prerequisites.
Which of the following actions should you take?

A. You should consider adding a Trusted Data Connection Library to the ABC360.ABC.com site.
B. You should consider adding an Unattended Service Account to the ABC360.ABC.com.
C. You should consider adding the User-defined functions allowed option to the
ABC360.ABC.com.
D. You should consider adding a trusted file location to the ABC360.ABC.com site.

Answer: D

Explanation:
Posted by at No comments:
Labels: , , , , , , ,
Subscribe to: Posts (Atom)