Why IT design skills are important, and how to measure them

February 29, 2008 3 Comments

The comments on my earlier post about the MS Security Design exam 70-298 prompted me to add some more general thoughts.

I agree with the comment made that the design exams do generally seem easier in some respects than the straight technical ones, as you don’t need to know the same level of detail of exactly how to do something in terms of making choices in a dialogue box.

On the other hand, the MS design exams do expect you to be able to take in, digest and interpret a load of business and technical requirements (some of the latter may only be implied from the former, some will be explicitly stated). The breadth of this is where the challenge lies in the real world, although the exam will often lead you in the right direction, rather than a blank sheet of paper on which to write an IT security plan. The nature of a computer-based exam does not lend itself to open questions; it would be very hard to make any kind of meaningful sense out of your answer to “How would you improve the security of the data for this organisation? (answer in no more than 200 words)”.

Read more of this post

Filed under Security and Malware, Training + certification Tagged with , , ,

Passed 70-298 "Designing Security for a Windows 2003 Network"

February 22, 2008 5 Comments

This morning I took and passed Microsoft exam 70-298 “Designing Security for a Windows 2003 Network”. Having not taken one of these scenario-style design exams before, I was a little cautious even though I was fairly confident of my knowledge of the material.

The first section had 11 questions which was great as I had made loads of notes from the provided fictional case studies, and I sailed through with loads of time to spare. Unfortunately the format of these exams is that the time for each part is independent, so you don’t get to carry any spare time to the next set of questions and use it there. I had a couple of shorter sections where I maybe spent too long reading the materials and answered the last question with seconds to spare.

Overall I found this style of exam to be right up my street; taking in lots of information in a very short time and then applying my technical knowledge to this to come up with solutions to the business issues. Despite the rushed time on a couple of questions I came away with my best score to date on a Microsoft MCP exam, and won’t need to use my second chance to take this.

How do you find these design exams compare to the ‘normal’ technical ones?

Filed under Security and Malware, Training + certification Tagged with , ,

How Vista file copy has improved with sp1

February 19, 2008 Leave a Comment

Mark Russinovich is very well known within the technical community as an authority on detailed information on the inner workings of Microsoft products. Author of several books including the Windows resource kit “Windows Internals” volume, and founder of Winternals and sysinternals.com, he is now a Technical Fellow in the Platform and Services Division at Microsoft.

In a recent blog post, Mark explains in great detail the file copy process in Vista, why it changed radically from XP and how this impacted real and perceived performance of this basic function. He goes on to explain how some of this has been changed and remedied in Vista Service Pack 1. He makes it clear that some of the code design choices have to be compromises between making things faster in different situations, and that in most cases Vista <> Server 2008 filecopying will be faster using the chosen algorithms than they would be with different choices, or using XP or server 2003 for example.

Copying a file seems like a relatively straightforward operation: open the source file, create the destination, and then read from the source and write to the destination. In reality, however, the performance of copying files is measured along the dimensions of accurate progress indication, CPU usage, memory usage, and throughput. In general, optimizing one area causes degradation in others. Further, there is semantic information not available to copy engines that could help them make better tradeoffs. For example, if they knew that you weren’t planning on accessing the target of the copy operation they could avoid caching the file’s data in memory, but if it knew that the file was going to be immediately consumed by another application, or in the case of a file server, client systems sharing the files, it would aggressively cache the data on the destination system.

The article is also a useful working example of how Process Monitor can help you to see what your machine is really up to. On the same subject, Mark gave a great Tech Ed presentation in Barcelona with some real-world demonstrations of how to use a variety of Sysinternals tools and utilities to detect, find and fix all sorts of system issues. A video of that talk entitled “The Case of the Unexplained…Live!” can be viewed here (it’s just over an hour long).

Filed under Patching + hotfixes, Utilities + Tools, Windows Vista Tagged with , , ,

Windows Server 2008 Security Resource Kit coming very soon

February 15, 2008 1 Comment

book cover - Windows Server 2008 Security Resource KitJesper Johansson has put together a great book for Windows Server 2008 focusing on security and providing a load of resources that go beyond the shipped product.

Produced by a group of world-class contributors including several MVPs and members of Microsoft’s server security team, this is likely to be the definitive reference on the subject for some time.

According to Jesper’s blog it has now gone to press.

This official Microsoft Resource Kit delivers the in-depth, technical information and tools you need to help protect your Windows®–based clients, server roles, networks, and Internet services.

Leading security experts explain how to plan and implement comprehensive security with special emphasis on new Windows security tools, security objects, security services, user authentication and access control, network security, application security, Windows Firewall, Active Directory® security, group policy, auditing, and patch management. The kit also provides best practices based on real-world implementations.

You also get must-have tools, scripts, templates, and other key job aids, including an eBook of the entire Resource Kit on CD.

It’s an MS Press title so it should be pretty widely available, I will be pre-ordering my copy from here at The Register book store, as they have really competitive pricing and free delivery for orders over £25 at the moment.

Filed under Reviews, Security and Malware, Windows Server 2008 Tagged with

Happy Valentine’s Day to you all

February 14, 2008 Leave a Comment

Happy Valentine's Day

From here: XKCD Webcomic

Filed under Trivia and fun stuff

Marketing obfuscation minimises clarity of message delivery vector

February 13, 2008 1 Comment

In the latest Technet newsletter to drop into my inbox I found this nugget of barely-comprehensible garbage (my emphasis):

The runaway success of Microsoft Office SharePoint Server (MOSS) 2007 owes largely to its ability to integrate disparate data formats in a standard content management engine that facilitates unrivaled information sharing and collaboration. As noted in the current edition of TechNet Magazine, SharePoint makes it possible to standardize many aspects of content and lifecycle characteristics through content types…

So, let’s try a translation of that middle bit:

…owes largely to the fact that it allows people to share and collaborate on a wide variety of types of data through a single platform.

Better, although I’m still not entirely happy with “platform”. The user experience is to access the data through different software products (within their applications or directly through a portal / intranet site) so “single piece of software” could be misunderstood. “Single server” is not necessarily true either – what do you think? Is the message being lost somewhere along the way here? How could this be written to describe the key benefits of MOSS clearly, unambiguously, and without paradigm-shifting “marketing-speak?

Filed under Trivia and fun stuff Tagged with ,

Internet Explorer 7 automatic installation via WSUS today

February 12, 2008 Leave a Comment

You may find that your XP and Server 2003 machines running Internet Explorer 6 are upgraded to version 7 today if you have a certain set of things in place:

  • You use WSUS to manage updates in your organization.
  • You have Windows XP Service Pack 2 (SP2)-based computers or Windows Server 2003 Service Pack 1 (SP1)-based computers that have Internet Explorer 6 installed.
  • You have configured WSUS to auto-approve Update Rollups for installation (this is not the default configuration)

If for some reason you do not want to install Internet Explorer 7 (such as it causes problems with an intranet or extranet application) then you need to take some remedial action to prevent this installation from taking place. Read on to find out how to check if this will happen and stop it if this is not what you want.

Read more of this post

Filed under Patching + hotfixes Tagged with ,

Windows Server 2008 Group Policy settings reference

February 11, 2008 Leave a Comment

Now that Windows Server 2008 has been released to manufacture (RTM), MS have published the usual spreadsheet reference containing all the settings which are available through Group Policy for managing Server 2008, Vista and all prior versions.

Download the Group Policy Settings Reference for Server 2008 in Excel 2007 (.xlsx) or older version (.xls) format.

Interestingly, this also includes 9 settings which are only available for Windows Vista service pack 1 (which also RTM’d last week). All of these are to do with controlling security settings for terminal services (RDP) sessions, including a setting I will find particularly useful to control whether a session can be established when the server cannot be authenticated.

Read more of this post

Filed under Group Policy, Windows Server 2008, Windows Vista Tagged with , , ,

Windows Server 2008 goes gold

February 6, 2008 1 Comment

Microsoft have now released Windows Server 2008 to manufacturing in the same week as Vista SP1 has also been finalised.

Release candidate code has been available since December for various subscribers such as Technet, MSDN and Microsoft partners. Read more of this post

Filed under Windows Server 2008 Tagged with , , , ,

Vista Service Pack 1 gets the green light

February 5, 2008 2 Comments

Vista’s much-awaited service pack 1 has had the go-ahead and is “released to manufacturing” (RTM). This means they can start pressing CD’s and get things moving through distribution channels, OEM and retail so people will soon be able to buy the product with sp1 built in (“slipstreamed”).

Read more about the release of Service Pack 1 for Vista here. The short version is that it won’t be available to actually download until mid-March

One of the benefits likely to get most press will be the changes to how Microsoft enforce their licencing through the “Windows Genuine Advantage” (WGA) programme which requires the software to be activated in order to continue using the full functionality. This has been held back from all the beta versions and will only take effect in the final released version. Paul Thurrott discusses this at his SuperSite for Windows:

First, Microsoft is disabling the two most common exploits that exist today for bypassing product activation in Vista … Pirate Windows users utilizing one of these hacks will see their systems return to the intended state–typically a grace period countdown–once SP1 is installed.

The second change is more dramatic. … If the product activation period expires, for example, Vista moves into Reduced Functionality Mode (RFM), where the user can only access the IE Web browser for 60 minutes at a time before being logged out; … Non-Genuine State (NGS), occurs when an activated copy of Vista fails a Web-based validation check, such as when you attempt to download software from the Microsoft Web site. In this case, certain features–like Windows Aero and ReadyBoost–are completely disabled, while others–like Windows Update and Windows Defender–work in limited ways only.

Beginning with SP1, RFM and NGS are a thing of the past.

Improvements to the software itself generally focus on performance and stability, but it does also improve on driver support and providing better APIs for third-party products such as anti-virus and desktop search (partly due to complaints that vendors were being “locked out” and could not develop products on an equal footing with Microsoft themselves).

One area which should be much better is the slow copying of files (even within a disk) which has plagued some systems. I will run some test copies of sets of large and small files and once I have the service pack installed I’ll post some results on how much performance gain I get.

Filed under Patching + hotfixes, Windows Vista Tagged with , , ,

Follow

Get every new post delivered to your Inbox.

Join 86 other followers