My information Resource (blog.mir.net)

 

 

 

 

 

 

Download all formats (PDF, Mobi and ePub) at the Microsoft Virtual Academy.

July 15, 2015 update: You can now get this eBook with interactive features by downloading the free Microsoft Press Guided Tours app from the Windows Store.

 

Getting Started with Azure Security for the IT Professional If you’re an IT Professional interested in cloud security options you will want to watch this course. Get the information and the confidence you need from Rick Claus and a team of security experts and Azure engineers, as they take you beyond the basic certifications and explore what’s possible inside Azure. Find out how to ensure that your cloud solution meets (and exceeds!) your own personal and your organization’s bar for security, including industry standards, attestations, and International Organization for Standardization (ISO) certifications.

Click Here for the class

Windows 10: Update for IT Pros

Watch this course as Australia Senior Evangelist, Jeff Alexander explores Windows as a Service, and what it means for your business. He discusses Windows 10 deployment, and the new and updated ways to update devices. You’ll learn what’s new in management and the Windows Store, the new runtime provisioning feature in Windows 10, and the new era of security features in Windows 10. ​

Click Here for the Class

 

The conference will be opened with a keynote address by Tim Rains, Chief Security Advisor, WW Cyber security & Data Protection, Enterprise & Partner Group, Microsoft Corporation followed with a keynote by Ron Ross, Fellow at the National Institute of Standards and Technology (NIST).

For 2015, NYMJCSC is offering a pre-conference workshop on Tuesday, October 13th featuring four in-depth full-day hands-on classroom-style educational courses to expand your knowledge and foster security discussions.

NYMJCSC: Who We Are
The New York Metro Joint Cyber Security Conference is a collaborative event cooperatively developed, organized and sponsored by the leading information security industry organizations and chapters.

• InfraGard (New York Metro)
• ISACA (New York Metro, New Jersey and Greater Hartford Connecticut)
• (ISC)2 (New Jersey)
• ISSA (New York)
• OWASP (New York Metro, Long Island, Brooklyn)
• HTCIA (North East Region)
• ACFE (New Jersey)

Driven by the collaboration between members of this coalition, the strength of organizational membership, the provision of desirable CPE credits and the concurrence of National Cyber Security Awareness Month, the NYMJCSC promises — once again — to be a well-attended by members of the information technology, information security, audit, academic, and business communities.

As part of our educational mission as a coalition of non-profit organizations, registration fees are only to cover the costs of the facility, food and refreshments.

Schedule for workshops OCT 13 is Here

Schedule for Oct 14 is Here

 

This article, Major flaw in Android texting discovered, originally appeared on TechRepublic.com.

View gallery

.

Recently, a rather disturbing flaw has been discovered in the Android platform. Joshua Drak, from Zimperium zLabs, reported some serious flaws in the Android platform back in April, 2015. Simply by knowing a user’s phone number, someone could send a text to that number and break into the device. The end user doesn’t need to open a file, click on a link, or install a third-party piece of software. They only need receive a text.

To make matters worse, the malicious code takes over the second said text is received, even before Android has had a chance to notify you of the incoming missive.

How it works is simple:

1. The hacker creates a short video
2. The hacker tucks malicious code inside the video
3. The hacker texts the video to your number

If you’re using the Google Hangouts messenger app, the video processes the second it is received. The attacker could even delete the message before you noticed (if you ever noticed) anything had gone on. If, on the other hand, you’re using the default messenger app, you would actually have to view the text before processing begins.

The flaw resides in the Android media playback system called Stagefright, which allows users to infiltrate a device and exfiltrate data. There are six major remote code execution bugs, and they are said to be the worst Android flaws to ever be uncovered. To make matters worse, most affected software has not been patched.

In some older devices, such as the Samsung Galaxy S4, the malicious code runs with escalated privileges, so the attacker gains access to even more data.

The good news is the patch for this vulnerability has been submitted and should find its way to your device very soon.

What to do now

Until the patch has managed to make its way to your device, your best bet is to not use Google Hangouts. Period. If you’ve adopted Hangouts as your default messaging tool, unset it. To do this, follow these steps:

1. Open Hangouts
2. Tap the overflow menu (three horizontal lines in the top left corner)
3. Tap Settings in the sidebar
4. Tap the account associated with Hangouts
5. Locate Messages (under GOOGLE VOICE)
6. Tap to uncheck Messages
7. Open the default Android Messenger app
8. Tap the menu button
9. Tap Settings
10. Tap Default SMS app
11. Again, tap Default SMS app
12. Select Messenger (Figure A)

Figure A

View gallery

.

Image: Jack Wallen

Unsetting Google Hangouts as the default SMS client.

You should also consider using an SMS blocker tool, such as TEXT BLOCKER to help prevent incoming texts from unknown numbers.

At this point, at least you know that, in order for the malicious code to reach your system, you’ll have to view the message (you don’t even have to play the video). The safest bet is to not even view messages from unknown numbers.

Considering these bugs were reported back in April, it’s fairly shocking to find out they still remain. I hope that the recent release of the known bug (and the ensuing barrage of media coverage) will help light a fire under Google and other application developers to fix this vulnerability.

Second Shot provides you with a free retake on your exam should you need it – at no additional cost to you. To qualify as free, the retake must be the same exam as the one you didn’t pass. Plus, either exam can be taken in a testing center or through Online Proctoring (OP), offering you greater exam taking flexibility. Find out if OP is available in your country.

To qualify for Second Shot,

• Schedule and take an MCP exam between July 12, 2015, and January 12, 2016. Simply go to https://www.microsoft.com/learning, log in, and schedule your exam.

• After your exam, log in to check your personal dashboard at https://www.microsoft.com/learning to verify testing results. Please allow up to 24 hours for results to show up on the dashboard.

• Register for your retake within 30 days of the date from the failed exam date.

• Review the Pearson VUE testing center availability for your specific exam and then schedule your retake.

• For complete terms and conditions of this offer, visit the Second Shot page on our website.

For More Info go here

 

Here are a few classes that you might want attend.

What’s New in Windows Server 2016 Preview Jump Start

Would you like to get your IT department out of the business of managing routine, manual, error-prone tasks so you can finally focus on higher value improvement and deployment activities that delight your enterprise users? Join us for a demo-packed look at Windows Server 2016 Preview, and see why it is the platform of choice for the integrated datacenter.
A team of experts walks you through a host of new automation features and support for partner technologies and your open source solution investments. In these two half-day sessions, explore enhanced virtualization functionality, together with automated processes and configuration to help you spin up compute, storage, and networking resources faster. Preview new features that reduce system downtime, find out how rolling upgrades can help you adopt updates and operating systems faster for Hyper-V and Scale-Out File Server, and take a look at new storage replication technology. Plus, check out the zero-footprint, cloud-optimized Nano Server technology, along with scripting with the new PowerShell Desired State Configuration features. Build on your Windows Server knowledge, and find out what’s new in Windows Server 2016 Preview!

Course Outline:

• Introducing Windows Server 2016 Preview
• Server Virtualization in Windows Server 2016 Preview
• Introducing Nano Server
• Introducing Windows and Hyper-V Containers
• Software-Defined Storage in Windows Server 2016 Preview
• Software-Defined Networking in Windows Server 2016 Preview
• Automation in Windows Server 2016 Preview

Register Here

Preparing Your Enterprise for Windows 10 as a Service

What do you need to begin testing Windows 10 for your organization? Find out, in the fifth episode of the Enterprise Mobility Core Skills series. Learn about and see some of the features that make Windows 10 useful to your users and a powerful technical platform for IT Pros.
Gain core skills around new infrastructure components to take advantage of everything in Windows 10. Find out how Windows will evolve through servicing, and learn how you can make the most of servicing to get new features to your users faster.

Register Here

 

Getting Started with Windows 10 for IT Professionals

Here is a online course you can take about windows 10

Register Here

 

Here is a second in a series of articles on using PowerShell I would suggest for the beginner use PowerShell ISE this will help you with the commands. We cover IP configuration in this article.

Some Commands that you can use in PowerShell are;

Get-NetAdapter

Restart-NetAdapter

Get-NetIPInterface

Get-NetIPAddress

Get-NetRoute

Get-NetConnectionProfile

Get-DNSClientCache

Get-DNSClientServerAddress

Register-DnsClient

Set-DnsClient

Set-DnsClientGlobalSetting

Set-DnsClientServerAddress

Set‑NetIPAddress

Set‑NetIPv4Protocol

Set‑NetIPInterface

Test-Connection

Test-NetConnection

Resolve-Dnsname

By knowing this we can use this to do IPv4 Troubleshooting Process, we could use the old command line tools, but with PowerShell we can save results and pipe some commands. For example;

Step	Windows PowerShell	Command-line tool
Verify the network configuration is correct	Get-NetIPAddress	ipconfig
Identify the network path between hosts	Test-NetConnection -TraceRoute	tracert
See if the remote host responds	Test-NetConnection	ping
Test the service on a remote host	Test-NetConnection -Port	Telnet
See if the default gateway responds	Test-NetConnection	ping

 

Here is a start of a series of articles on using PowerShell I would suggest for the beginner use PowerShell ISE this will help you with the commands.

Here are some cmdlets that Manage User Accounts

Cmdlet	Description
New-ADUser	Creates user accounts
Set-ADUser	Modifies properties of user accounts
Remove-ADUser	Deletes user accounts
Set-ADAccountPassword	Resets the password of a user account
Set-ADAccountExpiration	Modifies the expiration date of a user account
Unlock-ADAccount	Unlocks a user account after it has become locked after too many incorrect login attempts
Enable-ADAccount	Enables a user account
Disable-ADAccount	Disables a user account

Here are some cmdlets that Manage Groups

Cmdlet	Description
New-ADGroup	Creates new groups
Set-ADGroup	Modifies properties of groups
Get-ADGroup	Displays properties of groups
Remove-ADGroup	Deletes groups
Add-ADGroupMember	Adds members to groups
Get-ADGroupMember	Displays membership of groups
Remove-ADGroupMember	Removes members from groups
Add-ADPrincipalGroupMembership	Adds group membership to objects
Get-ADPrincipalGroupMembership	Displays group membership of objects
Remove-ADPrincipalGroupMembership	Removes group membership from an object

Here are some cmdlets that Manage Computer Accounts

Cmdlet	Description
New-ADComputer	Creates new computer accounts
Set-ADComputer	Modifies properties of computer accounts
Get-ADComputer	Displays properties of computer accounts
Remove-ADComputer	Deletes computer accounts
Test-ComputerSecureChannel	Verifies or repairs the trust relationship between a computer and the domain
Reset -ComputerMachinePassword	Resets the password for a computer account

Here are some cmdlets that Manage OUs

Cmdlet	Description
New-ADOrganizationalUnit	Creates OUs
Set-ADOrganizationalUnit	Modifies properties of OUs
Get-ADOrganizationalUnit	Views properties of OUs
Remove-ADOrganizationalUnit	Deletes OUs

 

So now that we have basic commands look what we can do just using the Get-ADuser PowerShell command.

Show all the properties for a user account:

Get-ADUser –Name “Administrator” -Properties

Show all the user accounts in the Sales OU and all its sub containers in the foo.com domain

Get-ADUser –Filter * -SearchBase “ou=Sales,dc=foo, dc=com” -SearchScope subtree

Show all of the user accounts with a last logon date older than a specific date:

Get-ADUser -Filter {lastlogondate -lt “January 1, 2015”}

Show all of the user accounts in the Sales department that have a last logon date older than a specific date:

Get-ADUser -Filter {(lastlogondate -lt “January 1, 2015”) -and (department -eq “Sales”)}

Now let’s get Wild…… Let show how to make this really easy to use by the use of Pipes.

Use the pipe character ( | ) to pass a list of objects to a cmdlet for further processing (think about the results of 1 cmdlet being used by the next.

So this script will look for users who have not login since January 1, 2015 and the use that to then disable those accounts….

Get‑ADUser ‑Filter {lastlogondate ‑lt “January 1, 2012”} | Disable‑ADAccount

I could have saved the first part of the command to a text file called users.txt and then ran

Get-Content C:users.txt | Disable-ADAccount

 

Here are some resources for you to get up to speed.. July 29 is the day .

These are Video from the Ignite conference ..

•	Overview of Windows 10 for Enterprises – Jim Alkove
•	Secure Authentication with Windows Hello – Nelly Porter
•	A New Era of Threat Resistance for the Windows 10 Platform – Chris Hallum
•	The New User Experience with Windows 10 – Chaitanya Sareen
•	What’s New in Windows 10 Management and the Windows Store – Michael Niehaus
•	Windows 10 Mobile Device Management (MDM) in Depth – Janani Vasudevan
•	Top Features of Windows 10 – Simon May
•	Provisioning Windows 10 Devices with New Tools – Vladimir Holostov
•	Windows as a Service: What Does It Mean for Your Business? – Michael Beck
•	Windows 10: Ask the Experts – Mark Minasi & Experts

 

Advances in scripting security and protection in Windows 10 and PowerShell V5.

Learn how the Windows PowerShell team has significantly advanced security focused logging and detection in Windows 10 and PowerShell v5.

Lear more Here