Category Archive:

Exam 70-475 Designing and Implementing Big Data Analytics Solutions

Published: October 27, 2015
Languages: English
Audiences: IT Professionals
Technology: Microsoft Azure
Credit toward certification: Specialist

Skills measured
This exam measures your ability to accomplish the technical tasks listed below. View video tutorials about the variety of question types on Microsoft exams.

Please note that the questions may test on, but will not be limited to, the topics described in the bulleted text.

Do you have feedback about the relevance of the skills measured on this exam? Please send Microsoft your comments. All feedback will be reviewed and incorporated as appropriate while still maintaining the validity and reliability of the certification process. Note that Microsoft will not respond directly to your feedback. We appreciate your input in ensuring the quality of the Microsoft Certification program.

If you have concerns about specific questions on this exam, please submit an exam challenge.

If you have other questions or feedback about Microsoft Certification exams or about the certification program, registration, or promotions, please contact your Regional Service Center.

Design big data batch processing and interactive solutions (20-25%)
Ingest data for batch and interactive processing, design and provision compute clusters, design for data security, design for batch processing, design interactive queries for big data

Design big data real-time processing solutions (25-30%)
Ingest data for real-time processing, design and provision compute resources, design for lambda architecture, design for real-time processing

Design machine-learning solutions (25-30%)
Create and manage experiments, determine when to pre-process or train inside Machine Learning Studio, select input/output types, apply custom processing steps with R and Python, publish web services

Operationalize end-to-end cloud analytics solutions (25-30%)
Create a data factory, orchestrate data processing activities in a data-driven workflow, monitor and manage the data factory, move, transform, and analyze data

Click here to view complete Q&A of 70-475 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft 70-475 Training at certkingdom.com

 


Continue Reading

How to craft a security awareness program that works

Organizations struggle with making security awareness training programs that work. One expert says that’s because we treat security awareness training as an event rather than a continuous program of education that adapts to the risks employees face.

Employees are often considered the weakest link in organizations’ efforts to create a strong security posture. Even organizations with security awareness programs in place struggle to instill strong security behaviors. Steve Conrad, managing director of MediaPro, a learning services company that specializes in information security, data privacy and compliance, says organizations can and should do better.

“Are we treating employees with the same seriousness as we are other threats to the organization? If you updated your firewall software and virus definitions once a year, people would say that you’re negligent,” Conrad says.

“It’s time to really step up the human element,” he adds. “Traditionally, CIOs and CISOs have looked at technology and processes. Now it’s time to look at people. They’re a very high threat to the organization, but we don’t necessarily treat them like any other threat vector. Employees generally want to do the right thing.”
Effective awareness training should be tailored for a variety of situations

Effective awareness training starts with a risk assessment, Conrad says. You need to understand what your most valuable assets are so you can better craft a plan to protect them.

“What are your risks? Align your training around those,” Conrad says. “You shouldn’t give the same training to everyone in your organization. Your executives need certain training that others in the organization may not.”
MORE ON NETWORK WORLD: 6 simple tricks for protecting your passwords

Call center employees may need extra training around social engineering risks, while human resources employees may need particular training about handling personally identifiable information (PII).

Conrad notes that the National Institute of Standards and Technology (NIST) Cybersecurity Framework is an excellent foundational document with which to start the process.

Once you know what you need to protect and who needs special training to protect it, you need to craft a program of continuous education around it.

“You can’t offer lackluster training for 30 minutes one a year and say it doesn’t work,” Conrad says. “Why would you expect it to work? You need foundational training, but the overall training program needs to be one of reinforcement. You need to look at it as an overall program, not an event.”

User behavior analytics can play a key role in a continuous program that adapts to the risks that your employees face. These analytics can provide pop-up alerts when employees engage in certain activities.

“We see you’re doing this, be aware that these are the best practices and what you need to watch out for,” Conrad says.

“We call it ‘just-in-time training’ or ‘performance-at-work training,'” he adds. “You’re disclosing proprietary information to a partner, can I give you education and a checklist of what you should and shouldn’t be sharing?”

It’s also essential to treat your security awareness program as a communication exercise — essentially a change management problem. IT and the security function may not have the skills to make that happen, so Conrad suggests partnering with the training organization or the marketing organization to most effectively get the awareness training across.

“Anytime you can communicate a message to a person and make it personal, you’re going to be much better off,” Conrad says.

For instance, foundational training could show employees tools and best practices they can use at home to protect their children and other family members. They can then apply those tools and practices on the job.

“That’s a very reasonable way to approach it,” Conrad says. “Tie in that emotional hook. Make it real and personal.”

 

Click here to view complete Q&A of 70-432 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft 70-432 Training at certkingdom.com


Continue Reading

25 highest paying companies: Which tech co outranks Google, Facebook and Microsoft?

Tech companies snag 20 spots on Glassdoor’s ranking of 25 highest paying companies in America

Tech companies dominate Glassdoor’s ranking of the highest paying companies in the U.S., snagging 20 of the top 25 spots. But no tech company ranks higher than Juniper Networks, which pays its workers a median total compensation of $157,000.

The next-highest ranking tech company is Google, which landed at No. 5 on Glassdoor’s list with a median total compensation of $153,750.

While tech companies earned the most spots on the list, consulting firms set the high bar for compensation in Glassdoor’s report, “25 Highest Paying Companies in America for 2016.” No. 1 on the list is A.T. Kearney, which pays a median total compensation of $167,534. Strategy&, at No. 2 on the list, pays a median total compensation of $160,000.

Juniper placed third among the 25 companies, while McKinsey & Company ranked fourth with a median total compensation of $155,000.

Glassdoor’s total compensation figures include base salary as well as other forms of pay, such as commissions, tips and bonuses. The data comes from U.S.-based employees who voluntarily shared their compensation on Glassdoor’s website during the past year. Companies considered for Glassdoor’s report must have received at least 50 salary reports by U.S-based employees during the 12-month time frame.

“Salaries are sky-high at consulting companies due to ‘barriers of entry’ in this field, which refers to employers wanting top consultants to have personal contacts, reputations and specialized skills and knowledge,” said Andrew Chamberlain, Glassdoor chief economist, in a statement. “In technology, we continue to see unprecedented salaries as the war for talent is still very active, largely due to the ongoing shortage of highly skilled workers needed.”

Here is Glassdoor’s full list of the 25 highest paying companies in the U.S.:

1. A.T. Kearney: median total compensation $167,534; median base salary $143,620
2. Strategy&: median total compensation $160,000; median base salary $147,000
3. Juniper Networks: median total compensation $157,000; median base salary $135,000
4. McKinsey & Company: median total compensation $155,000; median base salary $135,000
5. Google: median total compensation $153,750; median base salary $123,331
6. VMware: median total compensation $152,133; median base salary $130,000
7. Amazon Lab126: median total compensation $150,100; median base salary $138,700
8. Boston Consulting Group: median total compensation $150,020; median base salary $147,000
9. Guidewire: median total compensation $150,020; median base salary $135,000
10. Cadence Design Systems: median total compensation $150,010; median base salary $140,000
11. Visa: median total compensation $150,000; median base salary $130,000
12. Facebook: median total compensation $150,000; median base salary $127,406
13. Twitter: median total compensation $150,000; median base salary $133,000
14. Box: median total compensation$150,000 ; median base salary $130,000
15. Walmart eCommerce: median total compensation $149,000; median base salary$126,000
16. SAP: median total compensation $148,431; median base salary $120,000
17. Synopsys: median total compensation $148,000; median base salary $130,000
18. Altera: median total compensation $147,000; median base salary $134,000
19. LinkedIn: median total compensation $145,000; median base salary $120,000
20. Cloudera: median total compensation $145,000; median base salary $129,500
21. Salesforce: median total compensation $143,750; median base salary $120,000
22. Microsoft: median total compensation $141,000; median base salary $125,000
23. F5 Networks: median total compensation $140,200; median base salary $120,500
24. Adobe: median total compensation $140,000; median base salary $125,000
25. Broadcom: median total compensation $140,000; median base salary $130,000

Click here to view complete Q&A of 70-398 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft 70-398 Training at certkingdom.com

 


Continue Reading

25 highest paying companies: Which tech co outranks Google, Facebook and Microsoft?

Tech companies snag 20 spots on Glassdoor’s ranking of 25 highest paying companies in America

Tech companies dominate Glassdoor’s ranking of the highest paying companies in the U.S., snagging 20 of the top 25 spots. But no tech company ranks higher than Juniper Networks, which pays its workers a median total compensation of $157,000.

The next-highest ranking tech company is Google, which landed at No. 5 on Glassdoor’s list with a median total compensation of $153,750.

While tech companies earned the most spots on the list, consulting firms set the high bar for compensation in Glassdoor’s report, “25 Highest Paying Companies in America for 2016.” No. 1 on the list is A.T. Kearney, which pays a median total compensation of $167,534. Strategy&, at No. 2 on the list, pays a median total compensation of $160,000.

Juniper placed third among the 25 companies, while McKinsey & Company ranked fourth with a median total compensation of $155,000.

Glassdoor’s total compensation figures include base salary as well as other forms of pay, such as commissions, tips and bonuses. The data comes from U.S.-based employees who voluntarily shared their compensation on Glassdoor’s website during the past year. Companies considered for Glassdoor’s report must have received at least 50 salary reports by U.S-based employees during the 12-month time frame.

“Salaries are sky-high at consulting companies due to ‘barriers of entry’ in this field, which refers to employers wanting top consultants to have personal contacts, reputations and specialized skills and knowledge,” said Andrew Chamberlain, Glassdoor chief economist, in a statement. “In technology, we continue to see unprecedented salaries as the war for talent is still very active, largely due to the ongoing shortage of highly skilled workers needed.”

Here is Glassdoor’s full list of the 25 highest paying companies in the U.S.:

1. A.T. Kearney: median total compensation $167,534; median base salary $143,620
2. Strategy&: median total compensation $160,000; median base salary $147,000
3. Juniper Networks: median total compensation $157,000; median base salary $135,000
4. McKinsey & Company: median total compensation $155,000; median base salary $135,000
5. Google: median total compensation $153,750; median base salary $123,331
6. VMware: median total compensation $152,133; median base salary $130,000
7. Amazon Lab126: median total compensation $150,100; median base salary $138,700
8. Boston Consulting Group: median total compensation $150,020; median base salary $147,000
9. Guidewire: median total compensation $150,020; median base salary $135,000
10. Cadence Design Systems: median total compensation $150,010; median base salary $140,000
11. Visa: median total compensation $150,000; median base salary $130,000
12. Facebook: median total compensation $150,000; median base salary $127,406
13. Twitter: median total compensation $150,000; median base salary $133,000
14. Box: median total compensation$150,000 ; median base salary $130,000
15. Walmart eCommerce: median total compensation $149,000; median base salary$126,000
16. SAP: median total compensation $148,431; median base salary $120,000
17. Synopsys: median total compensation $148,000; median base salary $130,000
18. Altera: median total compensation $147,000; median base salary $134,000
19. LinkedIn: median total compensation $145,000; median base salary $120,000
20. Cloudera: median total compensation $145,000; median base salary $129,500
21. Salesforce: median total compensation $143,750; median base salary $120,000
22. Microsoft: median total compensation $141,000; median base salary $125,000
23. F5 Networks: median total compensation $140,200; median base salary $120,500
24. Adobe: median total compensation $140,000; median base salary $125,000
25. Broadcom: median total compensation $140,000; median base salary $130,000

Click here to view complete Q&A of 70-398 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft 70-398 Training at certkingdom.com

 


Continue Reading

Windows 10’s upgrade model temporarily wipes $1.6B from Microsoft’s books

Company defers Windows 10 revenue for two to four years because of free upgrades and updates

Microsoft’s decision to radically change the distribution and maintenance of Windows 10 put a $1.6 billion temporary dent in its revenue, the company said Thursday.

In a filing covering the March quarter, Microsoft pointed to the revenue deferral of Windows 10 — a relatively new way of accounting for the Redmond, Wash. company — as a reason for the 6% year-over-year decline in revenue.

“Revenue decreased $1.2 billion or 6%, primarily due to the impact of a net revenue deferral related to Windows 10 of $1.6 billion and an unfavorable foreign currency impact of approximately $838 million or 4%,” Microsoft’s 10-Q filing with the U.S. Securities & Exchange Commission (SEC) stated.

The $1.6 billion in Windows 10 revenue during the March quarter didn’t actually vanish: It was instead deferred and will hit the bottom line over the next two to four years.

Last year, when Microsoft outlined and then released Windows 10, it announced that it had to change how it accounted for sales because of its promise that upgrades and updates for the new operating system would be free.

For accounting purposes, a free upgrade requires a company to set aside some revenue from the sale of the affected software — in this case, Windows 10 — then recognize that revenue only when the upgrade is released. All the revenue from the software sale is eventually recorded, but at staggered intervals.

In Windows 10’s case, the interval varies between two and four years. Microsoft has never explicitly spelled out what Windows 10 sales are recognized in two years, which in three, and those in four. Instead, the company first said that deferral length would depend on the lifetime of the supported device, then added that “customer type” would determine the lifespan.

Microsoft does financial acrobatics to deal with the deferrals. It continues to record revenue as it has in the past, but then debits the “Corporate and Other” reporting segment by pro-rated amounts over the lifespan of the license. For $300 of revenue over a three-year stretch of Windows 10 Pro, for instance, Microsoft would recognize $100 in Year 1 — that money returned to the balance sheet in the Corporate and Other group — and defer the remaining for the second and third years, booking $100 in each. At the end of the three years, the full $300 will have been recognized.

If the deferral debits were eliminated, the company would have announced revenue of $22.1 billion for the quarter, not the $20.5 billion it did.

However, the deferred Windows 10 revenue didn’t change the revenue and operating income numbers for the More Personal Computing (MPC) division — a 2015 creation that includes Windows, Microsoft’s Lumia and Surface devices, gaming, and search — because sales immediately land under the group’s line.

MPC revenue increased in the first quarter, a change from recent reporting periods, which have seen declines: Revenue was $9.5 billion, up almost 1% from the same period in 2015. But Windows revenue was down.

Sales of licenses to OEMs (original equipment manufacturers) — the bulk of Windows revenue — declined 2% year over year, with what Microsoft dubs “Pro” licenses, the more expensive versions of Windows aimed at businesses, down 11%.

As it has for years, Microsoft again blamed the struggling PC business for the decline in Windows revenue. Chief Financial Officer Amy Hood called the PC market’s March quarter “weaker than we expected” during yesterday’s call with Wall Street.

PC shipments in 2016’s first quarter declined by 11.5%, researcher IDC said last week. Rival Gartner pegged the downturn at 9.6%.

Hood attributed the 11% drop in OEM Pro revenue to “higher inventory levels” in the December quarter. Translation: Computer makers stuffed the channel with PCs late last year, then sold fewer than they had expected, leaving too many on shelves and in warehouses with licenses paid for in 2015.

Ironically, sales of consumer-grade licenses to OEMs increased by 15%, Hood said, crediting a “higher-than-expected mix of premium devices” for the upturn. She presumably meant the more expensive — and larger — tablets and 2-in-1s, and the pricier PCs. Both IDC and Gartner have repeatedly said that consumer PC sales have tanked because people aren’t replacing their aged systems after shifting much of their time on PCs to smartphones, and to a lesser degree, tablets.

Microsoft does not share the specific revenue figures for Pro and “non-Pro” license sales — the latter represent the consumer-quality versions — but the former again brought in more money than the latter during the quarter.

That will continue, Hood said as she issued her forecast for the quarter ending June 30, Microsoft’s final for its 2016 fiscal year. “In Windows, we expect our OEM Pro revenue to be largely in line with the commercial PC market,” she said, referring to the continuing decline now expected. “Our non-Pro revenue is expected to be above the consumer PC market, similar to what we saw in [the March quarter].”

Click here to view complete Q&A of 70-413 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft 70-413 Training at certkingdom.com

 


Continue Reading

Windows 10’s upgrade model temporarily wipes $1.6B from Microsoft’s books

Company defers Windows 10 revenue for two to four years because of free upgrades and updates

Microsoft’s decision to radically change the distribution and maintenance of Windows 10 put a $1.6 billion temporary dent in its revenue, the company said Thursday.

In a filing covering the March quarter, Microsoft pointed to the revenue deferral of Windows 10 — a relatively new way of accounting for the Redmond, Wash. company — as a reason for the 6% year-over-year decline in revenue.

“Revenue decreased $1.2 billion or 6%, primarily due to the impact of a net revenue deferral related to Windows 10 of $1.6 billion and an unfavorable foreign currency impact of approximately $838 million or 4%,” Microsoft’s 10-Q filing with the U.S. Securities & Exchange Commission (SEC) stated.

The $1.6 billion in Windows 10 revenue during the March quarter didn’t actually vanish: It was instead deferred and will hit the bottom line over the next two to four years.

Last year, when Microsoft outlined and then released Windows 10, it announced that it had to change how it accounted for sales because of its promise that upgrades and updates for the new operating system would be free.

For accounting purposes, a free upgrade requires a company to set aside some revenue from the sale of the affected software — in this case, Windows 10 — then recognize that revenue only when the upgrade is released. All the revenue from the software sale is eventually recorded, but at staggered intervals.

In Windows 10’s case, the interval varies between two and four years. Microsoft has never explicitly spelled out what Windows 10 sales are recognized in two years, which in three, and those in four. Instead, the company first said that deferral length would depend on the lifetime of the supported device, then added that “customer type” would determine the lifespan.

Microsoft does financial acrobatics to deal with the deferrals. It continues to record revenue as it has in the past, but then debits the “Corporate and Other” reporting segment by pro-rated amounts over the lifespan of the license. For $300 of revenue over a three-year stretch of Windows 10 Pro, for instance, Microsoft would recognize $100 in Year 1 — that money returned to the balance sheet in the Corporate and Other group — and defer the remaining for the second and third years, booking $100 in each. At the end of the three years, the full $300 will have been recognized.

If the deferral debits were eliminated, the company would have announced revenue of $22.1 billion for the quarter, not the $20.5 billion it did.

However, the deferred Windows 10 revenue didn’t change the revenue and operating income numbers for the More Personal Computing (MPC) division — a 2015 creation that includes Windows, Microsoft’s Lumia and Surface devices, gaming, and search — because sales immediately land under the group’s line.

MPC revenue increased in the first quarter, a change from recent reporting periods, which have seen declines: Revenue was $9.5 billion, up almost 1% from the same period in 2015. But Windows revenue was down.

Sales of licenses to OEMs (original equipment manufacturers) — the bulk of Windows revenue — declined 2% year over year, with what Microsoft dubs “Pro” licenses, the more expensive versions of Windows aimed at businesses, down 11%.

As it has for years, Microsoft again blamed the struggling PC business for the decline in Windows revenue. Chief Financial Officer Amy Hood called the PC market’s March quarter “weaker than we expected” during yesterday’s call with Wall Street.

PC shipments in 2016’s first quarter declined by 11.5%, researcher IDC said last week. Rival Gartner pegged the downturn at 9.6%.

Hood attributed the 11% drop in OEM Pro revenue to “higher inventory levels” in the December quarter. Translation: Computer makers stuffed the channel with PCs late last year, then sold fewer than they had expected, leaving too many on shelves and in warehouses with licenses paid for in 2015.

Ironically, sales of consumer-grade licenses to OEMs increased by 15%, Hood said, crediting a “higher-than-expected mix of premium devices” for the upturn. She presumably meant the more expensive — and larger — tablets and 2-in-1s, and the pricier PCs. Both IDC and Gartner have repeatedly said that consumer PC sales have tanked because people aren’t replacing their aged systems after shifting much of their time on PCs to smartphones, and to a lesser degree, tablets.

Microsoft does not share the specific revenue figures for Pro and “non-Pro” license sales — the latter represent the consumer-quality versions — but the former again brought in more money than the latter during the quarter.

That will continue, Hood said as she issued her forecast for the quarter ending June 30, Microsoft’s final for its 2016 fiscal year. “In Windows, we expect our OEM Pro revenue to be largely in line with the commercial PC market,” she said, referring to the continuing decline now expected. “Our non-Pro revenue is expected to be above the consumer PC market, similar to what we saw in [the March quarter].”

Click here to view complete Q&A of 70-413 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft 70-413 Training at certkingdom.com

 


Continue Reading

LastPass phishing attack may have snagged passwords

The simple attack shows how software needs to be more phishing resistant

A relatively simple phishing attack could be used to compromise the widely used password manager LastPass, according to new research.

Notifications displayed by LastPass version 4.0 in a browser window can be spoofed, tricking people into divulging their login credentials and even snatching a one-time passcode, according to Sean Cassidy, who gave a presentation at the Shmoocon conference on Saturday.

Cassidy, who is CTO of Praesido Inc., notified LastPass of the issues. In a blog post, LastPass said it has made improvements that should make such an attack harder to pull off without a user knowing.

Cassidy released a tool on GitHub called LostPass that shows how an attacker can spoof alerts from LastPass, eventually tricking a user into giving up their login credentials.

In a blog post, Cassidy describes how LastPass will alert users if they’re logged out of the application. But the alert is shown through the browser’s viewport, and the exact same alert could be created and triggered by an attacker if someone can be lured to a malicious website.

For his proof-of-concept attack, he bought the domain “chrome-extension.pw,” which looks similar to Chrome’s protocol for browser extensions and unlikely raise eyebrows.

The bogus LostPass alert, if clicked on, could then lead to the malicious domain that asks for a user’s credentials. If two-factor authentication is enabled, the access token could also be stolen. At that point, all of the victim’s passwords can be collected using the LastPass API, Cassidy wrote.

Strangely, those LastPass customers who have two-factor authentication could have been more vulnerable to the attack.

Cassidy wrote that LastPass sent an email notification if a login attempt is made from a new IP address. But that alert is only sent if a person doesn’t have two-factor authentication enabled, so those with it enabled wouldn’t know of a suspicious login.

LastPass has since changed the notification to also go to people who have two-factor enabled if a login attempt is made from a new location or device.

Cassidy contends his research shows how software needs to be more resistant to phishing attacks.

“Many responses to the phishing problem are ‘train the users,’ as if it was their fault that they were phished,” Cassidy wrote. “Training is not effective at combating LostPass because there is little to no difference in what is shown to the user.”

Although Cassidy wrote that the problems are hard to fix, he decided to go public.

“As soon as I published details of this attack, criminals could make their own version in less than a day,” he wrote. “I am publishing this tool so that companies can pen-test themselves to make an informed decision about this attack and respond appropriately.”

LastPass has implemented some new defenses in response to Cassidy’s research and also plans “to release additional notification options that bypass the viewport.”

The company has also blocked web pages from logging someone out of LastPass. Even if users see a warning that they’re logged out, in theory they should notice that LastPass is actually still logged in.

 

Click here to view complete Q&A of 70-341 exam

MCTS Training, MCITP Trainnig

Best Juniper Certification, Juniper Training at certkingdom.com

Posted in: TECH

Continue Reading

How secure are wearables, anyway?

Whether you’re using that new wearable for yourself or managing IT at a company where fit trackers and smart watches are becoming more popular, wearables just might be the next big bullseye for cybercriminals.

Congratulations on getting that new wearable device over the holidays. You’re on your way to a new, trackable, data-filled life.

Or you’re about to be hacked.

“Every digital technology, as its use has expanded, has drawn attention from hackers and criminals,” says Stephen Cobb of ESET. “So if wearables get to the point where criminals can see a way to exploit them for gain, they will try to do that.”

In his role as senior security researcher at ESET, Cobb says he hasn’t seen that happen yet, but that doesn’t mean it isn’t on the horizon.

He points to a recent issue with VTech, which makes a wearable for kids. Its customer database, which includes the information of 5 million parents and 200,000 children, was recently compromised.

“Some of their toys took photographs and some of those photographs were shared on their back-end system,” Cobb says. “In the case of a wearable, this could have location information, it could have health related information.”

Some good news amid the dark: Consumers already have a healthy dose of skepticism about wearables. According to a study conducted by Auth0, 52 percent of consumers don’t think that IoT devices have the necessary security that they need. So consumers are going to get into the wearable market already being on guard about the security of their device.

However, as the VTech breach shows and as Cobb predicts, it’s not the devices themselves that are the weak link in the chain. It’s the databases where that information being collected is stored.

“If somebody was going to target the data that a wearable company collected about its consumers, typically criminals are looking for a name, address, personally identifiable information,” he says. They could do a wash of things with that information. Also, if they have location information that’s updated in real time, they could be looking for when you’re not home, which could make you a burglary target — much like the earlier days of Facebook when criminals targeted people who were posting vacation pictures while still on vacation.

Most likely, Cobb says, companies will build the necessary security around their databases because otherwise they could face wrath of the Federal Trade Commission.
INSIDER: 5 ways to prepare for Internet of Things security threats

He stresses that consumers should do research on the companies that they’re getting wearables from as well third-party apps that use the data, too, and to read their privacy policies to see what’s being done with that data. If the app doesn’t have one? Move onto another app.

The wearable workplace worry

If you’re the CIO of a company that deals with sensitive information — whether that’s health information, company trade secrets, financial data, attorney-client privilege — there could be legal repercussions for letting wearables into the workspace.

“I’m going to be worried about things like Google Glass and cameras on smartwatches and anything that’s either able to record audio or visual,” says Mark McCreary, chief privacy officer and partner at Fox Rothschild LLP. “That’s your primary concern as far as protecting your own data.”

Even if employees are recording without thinking anything of it (making a goofy video about totally unrelated to work but at work, for example) that video or audio could have sensitive information in it and be uploaded into different places – like a cloud – that are not as secure as your own company’s systems.

“It’s about there being multiple copies. It’s about not having control of the data,” McCreary says. He likens it to employees using Dropbox at home. Copies of the information in that Dropbox are no longer just at work. The same may be true with what wearable are picking up.

And that’s not even getting into people who may come into your company’s office with the intention of recording and stealing information (remember, the Target hack happened because of a heating and air conditioning company). It’s a lot less obvious that they’re doing that if they’re a wearable than if they were to take out their phone and hit record.

In those cases, McCreary says, especially if your company deals with sensitive information, it may be worth banning wearables that have the capability to record entirely in the workplace, or not allowing them in areas where sensitive information is out in the open and being discussed.

Some companies are giving out tracking devices like Fitbits to their employees as part of wellness programs. While the intention behind that decision might be a good one, Beth Zoller, legal editor at XphertHR, says that it presents possible human resources and legal issues in terms of who gets to see that data.

“There are invasion of privacy issues,” she says, especially if the employer has access to health information of an individual. Every Fitbit except the Zip, for example, records activity but can also record sleep patterns, which an employee may not want an employer to have.

A company-given wearable also raises issues of what is personal time and what is private time. “There is the risk of employees who are wearing wearable devices that the lines between work and nonworking time is a blur,” she says. “The employer might be able to pay overtime.”

She adds that if a device records video or audio, employers need to make sure that they are not accessing information that they do not have privilege to, such as those having to do with union activity, or else they risk running up against the National Labor Relations Act.

The best way to handle wearables in the workplace, says Zoller, is to “create a policy as to what the employers’ position is going to be, how employees are going to be able to use wearabales, and also train employers and supervisors and employees” on how wearables can and cannot be used at work. They’ve also published a guide to wearables on their website.

Wearables are a big industry, but still shiny and new, and are bound to be tested by the hacker world, even if we don’t know how, when or where. “Every wave of technology gets scrutinized for weakness and weaknesses that are found are exploited,” says Cobb. “It’s certainly an area we need to keep an eye on for emerging threats down the road.

 

Click here to view complete Q&A of MB2-706 exam

Certkingdom 20% Discount Promotion Coupon Code: 45K2D47FW4

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MB2-706 Training at certkingdom.com

 

Posted in: TECH

Continue Reading

10 amazing algorithms

Figuring out mysteries
Cyber technology couldn’t get by without algorithms to encrypt, analyze metadata and find traffic anomalies, but they are used more and more widely in other fields. Here are 10 algorithms that perform functions as varied as scanning for disease genes, catching classroom cheats and figuring out murder mysteries as well as Agatha Christie’s heroine Miss Marple.

Scan genes for disease
An algorithm developed by doctors at Massachusetts General Hospital and Hebrew University could scan gene maps for genes that are associated with diseases. By doing so across organisms they could reveal how these genes evolved and what useful function they might have originally served. From The Algemeiner.

Find patient zero
Researchers in Croatia have an algorithm that performs statistical analysis to discover the first person infected by a disease in an epidemic or at least come close. It works better when the disease spreads quickly and the algorithm is applied soon after the epidemic is discovered. The algorithm could be used to track down the first machine infected in a malware outbreak as well, they say. From phys.org.

Perform facial ID without a face
Facebook has an experimental algorithm that can identify people in photos 83% of the time even if their face is obscured. It uses other cues such as attire, hair style, posture and body type to figure out who’s who. From New Scientist.

Figure out whodunnit
Agatha Christie murder mysteries can be solved by an algorithm that takes into account the relationship between the victim and suspects, modes of transportation used in the crime, when suspects are introduced and how they are described, among other factors. Authors of the algorithm came up with it after analyzing 27 of Christie’s 83 novels. From The Guardian.

Capitalize on tele-boredom
Boredom of phone users is detectable up to 82.9% of the time using an algorithm that looks at usage logs and self-reporting of how bored users are. One useful result for marketers: users are more likely to investigate suggested content when they are bored. From research paper “When Attention is not Scarce Detecting Boredom from Mobile Phone Usage”.

Eradicate photo-bombers
An experimental application from Adobe called Monument Mode can improve vacation photos by digitally removing people who wander into and obstruct the view while someone is shooting a picture of a tourist attraction like the Grand Canyon or Statue of Liberty. Users shoot several frames and an algorithm in the app analyzes them, discerns the difference between the attraction and the people, and excises them. See a demo here.

Catch exam cheats
Freakonomics author Steven Levitt and economist Ming-Jen Lin of National Taiwan University wrote an algorithm to figure out who cheated on college exams. They considered where students sat and what answers they got wrong to discover that about 10% of the students cheated. After assigning random seats and beefing up monitoring, cheating virtually disappeared. See the

Create memories in damaged brains
An algorithm in a prosthetic device figures out how to take the electrical signature of a short-term memory and convert it to the signature of a long-term memory, bypassing the damaged part of the brain that would otherwise perform the translation. “It’s like being able to translate from Spanish to French without being able to understand either language,” researcher Ted Berger of University of Southern California told The Financial Times.

Control blood sugar with diet recommendations
Monitoring what people eat and how their blood sugar levels respond led to an algorithm that tells them what to consume in order to prevent spiking that diabetics experience. Using 137 data points such as age, body mass index and even gut bacteria, the algorithm could predict seven out of 10 times how subjects would react to the foods they ate. From The Atlantic.

Predict success of couples therapy
Voice qualities – pitch, intensity, jitter, warbles and shimmer among many others – when run through an algorithm created at the University of Southern California and the University of Utah was better at predicting whether or not couples would succeed in marriage counseling than the words they spoke. The algorithm broke down speech recordings into acoustic features that the algorithm analyzed. The predictions were compared to marital status after five years and were 79% accurate. From a USC press release.

Click here to view complete Q&A of MB2-706 exam

Certkingdom 20% Discount Promotion Coupon Code: 45K2D47FW4

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MB2-706 Training at certkingdom.com

Posted in: TECH

Continue Reading

Tech’s greatest wins and most epic comebacks of 2015

Drawing the battle lines
While 2014’s greatest tech achievements were largely about steady iteration to existing products, this year’s highlights bring a greater sense of urgency. It seems every company in tech has suddenly awoken to the rapid expansion the next few years will bring, and is now trying to mark as much territory as possible. Here are the best, most successful examples of how that shook out in 2015.

Microsoft’s Surface Book nails the high-end laptop
PC makers were understandably miffed when Microsoft announced the Surface Book. While the company’s previous Surfaces were aimed more at the tablet market, the Surface Book was a direct assault on the laptop establishment, with a proper keyboard base, optional discrete graphics, and a detachable tablet display. Although Microsoft’s hardware has suffered some problems out of the gate, in the long run it’s likely to snap the PC makers out of their daze and compel them to try a little harder.

Net neutrality prevails at the FCC
Around the middle of last year, the Federal Communications Commission seemed to have little interest in ensuring a level playing field on the Internet. Rather than attempt tough regulations, the agency backed the idea of “fast lanes,” in which Internet companies could pay a toll to providers like Comcast for preferential treatment. Maybe it was the consumer outcry, but the FCC eventually reversed its stance, and in February decided that Internet providers should be treated like utilities, with no paid prioritization allowed. The classification is still subject to lawsuits and congressional attacks, but has already made an impact as ISPs avoid policies that would run afoul of the rules.

Nvidia stuffs a desktop GPU into a laptop
Gaming laptops have always been about compromise, but Nvidia is looking to change that with the GeForce GTX 980, the first laptop graphics card that truly mirrors the performance of its desktop counterpart. Of course, GTX 980 laptops are still going to be hulking, expensive monstrosities, but the achievement is still a major milestone for serious gaming on the go.

USB-C paves the way for hassle-free connections
For too long, the simple act of plugging a USB cable into a phone or PC was needlessly frustrating, as the connector had a near-magical tendency to face the wrong way on the first attempt. Relief is coming with USB-C, a fully-reversible cable that can also transfer more power—enough to charge a full-blown laptop—and drive external displays. Some laptops and phones started supporting the standard in 2015, paving the way for widespread adoption next year.

Cutting cable TV gets a lot easier
2015 was a huge year for cord-cutting, as the TV industry scrambled to make up for a declining cable subscriber base through online video. Premium networks HBO and Showtime both launched standalone streaming services, Dish Network launched the first “skinny bundle” of streaming cable channels with Sling TV, and Hulu finally launched an ad-free version. Streaming hardware also got a competitive boost with new devices from Roku, Apple, Amazon, and Google. Ditching cable TV still isn’t for everyone, but it’s becoming less of a challenge as the bloated bundle crumbles.

Apple establishes the smartwatch market
Officially, Apple doesn’t disclose sales figures for the Apple Watch, but a recent third-party estimate put sales at 7 million after six months, while traditional watches have seen their biggest year-over-year drop since 2008. The Apple Watch is far from perfect, and remains a barely detectable blip in Apple’s earnings, but it’s already managed to get on consumers’ radars in a way that

Fitbit doesn’t sweat the smartwatch threat
Before the Apple Watch actually launched, pundits predicted that it would wipe out the dedicated fitness tracker market. But Fitbit is doing better than ever, with 4.8 million sales last quarter, and 168 percent year-over-year revenue growth. Although smartwatches could still prevail in the long run, plenty of people see more value in a cheaper device that’s laser-focused on personal health.

Facebook rules the planet
Three years after Facebook logged 1 billion active monthly users, the social network behemoth set another record with 1 billion logins in a day, and 1.5 billion monthly active users. One out of every seven people on earth sign in every day, and that doesn’t even count Facebook-owned services like Instagram and Whatsapp. People have been insisting that Facebook has lost its cool for years now, but the numbers show that users are more hooked than ever.

The mid-range phone gets great
Now’s a fine time to buy a phone if you don’t want to spend upwards of $650 off-contract.

Between the Nexus 5X ($379), Nexus 6P ($499), OnePlus 2 ($389), Moto X Pure Edition ($400, pictured), and Alcatel OneTouch Idol 3 ($250), buyers have more options than ever for solid, unlocked Android phones. And now that U.S. carriers offer cheaper service with unsubsidized handsets, buying one of these phones actually makes sense.

Driverless cars get real
While Google’s self-driving cars get all the attention—and hit a milestone with the first custom prototypes hitting public roads this year—the launch of Tesla’s Autopilot feature (pictured) was just as significant. The feature allows Model X SUVs and newer Model S sedans to steer, brake, and accelerate by themselves on highways, alerting drivers only when human intervention becomes necessary.

We’re still a long way from fully autonomous cars—even Autopilot suggests eyes on the road—but 2015 brought some major steps forward.

Click here to view complete Q&A of 70-341 exam

MCTS Training, MCITP Trainnig

Best Juniper Certification, Juniper Training at certkingdom.com

Posted in: TECH

Continue Reading

Dispelling the myths of hybrid hosting

Hybrid hosting lets you run your database on dedicated servers, put your front-end in the cloud, and tie everything together with a single click

When the Amazon Web Services platform failed recently some of the internet’s biggest sites — including Netflix and Tinder – suffered extended outages. The culprit? AWS’s NoSQL database DynamoDB, where increased error rates led to increased errors and latency in more than 20 AWS services.

These and other sites wouldn’t have had a problem if they used hybrid hosting, the best way to architect modern apps. Hybrid hosting lets businesses set up their databases on dedicated servers, put their front-end Web apps in the cloud, then tie everything together with a single click.

While many companies recognize that hybrid hosting and the hybrid cloud are “the next big thing” in hosting, some are intimidated by what they don’t know. Because hybrid cloud adoption is still nascent, there remains a lot of confusion about the technology. It’s time to debunk some myths.

Myth: Hybrid cloud is only used for cloud bursting.
When an application running in a private cloud gets a sudden demand for computing capacity, it can “burst” to a public cloud to handle that spike. This cannot be a reactive measure, though, and it is difficult to run applications on traditional, dedicated servers and then swap that same workload to the cloud at will. For cloud bursting to work properly, applications must be designed from the ground up with that in mind; the vast majority of applications are not built this way. It takes special skill and intent to build applications that know how to burst to the cloud.

Hosting on a hybrid infrastructure does not magically make an application cloud burst; the application must be designed for that. Furthermore, the hybrid cloud must allow for the cloud burst at the networking level, which requires integration of hybrid at the networking level. It is unreasonable to expect legacy applications running on traditional dedicated servers to just swap their workloads to the cloud on demand.

Hybrid cloud cannot, in fact, be used for cloud bursting unless the application was designed for that. Combining an adequately designed application with a hybrid cloud infrastructure, however, would enable an organization to build up an auto-scaling and burst-capable application on hybrid cloud infrastructure.

Myth: Hybrid cloud is complicated to implement.
This is only true if hybrid cloud is done in a non-automated, non-productized manner. If an organization attempts to build its own configuration, things can get complicated quickly and it can take weeks to implement. However, when hybrid cloud technology is implemented through an automated platform, it can be done in less than a few hours, if not minutes.

Ideally, a hosted hybrid cloud solution should be designed with drag-and-drop functionality in mind for every component. This method allows you to configure your infrastructure the way you want, while keeping the network automation in the background. A drag-and-drop interface makes implementing the hybrid cloud a breeze.

Myth: Hybrid cloud is more expensive.
Hybrid cloud can be less expensive than a purely dedicated or purely cloud configuration with the proper setup – namely, if cloud servers are leveraged for variable workloads and dedicated servers are leveraged for fixed workloads. There is a possibility for hybrid cloud to run up the costs, but that’s only if bridging devices are used. Done correctly (and without these devices), a business can cut its costs with a hybrid cloud infrastructure.

Take a florist business. Florists are dramatically busier on days like Valentine’s Day than the rest of the year. If a florist pays for dedicated hosting based on those sporadic days they’re paying too much. Cloud, too, can be expensive. Most days of the year the florist sees pretty static load and demand. With hybrid hosting, the florist can run day-to-day business on dedicated servers, add cloud instances for the Valentine’s Day peak, then return to dedicated servers on February 15. This is the most cost-effective way to go.

Costs can run up when businesses pay premiums for resources that should be fixed commodities like bandwidth or storage. A proper strategy utilizes each element of a hybrid cloud set-up to gain operational and cost advantages.

Myth: Hybrid cloud is only for enterprises.
Organizations of all sizes can reap the benefits of hybrid cloud – start-ups and SMBs are even more primed that enterprises to benefit from the hybrid cloud.

Enterprises have the most legacy apps that require a dedicated infrastructure and can gain a lot from the hybrid cloud by integrating existing environments with new ones. However, changing applications, migrations, and IT approvals can take a long time. Start-ups with fixed workloads (like databases) and variable workloads benefit from the hybrid cloud, too. In fact, we’re seeing more adoption of hybrid among startups and SMBs than enterprises due to the agility of decision making in smaller organizations.

Because on-demand hybrid hosting is easy to set up and requires minimal configuration, it is ideal for businesses that have small IT teams (especially for IT “teams” that are just a single person). Hybrid hosting also offers reliability, giving these start-ups and SMBs an edge over their larger, more slower moving competitors.

Myth: Hybrid is good for data redundancy.
“Traditional” hybrid cloud is NOT good for data redundancy. Consider an organization that stores critical data on its local dedicated server environment. This company runs a redundant system on a public cloud for live failover or immediate data recovery. In the traditional hybrid cloud model, this organization is reliant upon a single physical network device to bridge the cloud and dedicated infrastructures. The purpose of redundancy is to eliminate points of failure, not add potential network failure scenarios. A traditional hybrid architecture with a “connect” device is a single point of failure.

On-demand hybrid hosting, which is architected at the layer 2 network level to send data through an automated deep layer of networking, is redundant and ensures the FASTEST data transport path from point to point.

In conclusion, it is clear that the hybrid cloud is the future and will dominate IT for the next decade. The beauty of enabling the on-demand hybrid cloud infrastructure is it’s customizable to the unique needs and usages, while optimizing costs. Hybrid is the antithesis to the “one size fits all” approach that companies have had to deal with for years. Figure out what your ideal infrastructural environment is, then make it happen with the hybrid cloud.

 

Click here to view complete Q&A of 70-341 exam

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft 70-341 Training at certkingdom.com

 

Posted in: TECH

Continue Reading

Cybersecurity 101: Protect your home or personal network

Intrusion detection systems. Network firewalls. Behavioral analysis. Encryption. The toolkit of the modern information security professional is full of complex, advanced technical controls designed to protect enterprise networks against increasingly sophisticated attacks. How should home users protect themselves — without investing thousands of dollars in specialized security equipment — against cybercriminals who want to steal sensitive personal information?

Fortunately, there are simple and inexpensive steps that every home user can take to build a robust, layered defense that will protect them against most of the malicious threats that jeopardize the security of their systems and personal information. Let’s take a look at five simple ways that you can keep your network secure without breaking the bank. Think of these recommendations as being a Cybersecurity 101 course for the average home computer user.

Use a Firewall
Businesses spend thousands of dollars on sophisticated firewalls designed to keep malicious threats out of their protected networks. Firewalls sit at the border between a private network and the Internet, enforcing rules that regulate the traffic allowed to cross that border. Enterprise-grade firewalls are expensive and require extensive configuration to precisely define the types of traffic that should be allowed to enter the network unsolicited. For example, a business firewall would typically allow connections from the Internet to the company’s web server.

Fortunately, home users don’t need a sophisticated firewall because they don’t have sophisticated networking needs. Unless you’re running public web servers in your home, your firewall policy should be very simple: Don’t allow any unsolicited connections to your network. You probably already have a firewall built-in to the Internet router provided by your service provider. Even better, it’s probably already configured to enforce this simple “deny everything” firewall policy.

Take the time to understand what type of router is sitting at the border of your home network. Find the instruction manual for that model router and use it to verify that the firewall function is enabled and blocking all unsolicited connection requests. This will go a long way toward keeping the bad guys out of your network.

Install and Update Antivirus Software
Antivirus software is still one of the tried-and-true ways to protect your network against malicious threats. Signature-based software runs on your systems, scanning them constantly for any signs of malicious software. When antivirus software detects a threat, it acts to immediately neutralize it by removing the software entirely or, if that’s not possible, quarantining it in a safe location until you can take further action to clean your system.

You can’t just simply install antivirus software and walk away, however. The manufacturers of antivirus software release new updates on a daily basis to combat recently discovered strains of malicious software. If you haven’t updated your software in a few years, it’s next to useless as a defense against modern threats. Take a few minutes to verify that all of the systems on your network have current antivirus software and that they’re configured to receive daily signature updates from the vendor.

Keep Computers Patched
Whether you’re running Windows or Macintosh systems, you need to apply security updates on a regular basis to keep your systems secure. Microsoft and Apple release patches whenever they become aware of a security vulnerability in their operating systems. If you don’t apply those patches, attackers will likely discover your vulnerability and exploit it to gain access to your network and data.

Fortunately, it’s easy to keep your computers patched. Both Mac OS X and Windows provide automatic updating mechanisms that check every day for new security patches and automatically apply them to your systems. You just need to ensure that this functionality is turned on and your computer will take care of all of the work.

Encrypt Wireless Networks

Your wireless network is the easiest path for an attacker to gain access to the systems in your home. You should use strong WPA2 encryption to protect your network and configure it with a strong password known only to authorized network users. If you have no encryption, or use the outdated WEP encryption standard, it’s equivalent to leaving your front door unlocked and open, waiting for intruders to wander by and steal your belongings.

Configuring wireless encryption is usually very easy. Check the manual for your wireless access point. You’ll probably just need to select WPA2 encryption from a drop-down menu and then enter a strong passphrase used to access the network. Once it’s up and running, reconfigure all of your devices to use the new encrypted network and the contents of your communications will be safe from prying eyes.

Encrypt Sensitive Files
You don’t have to be a genius to protect your home network.One oft-forgotten risk is the physical theft of computing devices. If an intruder steals a computer out of your home or a thief grabs your bag on the subway, you may lose physical possession of the computer. It’s one thing to lose a couple thousand dollars because of the device theft, but it’s far worse to lose your tax returns, credit card statements and other sensitive information that might be stored on the device.

You can protect yourself against the loss of sensitive information by encrypting the contents of your computer. Even if the computer falls into the wrong hands, the thief won’t be able to access your encrypted personal information without knowing your password. Both Windows and Mac systems offer free built-in encryption technology that you can easily enable. FileVault on Macs and BitLocker on Windows provide an easy way to protect the contents of your hard drive from prying eyes. Just make sure that you know your own password so that you don’t lock yourself out from access to your personal files!

Conclusion

Securing a home network is far simpler than securing the complex corporate networks that offer public services, but it still requires effort. Take the time to assess your network by verifying that your firewall is active, installing antivirus software, applying security patches, using WPA2 on your wireless network and encrypting your sensitive files. The few hours you might spend securing your network today may prove themselves worth the effort when they successfully protect you from hackers down the road!

Click here to view complete Q&A of 70-697 exam

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft 70-697 Training at certkingdom.com


Continue Reading

Are people abandoning Windows 10?

Despite a growing installed base, its use is growing marginally.

The Windows 10 installed base continues to grow at a fast rate, but its actual usage is lagging far behind. That’s the takeaway from the latest numbers by Net Applications.

Through its analytics, Net Applications puts Windows 10 usage at around 9% of all PCs, which translates to 148 million PCs. Microsoft hasn’t released any new numbers in a while. The last official figure was 110 million around October.

Net Applications acquires its usage data from a network of some 40,000 sensors embedded in websites around the world. It captures data from 160 million unique visitors each month, giving a global usage market share, but not necessarily an installed base market share.

Windows 7 remains the favorite OS, with 56.1%, followed by Windows 8.1 at 11.1% and Windows XP at 10.6%. A deeper look at the Net Apps numbers, though, shows Windows 10’s momentum is slowing. It rocketed to 5.2% in the first month after release, then crawled to 6.6%, 8%, and 9% in the ensuing three months.
See also: Microsoft rolls out several software updates: What you need to know

Meanwhile, Windows 7 ends the year pretty much where it started, at 56% in both January 2015 and November 2015. Windows 8.1 actually rose a tiny bit, from 10% in January to 11.1% in November. Windows XP was the big loser, dropping from 19% at the start of 2015 to 10.6% by November.

So what do we make of all this? Well, the XP numbers tell me a lot of old machines were finally replaced with Windows 10, but the steadiness of Windows 7 and 8.1 means people aren’t upgrading all that much. Again, I’ll remind you that Net Applications measures use, not installations. I’ve downloaded Windows 10 twice, on my desktop and laptop, but promptly removed it from the desktop because, quite frankly, I hate it. It’s still on the laptop because I should have at least one Windows 10 system for testing reasons.

How many other people did as me: downloaded the free update and either hated it, had problems or compatibility issues, or were put off by the rampant spying and went back to Windows 7 or 8? We don’t have a good measure of Windows 10 installs that were reversed, and that number would be more telling than any other.

Now, there has been an interesting new analytics player in the form of the Digital Analytics Program (DAP), which monitors the operating systems of visitors to more than 4,000 websites on over 400 different domains maintained by U.S. government agencies. Its number showed Windows 10 usage in the U.S. was 24% higher than the rest of the world, but since it’s monitoring U.S. government websites, the numbers are going to skew to the U.S. anyway.

The same goes for Steam analytics, which gathers OS and other information from people using the Steam app. Steam has, for all intents and purposes, replaced GameStop and other retail outlets for selling PC games. A Best Buy employee even told me they dumped their PC games section because everyone uses Steam. So it’s a good measure of consumer use.

And, according to Steam, Windows 10 is up to a 28.8% installed base, while Windows 7 is down to 42%. Windows 8.1 is hovering at 16.5%, and XP is effectively dead at 2.1%.

It shows how hard it is to get an accurate picture of things. Although these numbers come out monthly, the next major stats will be in February. That’s when January analytics come out and we see how many new Windows 10 PCs were delivered under Christmas trees.


Continue Reading

Former Marine fights to connect veterans with IT jobs

One consulting firm’s hiring program aims to place U.S. military veterans in IT engagements.
The transition to corporate life can be challenging for military veterans. Companies aren’t used to hiring veterans, whose resumes are unlikely to make it past their keyword-filtering software. Veterans aren’t used to articulating their military experience in business terms, nor are they accustomed to typical workplace culture and communication. Far too often, uniquely skilled veterans returning from Iraq and Afghanistan hear the same disheartening message — that they’d make great security guards.

Nick Swaggert, a former infantry officer with the U.S. Marine Corps, sees untapped talent in these returning soldiers, and he’s committed to helping them find career opportunities in the tech world. Swaggert is Veterans Program Director at Genesis10, an outsourcing firm that provides IT consulting and talent management services. His job is to recruit veterans, help them translate their military experience to relevant corporate experience, and find a place for veterans to work at Genesis10’s clients.

Swaggert knows firsthand what it’s like to see a military career reduced to the output of a military skills translator (software that’s designed to match military skills, experience and training to civilian career opportunities).

“I was in the Marine Corps infantry. Backpack and guns type of thing. So what does it say for me? I can be a security guard,” Swaggert says of the typical automated skills translator. “Someone in the infantry probably pulled a trigger less than 0.1% of the time. They probably spent a lot of their time in logistics, leadership, setting up communications assets, organizing supply chains. These are all things we did, but my job says I pulled a trigger.”

In reality, the infantry experience varies widely for today’s service men and women – including Swaggert, who was sent to the Syrian border, 300 miles from the nearest base. “I needed to make sure that the supply chain — helicopters were flying us supplies — was optimized. When you live in a space the size of a conference room table, or you’re on a vehicle, there’s not a lot of room for error in terms of too much or too little supplies,” he recalls. “I needed to learn how to set up a satellite radio, to send digital pictures of smugglers we were catching back to the base. Using a very high-tech radio and a rugged laptop in a sandstorm, I learned to problem-solve communications assets. That doesn’t come across in a translator.”

When Swaggert left the Marine Corps, he found a new mission: helping veterans find civilian jobs that make use of their myriad talents.

“I got out in 2010. I was told time and time again, ‘Nick, you seem like a really great

guy, but you just don’t have the experience that we’re looking for.’ That’s what led me to go and get my master’s degree and become passionate about it. This is a huge opportunity. There’s a huge miss here in communication. Someone needs to be out there, proselytizing.”
computerworld salary survey carousel hiring
Network jobs are hot; salaries expected to rise in 2016

Wireless network engineers, network admins, and network security pros can expect above-average pay

Why and how you should secure digital documents

The days when IT could autocratically dictate how employees access stored data and network traffic…
Genesis of an idea

Swaggert also understands what it’s like to be an enlisted person and an officer — a rare perspective for veterans of the typically stratified U.S. military. He enlisted in the Marines right out of high school. He was later selected for an officer training program, which allowed him to get a college degree while in the Marines.

After getting his degree, Swaggert was commissioned as an officer in 2005. He wanted to be an infantry officer, even though a friend advised him to pursue a more hirable assignment in communications or logistics. “I said ‘no way, that’s not going to happen. I’m going to go serve my country on the front lines.’ Then I came home, and like many other people, saw that doesn’t help me.”

Even with a college degree, his path to a corporate career wasn’t always smooth.
Swaggert applied and was rejected for a corporate program that’s designed to train and certify military veterans in computer networking. “My ASVAB — Armed Services Vocational Aptitude Battery — it’s like the military SAT. It shows how well you can learn new jobs. I scored in the 96th percentile of all service members. They don’t look at that, though. They just say, ‘well, he was in the infantry, he can shoot guns. There’s no way he could possibly learn network stuff.’ This is exactly why people can’t get jobs.”

When young, college-educated officers leave the military, they’re often recruited through junior military officer (JMO) training programs at companies such as Deloitte, PwC, General Electric and PepsiCo. Companies compete to hire these service members, many of whom got their college degrees, served four years in the military, and are set to enter the business world at a young age having amassed significant leadership experience. “They have their degrees, the path is laid out for them, and they’re heavily recruited,” Swaggert says.

It’s a different world for enlisted men and women, most of whom leave the military without a college degree. Even if they get their degrees after serving in the military, it can be hard to find work. “An officer goes to college for four years, then serves for four years. An enlisted guy serves four years, then goes to college for four years. After eight years they’re fairly equivalent, but one group is highly employed and the other group is heavily underemployed,” Swaggert says.

Nationwide, the unemployment rate for military veterans who served after 9/11 was 9% in 2013, according to data from the U.S. Bureau of Labor Statistics. That’s down from 9.9% the year before, but well above the overall unemployment rate for civilians, which was 7.2% during the same period. The numbers are particularly bleak for the youngest veterans, aged 18-24, who posted a jobless rate of 21.4%.
c2 crew b

Nick Swaggert (center), pictured with the crew of his command and control vehicle during a break while patrolling the Syrian/Iraqi border.

“Being an officer, you gain a tremendous amount of experience and have tremendous leadership opportunities. The other group has been given similar, but not as extensive, experience. That’s where we think there’s a business opportunity,” Swaggert says.

At Genesis10, employees see the value of U.S. military experience in the corporate world. It’s a view that comes from the top. Harley Lippman is the CEO and owner of the $185 million privately-held firm, which is based in New York. Lippman participated in a program that brings groups of U.S. service-disabled veterans to Israel, and when he saw how well Israel treats its veterans – with comprehensive health services and job assistance, for example — Lippman was inspired to launch his company’s program on Veterans Day in 2011. Swaggert joined the effort in mid-2013. “Harley is a visionary, and he saw that there’s a huge opportunity to tap into this untapped talent vein,” Swaggert says.

The firm is realistic about placing former soldiers. Some of the roles Genesis10 envisions U.S. military veterans helping fill include project manager, business analyst, testing analyst, storage administrators, database administrators, network engineers, midrange server specialists, and problem and incident management positions.

“We have clients who need Java developers with 10 years of experience. I’m not pretending Joe Smith off the street is going to do that,” Swaggert says. “But there are needs such as entry-level data entry, business analyst, quality assurance — stuff veterans will do really well, very process-oriented roles. Veterans are very detail-oriented. We have checklists for everything we do. If you don’t dot an ‘i’ or cross a ‘t’ an artillery round lands on your location.”

Part of Genesis10’s strategy is to connect veterans with companies that want to hire returning soldiers but are unsure how to go about it.

One hurdle is that many companies don’t know how to find veterans. It’s not enough to post typical job descriptions on veteran-focused job boards or at military recruiting fairs. “That doesn’t mean anything to a veteran. You’re not recruiting by job code — everyone in the military has a job code. You’re not recruiting by rank — rank equals experience,” Swaggert says. “You have to tailor that.”

He’s understanding of the conundrum for hiring managers. “On the company side, I don’t blame them,” Swaggert says. “Hiring managers don’t have experience hiring veterans. We are such a small fraction of the population. You can’t expect them to know and understand.”

Another part of Genesis10’s strategy is to prepare veterans for workplace culture, not only by tweaking resumes but also through interview coaching and soft-skills development. Communication is a key element.

“Veterans have different communications styles. In the military, we call it BLUF — it’s an acronym that stands for ‘bottom line up front.’ You state the bottom line. In the military, you walk up to someone at their desk, or wherever, and you just tell them what you want,” Swaggert says. Civilians communicate differently, and veterans need to learn to deal with the differences.

Veterans also need to learn how to interview. In the military, higher-ups look at soldiers’ service records to determine who moves up the ranks. “That interviewing skill just completely atrophies — if it was ever there in the first place and most likely it wasn’t,” Swaggert says.

For companies that are open to hiring veterans, Genesis10 can smooth the process. The company understands that there’s risk associated with trying new hiring approaches. “We’ve built a program to try to mitigate that risk,” Swaggert says. “We flat out say in our presentation, ‘we are here to mitigate the risk of hiring a veteran.'”

Still, it’s not always an easy sell. “There’s a reason why veterans don’t get hired. If it were easy it would already have been done. You have to invest time and effort. I wish I could say it’s just rewriting a resume. But it’s not.”

The most challenging part of Swaggert’s job is trying to find companies that are willing to hire veterans.

“My number one job is not to find veterans. I could stroll down to the nearest base, or post a job online looking for U.S. Military veterans. The hard part is walking into the companies. I’ve talked to a lot of CIOs, a lot of VPs, saying, ‘do you guys want to hire veterans?’ They all say yes, and they say, ‘well how do we do it?’ We talk about selection, training, mentoring, and onboarding and getting them to commit to that kind of investment.”

Success is hearing “’yes, I’m going to force my people to hire someone who’s a little bit different.’”

Swaggert joined the Reserves to stay connected to the military, and as a commanding officer in the Reserves, he flies monthly to Ohio. “The Marine Corps is very important to me. It will always be very important to me,” Swaggert says. “I’m not wearing a uniform every day, but I’m definitely doing military-related things daily.”

“There are plenty of people like me, who joined the military during a time of war, who are really smart people who said, ‘I want to serve on the front lines, because that’s what this country needs.'”

Now that they’re home, he wants to help them find work.

 

 

Click here to view complete Q&A of 98-361 exam

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft 98-361 Training at certkingdom.com

 


Continue Reading

The six pillars of Next Generation Endpoint Protection

Taken together, these core functions can detect the most advanced attack methods at every stage of their lifecycle

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach

Advancements in attack evasion techniques are making new threats extremely difficult to detect. The recent Duqu 2.0 malware, which was used to hack the Iranian nuclear pact discussions, Kaspersky Lab, and an ICS/SCADA hardware vendor, is a prime example. To keep up, a new security model that uses a different approach to the traditional “evidence of compromise” process is needed.

This Next Generation Endpoint Protection (NGEPP) model needs to address six core pillars that, when taken together, can detect the most advanced attack methods at every stage of their lifecycle:

* Prevention. NGEPP must leverage proven techniques to stop known threats in-the-wild. A layer of preemptive protection can block existing threats before they can execute on endpoints. Instead of relying only on one vendor’s intelligence, it’s now possible to collectively tap more than 40 reputation services via cloud services to proactively block threats. This approach also uses a lightweight method to index files for passive scanning or selective scanning, instead of performing resource-intensive system scans.

* Dynamic Exploit Detection. Using exploits to take advantage of code level vulnerabilities is a sophisticated technique used by attackers to breach systems and execute malware. Drive-by downloads are a common threat vector for carrying out exploit attacks. NGEPP should provide anti-exploit capabilities to protect against both application and memory-based attacks. This should be achieved by detecting the actual techniques used by exploit attacks — for example: heap spraying, stack pivots, ROP attacks and memory permission modifications — not by using methods that are dependent on static measures, like shellcode scanning. This approach is much more reliable, since the exploitation techniques themselves are not as easy to change or modify as the shellcode, encoder, dropper and payload components used in malware.

* Dynamic Malware Detection. Detecting and blocking zero-day and targeted attacks is a core NGEPP requirement. This involves real-time monitoring and analysis of application and process behavior based on low-level instrumentation of OS activities and operations, including memory, disk, registry, network and more. Since many attacks hook into system processes and benign applications to mask their activity, the ability to inspect execution and assemble its true execution context is key. To protect against a variety of attacks and scenarios this detection capability is most effective when performed on the device. For example, even if an endpoint is offline, it can be protected against USB stick attacks.

While many vendors now offer endpoint visibility, which is a leap forward, it cannot detect zero day attacks which do not exhibit any static indicators of compromise. Dynamic behavioral analysis that does not rely on prior knowledge of a specific indicator to detect an attack, is required when dealing with true zero threats.

* Mitigation. Detecting threats is necessary, but insufficient. The ability to perform mitigation must be an integral part of NGEPP. Mitigation options should be policy-based and flexible enough to cover a wide range of use cases, such as quarantining a file, killing a specific process, disconnecting the infected machine from the network, or even completely shutting it down. In addition, mitigation should be automated and timely. Quick mitigation during inception stages of the malware lifecycle will minimize damage and speed remediation.

* Remediation. During execution malware often creates, modifies, or deletes system file and registry settings and changes configuration settings. These changes, or remnants that are left behind, can cause system malfunction or instability. NGEPP must be able to restore an endpoint to its pre-malware, trusted state, while logging what changed and what was successfully remediated.

* Forensics. Since no security technology will ever be 100% effective, the ability to provide real-time endpoint forensics and visibility is a must for NGEPP. Clear and timely visibility into malicious activity that has taken place on endpoints across an organization is essential to quickly assess the scope of an attack and take appropriate responses. This requires a clear, real time audit trail of what happened on an endpoint during an attack and the ability to search for indicators of compromise across all endpoints.

To completely replace the protection capabilities of existing legacy, static-based endpoint protection technologies, NGEEP needs to be able to stand on its own to secure endpoints against both legacy and advanced threats throughout various stages of the malware lifecycle. The six pillars described above provide the 360 degrees of protection required for the Cloud generation, where the endpoint has become the new security perimeter.

 

MCTS Training, MCITP Trainnig

Best Microsoft 70-640 Exam Trainnig, Microsoft 70-642 Training at certkingdom.com

 


Continue Reading

Follow Us

Bookmark and Share


Popular Posts