31st,2015)
IfyouknowsomeonewhoyouthinkwouldbenefitfrombeinganInsider,feelfreetoforwardthisPDFtothemsotheycansignuphere.
QuickTipsforourInsiderfriends!
HeyInsiders, ThisnewsletteringtoyoufromsomewhereovertheAtlantic,whereKimberlyandIareonaflightfromLondontoSanFrancisco,returninghomeafterteachingoursold-outIEPTO1classinLondonto42veryhappystudents.Londonissuchagreatcity,andwetickedafewmoresightseeingitemsoffourlist,includingSt.Paul’sCathedralandHamptonCourtPalace. We’vegotabusyFallwithourremainingclassesrunninginDublinandChicago,andanothergreatweekatSQLintersection(inLasVegasthisOctober)aswellasPASS–thatsameweek.Wewillbefinalizingourentireline-upforSQLintersectionthisweekandwe’vealreadypostedalotofthegreatsessionsthatwillbepresented;it’sgoingtobeafantasticweekfordatabasearchitectsanddevelopers!
Ifyou’regoingtoPASS,considersendingsomeofyourteam(primarilydevelopers)toSQLintersection–then,everyonecanreturnandcrosstraineachotheronwhatyou’velearnedandyouallwin!
Checkoutmoreinformationonlineatanddon’tettoregisterwiththediscountcodeofSQLskillstosave$50offyourregistration. ThelatestbookI’vereadisShaneHarris’@War:TheRiseoftheComplex.ThisbookisareallyinterestingountofthegrowthoftheU.S.cyber-securitymachineryinthewakeofthehugeriseinhackingandcyber-espionage,mostnotablyfromChina(ordingtothebook),overthelasttenyears.ItcoverstheNSA,othermilitaryandpanies,whatthey'redoing,andhowthey'recooperating.It'salsoawarningpaniesandthegovernmentneedtobedoingmoretoprotectthemselvesandcriticalassetsfromcyber-threats.Highlymended,andtheinspirationformyeditorialbelow. Note:youcangetallthepriorInsidernewslettershere. Paul'sPonderings BackinAprillastyearIwroteaneditorialinthenewsletterfocusedonsecurity,withmyolderTechNetMagazinearticleasabase.AsIwasreadingthe@WarbookIreviewedabove,itstruckmethatsecuritychecklistsandsecurityreviewsofSQLServerenvironmentsareallwellandgood,butthereareafewmissingthingsthatIthinkareworthconsidering. Forinstance,doespanyprovidetrainingorguidanceonrecognizingandavoidingphishingemails?
Phishingistheworddescribinganemailthatenticestherecipienttoopenitand maybeclickalink,whichtheninstallssomemalwareonputer.Thiscouldbesomethingthatlogskeystrokesandsendsthemtoanothersystemonthe.IfaDBAunknowinglyinstalledsuchmalwareonapersonal,say,andthenconnectedtoaworksystem,thehackerscouldcapturetheDBA’slogincredentials. Suchphishingemailscouldbecleverlytargeted,especiallyifhackersaregoingafterapanyandmakeanemaillooklikeit’ingfromasourcetheDBAtrusts.The@Warbookhasseveraldescriptionsofthisbeingdonepanieslikebanksanddefensecontractors.You’lllikelyhavereceivedemailslikethat,purportingefromMicrosoftorPayPalorsomepanyyourecognize,andurgingyoutoclickalinktofixsomethingtodowithyourount. Awaytotestpeopleinpanywouldbetocreateafakeemailwithalinkthattakesthemtoawebpageshowingthatthey’veclickedsomethingtheyshouldn’thave,andtobewaryinfuture–orjusttokeeptrackofwhatproportionofrecipientsinpanywerefooledintoclickingthelink. Anotherthingtobewaryofissocialengineering.Thisiswhereahackercallssomeoneonthephone,pretendingtobesomeonewhoneedssomeinformationthatcanhelpthembreakintoputersystem,andfoolsthepersonintogivingthatinformationout.Thiswasn’tinthe@Warbook,butissomethingI’vereadaboutbeingusedmanytimesinthepast,andisamontechniqueusedbyphonescammers. Finally,oneofthethingsyoumightconsiderforpanyisengagingtheservicesofapanythatdoesrationtesting.Thesepeoplewilldeliberatelytrytohackintoyourenvironment,withyourpermission,todiscoversecurityweaknessesthatyoucanthenpatchbeforeamalicioushackertriestobreakin. Sometimesthisisknownasethicalhacking,andyoucanactuallylearnhowtodoityourself.Forinstance,onPluralsight(wherewehostallouronlinetraining),thereisanewsetofcoursesthatwillhelpyoulearnhowtothinkaboutsecurityfromtheattacker’sperspectiveandassessyourownenvironmentforsecurityflaws.Checkthemouthere. CalltoAction Ifyou’reresponsiblefordatabasesthatcontainanyinformationthatyoudon’twantsomeonetohaveunauthorizedessto,youneedtomakesurethatyoursecuritydoesn’thaveanyproblems.Thatincludesmakingsurethattheusersareeducatedaboutwaysthattheycanbedupedintogivingoutinfoorinstallingmalware,andtestingyoursystem’sdefensestoseeiftheycanbebroken.Youcanbesurethatsomeoneouttherewilltrytogetinsoonerorlater. VideoDemo Inthedemothistime,GlenndemonstratesthelatestversionofCPU-ZandshowshowtouseittoquicklycheckeffectofyourpowermanagementsettingsinWindowsandattheBIOSlevelusingthenewCPUbenchmarkfeature.YoucandownloadCPU-Zfromthislink:. Thevideoisabout5minuteslongandyoucangetit: InWMVformathere.InMOVformathere. Enjoy!
SQLskillsOfferings We’vereleasedallofourclassesfor2015,listedbelow.We’llreleasethefirstportionofour2016scheduleinSeptember. Tohelpyourbossunderstandtheimportanceoffocused,technicaltraining,we’vealsoaddedafewitemstohelpyoujustifyspendingyourtrainingdollarswithus: LettertoyourbossexplainingwhySQLskillstrainingisworthwhileCommunityblogpostsaboutourclassesImmersionEventFAQ ingImmersionEvents Dublin,Ireland October12-16,2015:IEPTO2:ImmersionEventonPerformanceTuningandOptimization–Part2(formerlyIE2)SOLDOUT!
Chicago,IL November16-18,2015:IE0:ImmersionEventfortheidental/JuniorDBA6seatsremaining!
November16-19,2015:IEPDS:ImmersionEventonPracticalDataScience5seatsremaining!
November16-20,2015:IEPTO1:ImmersionEventonPerformanceTuningandOptimization–Part1(formerlyIE1)SOLDOUT!
SeehereforthemainImmersionEventCalendarpagethatallowsyoutodrillthroughtoeachclassformoredetailsandregistrationlinks. SQLintersection We’relookingforwardtoanothergreatSQLintersectionevent!
ThisFallSQLintersectionisrunningtheweekofOctober26,2015backinLasVegas.Yes,it’sthesameweekasPASS.No,that’snotreallyaproblem!
Wedon’thavealotoffolksthatattendbothPASSandSQLintersectionsotheoverlappingweekisn’tabigproblem.And,it’sagreatwaytogetdifferentperspectivesonthetechandhaveebackanddoknowledge-transfer. Checkitoutonlineat.Whenyouregister,don’tettousethediscountcode“SQLskills”(withoutthequotesanditisn’tcase-sensitive)andyoucansave$50offregistration.Wehopetoseeyouthere!
Summary Wehopeyou'veenjoyedthisissue-wereallyenjoyputtingthesetogether. Ifthereisanythingelseyou'reinterestedin,we'dlovetohearfromyou-dropusaline. Thanks,PaulandKimberly Paul@andKimberly@
HeyInsiders, ThisnewsletteringtoyoufromsomewhereovertheAtlantic,whereKimberlyandIareonaflightfromLondontoSanFrancisco,returninghomeafterteachingoursold-outIEPTO1classinLondonto42veryhappystudents.Londonissuchagreatcity,andwetickedafewmoresightseeingitemsoffourlist,includingSt.Paul’sCathedralandHamptonCourtPalace. We’vegotabusyFallwithourremainingclassesrunninginDublinandChicago,andanothergreatweekatSQLintersection(inLasVegasthisOctober)aswellasPASS–thatsameweek.Wewillbefinalizingourentireline-upforSQLintersectionthisweekandwe’vealreadypostedalotofthegreatsessionsthatwillbepresented;it’sgoingtobeafantasticweekfordatabasearchitectsanddevelopers!
Ifyou’regoingtoPASS,considersendingsomeofyourteam(primarilydevelopers)toSQLintersection–then,everyonecanreturnandcrosstraineachotheronwhatyou’velearnedandyouallwin!
Checkoutmoreinformationonlineatanddon’tettoregisterwiththediscountcodeofSQLskillstosave$50offyourregistration. ThelatestbookI’vereadisShaneHarris’@War:TheRiseoftheComplex.ThisbookisareallyinterestingountofthegrowthoftheU.S.cyber-securitymachineryinthewakeofthehugeriseinhackingandcyber-espionage,mostnotablyfromChina(ordingtothebook),overthelasttenyears.ItcoverstheNSA,othermilitaryandpanies,whatthey'redoing,andhowthey'recooperating.It'salsoawarningpaniesandthegovernmentneedtobedoingmoretoprotectthemselvesandcriticalassetsfromcyber-threats.Highlymended,andtheinspirationformyeditorialbelow. Note:youcangetallthepriorInsidernewslettershere. Paul'sPonderings BackinAprillastyearIwroteaneditorialinthenewsletterfocusedonsecurity,withmyolderTechNetMagazinearticleasabase.AsIwasreadingthe@WarbookIreviewedabove,itstruckmethatsecuritychecklistsandsecurityreviewsofSQLServerenvironmentsareallwellandgood,butthereareafewmissingthingsthatIthinkareworthconsidering. Forinstance,doespanyprovidetrainingorguidanceonrecognizingandavoidingphishingemails?
Phishingistheworddescribinganemailthatenticestherecipienttoopenitand maybeclickalink,whichtheninstallssomemalwareonputer.Thiscouldbesomethingthatlogskeystrokesandsendsthemtoanothersystemonthe.IfaDBAunknowinglyinstalledsuchmalwareonapersonal,say,andthenconnectedtoaworksystem,thehackerscouldcapturetheDBA’slogincredentials. Suchphishingemailscouldbecleverlytargeted,especiallyifhackersaregoingafterapanyandmakeanemaillooklikeit’ingfromasourcetheDBAtrusts.The@Warbookhasseveraldescriptionsofthisbeingdonepanieslikebanksanddefensecontractors.You’lllikelyhavereceivedemailslikethat,purportingefromMicrosoftorPayPalorsomepanyyourecognize,andurgingyoutoclickalinktofixsomethingtodowithyourount. Awaytotestpeopleinpanywouldbetocreateafakeemailwithalinkthattakesthemtoawebpageshowingthatthey’veclickedsomethingtheyshouldn’thave,andtobewaryinfuture–orjusttokeeptrackofwhatproportionofrecipientsinpanywerefooledintoclickingthelink. Anotherthingtobewaryofissocialengineering.Thisiswhereahackercallssomeoneonthephone,pretendingtobesomeonewhoneedssomeinformationthatcanhelpthembreakintoputersystem,andfoolsthepersonintogivingthatinformationout.Thiswasn’tinthe@Warbook,butissomethingI’vereadaboutbeingusedmanytimesinthepast,andisamontechniqueusedbyphonescammers. Finally,oneofthethingsyoumightconsiderforpanyisengagingtheservicesofapanythatdoesrationtesting.Thesepeoplewilldeliberatelytrytohackintoyourenvironment,withyourpermission,todiscoversecurityweaknessesthatyoucanthenpatchbeforeamalicioushackertriestobreakin. Sometimesthisisknownasethicalhacking,andyoucanactuallylearnhowtodoityourself.Forinstance,onPluralsight(wherewehostallouronlinetraining),thereisanewsetofcoursesthatwillhelpyoulearnhowtothinkaboutsecurityfromtheattacker’sperspectiveandassessyourownenvironmentforsecurityflaws.Checkthemouthere. CalltoAction Ifyou’reresponsiblefordatabasesthatcontainanyinformationthatyoudon’twantsomeonetohaveunauthorizedessto,youneedtomakesurethatyoursecuritydoesn’thaveanyproblems.Thatincludesmakingsurethattheusersareeducatedaboutwaysthattheycanbedupedintogivingoutinfoorinstallingmalware,andtestingyoursystem’sdefensestoseeiftheycanbebroken.Youcanbesurethatsomeoneouttherewilltrytogetinsoonerorlater. VideoDemo Inthedemothistime,GlenndemonstratesthelatestversionofCPU-ZandshowshowtouseittoquicklycheckeffectofyourpowermanagementsettingsinWindowsandattheBIOSlevelusingthenewCPUbenchmarkfeature.YoucandownloadCPU-Zfromthislink:. Thevideoisabout5minuteslongandyoucangetit: InWMVformathere.InMOVformathere. Enjoy!
SQLskillsOfferings We’vereleasedallofourclassesfor2015,listedbelow.We’llreleasethefirstportionofour2016scheduleinSeptember. Tohelpyourbossunderstandtheimportanceoffocused,technicaltraining,we’vealsoaddedafewitemstohelpyoujustifyspendingyourtrainingdollarswithus: LettertoyourbossexplainingwhySQLskillstrainingisworthwhileCommunityblogpostsaboutourclassesImmersionEventFAQ ingImmersionEvents Dublin,Ireland October12-16,2015:IEPTO2:ImmersionEventonPerformanceTuningandOptimization–Part2(formerlyIE2)SOLDOUT!
Chicago,IL November16-18,2015:IE0:ImmersionEventfortheidental/JuniorDBA6seatsremaining!
November16-19,2015:IEPDS:ImmersionEventonPracticalDataScience5seatsremaining!
November16-20,2015:IEPTO1:ImmersionEventonPerformanceTuningandOptimization–Part1(formerlyIE1)SOLDOUT!
SeehereforthemainImmersionEventCalendarpagethatallowsyoutodrillthroughtoeachclassformoredetailsandregistrationlinks. SQLintersection We’relookingforwardtoanothergreatSQLintersectionevent!
ThisFallSQLintersectionisrunningtheweekofOctober26,2015backinLasVegas.Yes,it’sthesameweekasPASS.No,that’snotreallyaproblem!
Wedon’thavealotoffolksthatattendbothPASSandSQLintersectionsotheoverlappingweekisn’tabigproblem.And,it’sagreatwaytogetdifferentperspectivesonthetechandhaveebackanddoknowledge-transfer. Checkitoutonlineat.Whenyouregister,don’tettousethediscountcode“SQLskills”(withoutthequotesanditisn’tcase-sensitive)andyoucansave$50offregistration.Wehopetoseeyouthere!
Summary Wehopeyou'veenjoyedthisissue-wereallyenjoyputtingthesetogether. Ifthereisanythingelseyou'reinterestedin,we'dlovetohearfromyou-dropusaline. Thanks,PaulandKimberly Paul@andKimberly@
声明:
该资讯来自于互联网网友发布,如有侵犯您的权益请联系我们。