Tag Post Mortem

Hey guys, it’s been a long while since I’ve done a Post-Mortem on an exam.. I just didn’t feel like it from the last few betas I took – So here you go, with so much interest in the Hyper-V exam here is my post-mortem analysis and not to mention what I felt about it, and why I said “Wow” :)

Pro: Windows Server 2008 R2, Virtualization Administrator

About this Exam

This exam validates a candidates knowledge of Microsoft virtualization technologies.

Audience Profile

Candidates should have one to three years of experience using Microsoft virtualization products, including Hyper-V, System Center Virtual Machine Manager, and Remote Desktop Services (RDS), in a Windows Server 2008 R2 infrastructure. Candidates for this exam are IT professionals who have jobs in which managing or deploying virtualization technologies is their main area of responsibility.

Credit Toward CertificationExam 70-693: Pro: Windows Server 2008 R2, Virtualization Administrator: counts as credit toward the following certification(s):

Microsoft Certified IT Professional: Windows Server 2008 R2, Virtualization Administrator

So, there is the high level view of the exam as listed at Pro: Windows Server 2008 R2, Virtualization Administrator and one of the most useful tools you will find on that page is the “Skills Measured” tab which happens to give you a comprehensive overview of what kind of content there is on the exam – If you follow that list and rule, you will indeed be prepared if you study against the skills measured!  I do want to note, I HIGHLY encourage you to check out the ‘Skills Measured’ from TS: Windows Server Virtualization, Configuring – Seriously!  – A slight disclaimer here.. I mistakenly wrote the reference material against last years 70-652 TS: Windows Server Virtualization, Configuring – But take it for what it is.. Combine the two ‘skills measured’ from both exams and your chances of passing will increase exponentially!

Now what may be beneficial is a comprehensive understanding of… competitive pressures? Would you call it that? I have to say, I saw a damn lot of another vendors virtualization product (Some might call it, the largest virtualization product in the industry, not to mention the most deployed)   In the “Installing Hyper-V” section, as seen in Skills Measured, it mentions very briefly a coverage of clustering, storage – shared and otherwise – accounting for 14% of the exam.  To me it honestly felt more like 45% of the exam had some focus on Storage or Clustering.  I haven’t seen that much iSCSI, and FCP touted in a long time! (Take my NFS and CIFS Please! – Oh, yea while not mentioned, you probably want to ensure you’re up on the entire protocol stack, grin :))

Next, if you look across all 4 Skill areas, you’ll notice SCVMM is included in there.   Yea, there’s a reason for that.   Infact, I’d be surprised if there were any questions which DIDN’T include SCVMM! I say ‘mostly’ in jest, because it makes you wonder ‘Is this Hyper-V, or a purely SCVMM exam?!?” :)

As far as annoying faults in the tests go, I only found one major syntactical error which I reported, but on the whole the test itself was well formed and the questions were free of Grammatical mistakes.   Now, let’s get into the Wow section.

Perhaps I was a bit hasty when I said “Wow” about this exam.  Perhaps I should have placed myself more into the category of WTF?!?   So, feel free to see an intermingling of my thoughts on the exam now :)   The questions were well formed, perhaps even a little too well formed.   A number of them looked as though they were struggling to find examples of what WASN’T the right answer, because they were all pretty damn easy to answer in and out!   Am I saying I passed? There’s a pretty good chance, but I place no bets!    If you are NOT up on the competitive landscape as far as where Hyper-V plays in the industry, you better be to take this exam.  I wasn’t sure if I was sitting for the VCP, a minor in Citrix, or if this was infact an actual Microsoft Exam! (Yes, I know it was a Microsoft exam because all of the questions WERE very well formed, and a number of them… were sadly still written to the old adage of ‘Choose the microsoft answer’ ;)

This exam also included the recent name changes to products, so I commend it’s accuracy!    And the intimate level of focus on VDI – was quite amazing, but sadly I reach a saddening point.

If I am to fail in this exam under any circumstances? It is because of the number of ‘it depends’ questions they had in there.   What does that mean?   I’m sure providing details about how many interfaces you should have and factual information backing it is PERFECTLY okay, I can sign off on that – No problem, albeit Best Practice and ‘minimal acceptable’ is further subjective.   But when it comes to degrees of scale and how many VM’s I can actually host on a particular server?   Without raw details, a breakdown of workload, and not to mention this isn’t a different vendors solution so the pure economies of scale require me to be EXTREMELY conservative.   I’m not being negative I’m being factual, we all know that – and we know JUST how subjective things are when it comes to VM density.   With that said be very careful, I have no guidance there other than try to find out what the proverbial ‘microsoft answer’ is for what density looks like I’ve always seen it published as ‘not as much as others’ and some of the deployments in the exam outright scared me – And I don’t get scared by technology, I put fear into it’s heart!

I’m FAIRLY certain I didn’t say anything which violates NDA, since pretty much everything included here is referenced in the Skills Measured page Pro: Windows Server 2008 R2, Virtualization Administrator but incase I did… don’t spank me! preferably fix the questions which are wrong (glares in Liberty’s direction ;)) And… Well, have a good time – Use of the technology and understanding these skills are pretty much all you need in order to pass!

Now on a personal note! I’m going to be running the Boston Marathon in a few months in order to raise money for disabled children and every single dollar helps, so if you can help me in my cause these children and their families will greatly appreciate it!   Even if you can only afford $1 that’s perfectly fine! The more people who contribute the better!

http://www.firstgiving.com/cxi – Help sponsor my run in the Boston Marathon on behalf of disabled children!

So, thank you all and I hope you find something useful from this post-mortem and truly every $1 helps, and I greatly appreciate it!  Thanks!

What are our lessons learned so far from this little Twitter Phishing Scam?

First of all, this involved infecting a single or single groups of people.

Distribution consisted of Infect a person by sending them to a site to capture their credentials.   Once those usernames and passwords were collected, they would then use those compromised credentials to send this same message (via DM) to their followers, and continue the spread.

If Joe has 10 followers and DM’s it to those 10, and those 10 have 10 followers and DM it to the next 10, shortly you’d have thousands who are redistributing this – So long as they’ve visited the site and entered their credentials to be captured.

I see a lot of anger “I’m going to get person ‘x’ who sent me this message!”

It’s not the fault of the sender, not entirely.   They were compromised by a phishing scam, it happens, you should work towards educating them instead of castrating them.  So next time it will be part of their sense to not transmit their username/password to an untrusted site.

How could this terrible thing have happened? Now I hate (BlogSpot, Twitter, Followers)

Don’t hate the player, just be glad that it WAS done this way (a semi-safe site with only a small portion of cookies which get added to your browser)   Here is what could have happened if it were introduced in an effective ‘distribution manner’.

You visit the site, you are prompted for credentials.  Perhaps you’re prompted for credentials, though the better payload would be in the form of Malware, Spyware, Phishing-ware, Password capturers, and a number of other infection mechanisms.

Once this would be done, you’d be able to compromised on a number of fronts and able to distribute this to millions instead of just the few followers you have – Infecting Facebook, your banking account, etc so on and so forth.

What can I do about this in the future?

The universal rule of communication, especially unsolicited is ask yourself a few questions.   Would you visit this link if you were having a conversation with the person? Having established rapport with them while talking? Yes likely.

However the tip here is – Random “auto-dm’s” does not guarantee a reason to visit their link.  Yes a lot of people DO send out auto-DM’s, to the bane of all of us (SocialToo/ChrisBrogan– Thanks for helping limit that exposure!)  However, don’t bane all communication in the future.   If you think someone seriously DID write a funny blogpost about you because the person knows you, definitely do check it out! But in all seriousness, if you’ve not had some kind of established communication with this person to justify it, and let alone it brings you to not a funny blogpost, but to a fake twitter login page – Be sure to question it and use your common sense here.

Oh, and be wary of ever entering your credentials – again unless you explicitly trust the source.

Hopefully this Post-Mortem helps you deal with this situation, I’m still waiting for my self-infected account to start tweeting out to me (Controlled infection) For every problem there will be people looking to exploit it, and others trying to solve and contain it.   I’ll be there trying to find new solutions and rid the world of future exposure as well :)

Good luck, and feel free to follow me if you like :) @cxi

A literal day does not go by where someone asks me what a "Beta" exam is, who takes them, and why?

Are you "Beta" material?  That’s a great question which hopefully by the end of this you’ll be able to come to terms with who you might be.

Q: Who are Beta Exams for?

A: Beta Exams are for people who meet any of the following criteria:

• Tend to be an early adopter of technology and software
• Are interested in advancing your career, whether on your own budget or someone else’s
• Self-Starter, Self-studier who will go out and absorb information about a new tech/exam
• A veteran of an application, looking to prove your "skillz"
• A novice of an application, looking to improve your "skillz" :)
• Someone with a competitive spirit, flare, or otherwise
• People who like to comment on material before it goes live, to improve the final product

You do not need to meet any single one of the above criteria to qualify as a beta tester, but chances are you meet one or more.

Q: What is a Beta Exam?

A: Beta exams are usually performing the following functions:

• Validating the test questions which were written by a team of specialists to confirm how realistic they may be, before taking an exam live
• Qualifying "experimental" test questions which may or may not even be real.  In order to see how people react and comment on those questions
• Beta exams are often a subset or an entire pool of questions which will be utilized in the finished product.  Depending you may see a small number (70) or larger (100+) questions to answer and respectively comment
• Constructive Comments and feedback – Your comments will be read, so if you don’t like a question say so and that question could be removed or updated respectively

Q: Why take a Beta Exam?

A: The reasons to take a Beta Exam are many-fold, but here some reasons I take them:

• They’re free! It gives me the opportunity (Stress Free) to take a test, (Pass/Fail) and it won’t cost me any $$ other than my time investment.    This way I can validate my worldly skills at this simple cost
• Comments and Feedback! I do like to provide constructive feedback as I personally take an interest in ensuring we’re obtaining the highest quality release of Exams, Product, etc.   Having been involved in alphas and betas since the beginning of time – seeing it first and making sure by the time everyone else sees it, they see it for the good and not the bad we were all fortunate to clean up :)
• I’m an early adopter.   Hell, I’m an innovator, but it’s not too often that I actually *write* the exams or questions, so I tend to go for ‘adopter’ as much as possible
• I gotz skillz! Yea, in the Microsoft.. and Networking.. and Storage… and Unix.. and Programming.. and pretty much every space, I’ve either worked with it, or can infer within a few seconds years of experience out of it.   So based upon that sole reason and criteria I like to see these things and expand my own personal knowledge base
  • If after taking an exam I feel it is not for me, I take the benefit of my experience, share the wealth of knowledge and continue on my way (Post Mortems)
• Did I mention because it’s FREE? Seriously! Anyone who is looking to start their career, advance their career, or simply stabilize where they are.   You can’t go wrong with Free in this economy, or any economy.   Not to mention you’re helping a good cause of validating the material!

So, anyone who happens to work in the world of technology who doesn’t want to sit still at a stalemate – Get out there and take beta exams!   Take your free-self, get your cert on, and even learn something in the process!

Well, if you recall the last time I took a test, I reported it was "Amazing", though I cannot declare the same feelings for this particular exam.

On the surface, there was nothing wrong with this exam, yet in the same gesture there was also nothing right about it.  I’m not judging the content as it was delivered free of most complaints I typically comment about on exams.    No, this was something different, something else.   The kind of something only that of an infrastructure, architectural geek wouldn’t get.

Two weeks in the trenches working with EBS and this particular exam will be a godsend to you.  You’ll be prepared, ready and set to deliver.   The same could be said though of someone who has never touched anything else outside of EBS.

But opening the doorway to SBS, if you’ve ever touched a "real server", and happen to be a command line guy, you’ll find SBS, EBS and this particular exam to be considerably frustrating.  Now don’t get me wrong! I’m not knocking EBS, or SBS.  I’m just letting you know, if you’re not that guy, this is not the test for you.

Know your product, know the in’s, the out’s and you’ll do fine.   But this is not an exam to think outside the box.

 You’ve been warned!

What is there to say about NS1-050…

Avoid taking it if you don’t have a good understanding of FAS equipment and Data ONTAP

It doesn’t require an advanced understanding, but a good solid foundation, having worked with equipment for some time, as well as some basic diagnostic and configuration work.

Still nothing published about this on the NetApp Certification site, but betas are as betas will be!

Good luck taking it!