Security+ is not too hard and is very straightforward. It's the kind of certification I would recommend to all techs to get them security-minded so they don't do stupid stuff because they can think logically about it from a security perspective.
I believe all the other ones are more specific if you want to actually get into infosec.
In case you know anyone...
Work remotely, applicants in Canada only. Software development company.
https://www.jobbank.gc.ca/jobsearch/jobposting/30132644
It would be great to get someone willing to learning performance troubleshooting and learn ins and outs of the technical aspect of the software.
It depends. I often don't trust just being given a Docker image. I want to see the Dockerfile. Then I can decide whether or not I want to make my own based off of that Dockerfile, or use that one. So that means understanding it.
For example, if I was going to provide a MailCow hosted service, I'm not going to just build the stack and call it good if it works. As the maintainer of that service I need to know how all the components work together.
Now it could be a different story if that image/stack came with direct support. I would still have to know how my Docker Swarm/Kubernetes Cluster works, but is it much different than installing software? We have to know how the OS and networking works, but there can be a lot that the software is doing that is a black box to us. Docker just takes it up another level.
@Obsolesce said in Domain Trust Group Permissions:
I use Domain Local groups for access control to local resources. You can have other group types as members, as well as groups from other trusted domains.
Right, but you can't then add that Domain Local group that has members from the trusted domain to a local group on the server.
Just sharing my new realization in regards with dealing with domain trusts.
In my head I was kind of doing a short circuit where a local group is basically a local resource. Probably because we have treated them that way. i.e. creating a Domain Local Group is created to become a member of a Local Group on certain computer/s.
So I was confused when I was doing some external trust labbing and while I could add a Domain Local group which contained a Global group from the trusted domain to folder permissions, I could not add that same group to the local Remote Desktop Users group.
However, a Local Group is not a resource, it is it's own thing, a local group. This blog outlines local groups and trusts well https://blogs.msmvps.com/acefekay/2012/01/06/using-group-nesting-strategy-ad-best-practices-for-group-strategy/ The only group that can be added is a Global Group (which of course means it is a group from the trusted domain).
The Remote Desktop Users group, grants certain Remote Desktop Services permission https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc753032(v=ws.11)
So those permissions is where I would need to use Domain Local groups. Apparently those permissions can only be assigned if you have the Remote Desktop role installed, unless you plan on spending some serious time on doing some reverse engineering.
@Kelly said in Writing a good CV:
Posting a snippet here for the sake of the thread's value:
Old:
- Reduced organizational IT operating costs by moving from costly closed source software to internally supported Linux based open source platforms and software
- Transitioned key IT systems from ad-hoc, as-needed to standardized, centrally managed, and strategy focused; achieving improved uptime, customer service, and reducing overall costs
New:
System Transformation – Mapped existing, fragmented IT systems and benchmarked against industry standards. Redesigned and deployed a centrally managed solution that improved uptime by 20%, reduced support tickets and customer complaints, and increased our ability to effectively predict and manage costs while utilizing existing infrastructure.
If I'm reading your resume, I'm not sure if this tells me anything that useful. I guess it depends on how big of a company you worked for. It's like politics, of course you will say anything you implement was the best thing ever. I could take from this that you have experience with ways to measure uptime, but apparently that's not the case?
@IRJ 's advice is pure gold. I'm going to go update my resume now. Setting an overview and a context to read the rest of the resume can only have benefits.
If you get external DNS to go to the nginx proxy you could probably allow all traffic to the URL path that lets encrypt needs and then create a whitelist for everything else.
Dragging and dropping todos between notebooks - I really like that
I'm really excited to start using this at work on Monday. Admittedly, I've never used Onenote or Evernote, so I can't really compare, but it looks like this will be perfect my organizing my meetings, project roadmaps and todo's.
Also the web clipper is really neat, convert a webpage into a simplified markdown page.