Wednesday, 25 November 2015

Exam 77-418 Word 2013

Exam 77-418 Word 2013

Published: February 28, 2013
Languages: English
Audiences: Information workers
Technology: Microsoft Office 2013 suites
Credit toward certification: MOS

Skills measured
This exam measures your ability to accomplish the technical tasks listed below. The percentages indicate the relative weight of each major topic area on the exam. The higher the percentage, the more questions you are likely to see on that content area on the exam. View video tutorials about the variety of question types on Microsoft exams.

Please note that the questions may test on, but will not be limited to, the topics described in the bulleted text.

Do you have feedback about the relevance of the skills measured on this exam? Please send Microsoft your comments. All feedback will be reviewed and incorporated as appropriate while still maintaining the validity and reliability of the certification process. Note that Microsoft will not respond directly to your feedback. We appreciate your input in ensuring the quality of the Microsoft
Certification program.

If you have concerns about specific questions on this exam, please submit an exam challenge.


Create and manage documents
Create a document
Creating new blank documents, creating new documents using templates, importing files, opening non-native files directly in Word, opening a PDF in Word for editing
Navigate through a document
Searching for text within document, inserting hyperlinks, creating bookmarks, using Go To
Format a document
Modifying page setup, changing document themes, changing document style sets, inserting simple headers and footers, inserting watermarks, inserting page numbers
Customize options and views for documents
Changing document views, using zoom, customizing the quick access toolbar, customizing the ribbon, splitting the window, adding values to document properties, using show/hide, recording simple macros, assigning shortcut keys, managing macro security
Configure documents to print or save
Configuring documents to print, saving documents in alternate file formats, printing document sections, saving files to remote locations, protecting documents with passwords, setting print scaling, maintaining backward compatibility

Preparation resources
Basic tasks in Word 2013
Create your first Word 2013 document (training)
Move around in a document using the navigation pane

Format text, paragraphs, and sections
Insert text and paragraphs
Appending text to documents, finding and replacing text, copying and pasting text, inserting text via AutoCorrect, removing blank paragraphs, inserting built-in fields, inserting special characters
Format text and paragraphs
Changing font attributes, using find and replace to format text, using format painter, setting paragraph spacing, setting line spacing, clearing existing formatting, setting indentation, highlighting text selections, adding styles to text, changing text to WordArt, modifying existing style attributes
Order and group text and paragraphs
Preventing paragraph orphans, inserting breaks to create sections, creating multiple columns within sections, adding titles to sections, forcing page breaks

Preparation resources
Insert fields
Copy formatting using the format painter
Add a page break

Create tables and lists
Create a table
Converting text to tables, converting tables to text, defining table dimensions, setting AutoFit options, using quick tables, establishing titles
Modify a table
Applying styles to tables, modifying fonts within tables, sorting table data, configuring cell margins, using formulas, modifying table dimensions, merging cells
Create and modify a list
Adding numbering or bullets, creating custom bullets, modifying list indentation, modifying line spacing, increasing and decreasing list levels, modifying numbering

Preparation resources
Insert a table
Convert text to a table or a table to text
Change bullet style

Apply references
Create endnotes, footnotes, and citations
Inserting endnotes, managing footnote locations, configuring endnote formats, modifying footnote numbering, inserting citation placeholders, inserting citations, inserting bibliography, changing citation styles
Create captions
Inserting endnotes, managing footnote locations, configuring endnote formats, modifying footnote numbering, inserting citation placeholders, inserting citations, inserting bibliography, changing citation styles

Preparation resources
Add footnotes and endnotes
Create a bibliography

Insert and format objects
Insert and format building blocks
Inserting quick parts, inserting textboxes, utilizing building locks organizer, customizing building blocks
Insert and format shapes and SmartArt
Inserting simple shapes, inserting SmartArt, modifying SmartArt properties (color, size, shape), wrapping text around shapes, positioning shapes
Insert and format images
Inserting images, applying artistic effects, applying picture effects, modifying image properties (color, size, shape), adding uick styles to images, wrapping text around images, positioning images

Preparation resources
Quick parts
Change the color of a shape, shape border, or entire SmartArt graphic
Move pictures or clip art

Posted by at No comments:
Labels: , , , , , ,

Sunday, 15 November 2015

70-695 Deploying Windows Desktops and Enterprise Applications

70-695 Deploying Windows Desktops and Enterprise Applications
Published: January 23, 2015
Languages: English
Audiences: IT professionals
Technology: Windows 8.1, Windows Server 2012 R2
Credit toward certification: MCP, MCSE

Skills measured
This exam measures your ability to accomplish the technical tasks listed below. The percentages indicate the relative weight of each major topic area on the exam. The higher the percentage, the more questions you are likely to see on that content area on the exam. View video tutorials about the variety of question types on Microsoft exams.

Please note that the questions may test on, but will not be limited to, the topics described in the bulleted text.

Do you have feedback about the relevance of the skills measured on this exam? Please send Microsoft your comments. All feedback will be reviewed and incorporated as appropriate while still maintaining the validity and reliability of the certification process. Note that Microsoft will not respond directly to your feedback. We appreciate your input in ensuring the quality of the Microsoft Certification program.

If you have concerns about specific questions on this exam, please submit an exam challenge.

Implement the Operating System Deployment (OSD) infrastructure (21%)
Assess the computing environment
Configure and implement the Microsoft Assessment and Planning (MAP) Toolkit, assess Configuration Manager reports, integrate MAP with Microsoft System Center 2012 Configuration Manager, determine network load capacity
Plan and implement user state migration
Design considerations, including determining which user data and settings to preserve, hard-link versus remote storage, mitigation plan for non-migrated applications, and wipe-and-load migration versus side-by-side migration; estimate migration store size; secure migrated data; create a User State Migration Tool (USMT) package
Configure the deployment infrastructure
Configure Windows Deployment Services (WDS), install and configure Microsoft Deployment Toolkit (MDT), identify network services that support deployments, select Configuration Manager distribution points, support BitLocker
Configure and manage activation
Configure KMS, MAK, and Active Directory–based activation; identify the appropriate activation tool

Implement a Lite Touch deployment (18%)
Install and configure WDS
Configure unicast/multicast, add images to WDS, configure scheduling, restrict who can receive images
Configure MDT
Configure deployment shares, manage the driver pool, configure task sequences, configure customsettings.ini
Create and manage answer files
Identify the appropriate location for answer files, identify the required number of answer files, identify the appropriate setup phase for answer files, configure answer file settings, create autounattend.xml answer files

Implement a Zero Touch deployment (20%)
Configure Configuration Manager for OSD
Configure deployment packages and applications, configure task sequences, manage the driver pool, manage boot and deployment images
Configure distribution points
Configure unicast/multicast, configure PXE, configure deployments to distribution points and distribution point groups
Configure MDT and Configuration Manager integration
Use MDT-specific task sequences; create MDT boot images; create custom task sequences, using MDT components

Create and maintain desktop images (21%)
Plan images
Design considerations, including thin, thick, and hybrid images, WDS image types, image format (VHD or WIM), number of images based on operating system or hardware platform, drivers, and operating features
Capture images
Prepare the operating system for capture, create capture images using WDS, capture an image to an existing or new WIM file, capture an operating system image using Configuration Manager
Maintain images
Update images using DISM; apply updates, drivers, settings, and files to online and offline images; apply service packs to images; manage embedded applications

Prepare and deploy the application environment (20%)
Plan for and implement application compatibility and remediation
Planning considerations, including RDS, VDI, Client Hyper-V, and 32 bit versus 64 bit; plan for application version co-existence; use the Application Compatibility Toolkit (ACT); deploy compatibility fixes
Deploy Office 2013 by using MSI
Customize deployment, manage Office 2013 activation, manage Office 2013 settings, integrate Lite Touch deployment, re-arm Office 2013, provide slipstream updates
Deploy Office 2013 by using click-to-run (C2R)
Configure licensing, customize deployment, configure updates, monitor usage by using the Telemetry Dashboard


Posted by at No comments:
Labels: , , , , , ,

Thursday, 5 November 2015

From start to finish, inside a PayPal Phishing scam

One of the world's most targeted brands...

PayPal is one of the most commonly targeted brands for Phishing, nearly equal to banks when it comes to potential financial gain for criminals.

Today, we're revisiting the concept of how to spot a Phishing email by focusing on a recent Phishing campaign that's targeting PayPal customers. We'll start by pointing out visual cues that will help you avoid becoming a victim, but we'll also go thorough the scam completely so you can see what it looks like.

It starts with an email
This is what the Phishing email looks like once opened.

Phishing remains one of the fastest and easiest methods of personal compromise. With this type of attack, criminals play a numbers game. The more messages they send, the more likely someone is going to fall for the scam.

Even if the victim count is low, the cost of a Phishing campaign is next to nothing on the criminal's end – a single victim often covers all costs.

Sadly, dozens of people are likely to be scammed in a given campaign, so Phishing has become a turnkey business for most criminals. Each campaign is different, often targeting personal information, financial information, or in this case - both.

Moving on, let's examine some of the visual cues that will debunk this alleged warning.

Email addresses
Notice that the support address isn't a PayPal address. That's important.

But after that, the "via" marking in the "From:" field is Google's way of telling you that the email you're reading was sent from an account other than the one listed. If this were an actual email from PayPal, Google wouldn't offer this visual cue.

"Gmail displays this information because many of the services that send emails on behalf of others don’t verify that the name that the sender gives matches that email address. We want to protect you against misleading messages from people pretending to be someone you know," Google explains.

In this case, the criminal compromised a website and used the webhost's server to send the message. If this message arrives outside of Gmail, the fact that the sender doesn't use a PayPal address is the first clue that something isn't right.

Other than that, the email's subject is all wrong too. It's attempting to stress a point and relay a false sense of urgency, but the fact that it doesn't name "account" in question increases the odds that curiosity will get the better of you and you'll open the message.

Message Body: Where the Phishing scam will either live or die
To the untrained eye, the message is letting you know that your PayPal account is limited, and that there is a time limit for resolution. Again, this is injecting a false sense of urgency – and if you rely on PayPal, the fact you might lose access to your account is a serious issue.

The message explains itself as a security measure, and warns that your PayPal account might be in danger of compromise, resulting in theft. Ironic really, because theft is the name of the game here. Once more, the criminals are pressing fear as the main motivator. The fix is simple; just confirm your information by following the link.

To the trained eye, the message is a false as can be. First, PayPal will always use the registered account name when addressing messages, so they'll never address a security email simply as "PayPal Customer."

Second, the message itself is just an image. The criminal created a link to their domain, and used an image instead of the text link that most everyone is used to on the Web.

Using the image helps the message bypass many basic spam filters. The fact that the message was relayed through a compromised account that had never sent spam before also helped it avoid detection.

Turn back now...
If for some reason a person were to click the link, the URL displayed would be the final torpedo needed to sink this Phishing scam. There is no HTTPS and the domain clearly IS NOT a domain controlled by PayPal.

Please note, that the URL shown in this image was live at the time this article was written, do not visit it. The webhost has taken the domain offline, but this URL could be pointed to a new location in the future.

The following images are what the Phishing scam will look like in action. Each slide will explain what's happening on screen.

Usernames and passwords
Entering your username and password into the field from the previous slide triggers a number of checks by the Phishing script that created this domain. However, at this stage your PayPal username and password have been stolen.

But the scammer isn't done.

This screen should be familiar to anyone who uses PayPal. If so, there's a reason for that. The color in the images, the way the website is designed, and the URL bar that's full of letters and numbers are all there to fool you into thinking you're on PayPal's website.

But remember, you're not, and the missing HTTPS is proof that PayPal isn't involved here.

Again, the URL shown in this image was live at the time this article was written, do not visit it. The webhost has taken the domain offline, but this URL could be pointed to a new location in the future.

Confirmation required
Once the loading screen goes away, the second part of the scam starts. Remember, at this stage your PayPal username and password have been compromised. However, in the criminal's opinion, why stop there?

If you fell for the first part, the crook running this scam feels that you'll fall for the second part too, which focuses on personal and financial information.

This might get old, but it's important. The URL shown in this image was live at the time this article was written, do not visit it. The webhost has taken the domain offline, but this URL could be pointed to a new location in the future.

Tell us a little about yourself
After the loading screen, you'll be asked to confirm information. If you agree, you'll see this screen. Here the criminal is able to build a profile on your information. The data collected here can be sold, or used to further additional scams – including identity theft.

Given that the scam needed information, CSO provided a false name, the address for Hoboken City Hall in New Jersey, and a phone number to book a room at the Holiday Inn.

But the criminal isn't done.
This might get old, but it's important. The URL shown in this image was live at the time this article was written, do not visit it. The webhost has taken the domain offline, but this URL could be pointed to a new location in the future.

Credit cards
Now that the criminal has your personal information, this form will look for some financial data – namely your credit card details.

This page, as well as all the others, has been designed to look exactly like PayPal. For those that are trained to look for a padlock, but forget where it is, the message at the bottom of the page is there for reassurance. But nothing on this page is secure.

Again, the URL shown in this image was live at the time this article was written, do not visit it. The webhost has taken the domain offline, but this URL could be pointed to a new location in the future.

Banking data
The last bit of information the criminal will ask about is banking data. This form serves two functions; first it collects the login data and account number for your bank. The second is that it enables the crook to see if you're recycling passwords.

Assuming the PayPal password is the same as the bank; it's a good indicator that you're using the same password everywhere. If not, the crook can use this information to run a number of additional scams and leverage the collected details to compromise other accounts under your control.

The URL shown in this image was live at the time this article was written, do not visit it. The webhost has taken the domain offline, but this URL could be pointed to a new location in the future.

End of the line
This is the end of the scam. The entire thing was designed to make you feel as if you were dealing with PayPal the entire time. However, at this stage your banking information, personal information, credit card details, and PayPal account have all been compromised. There's no going back.

The keep things moving, this page will remain for a few seconds before you're forwarded to the final stop.

The URL shown in this image was live at the time this article was written, do not visit it. The webhost has taken the domain offline, but this URL could be pointed to a new location in the future.

It's as if nothing happened
The final stop in the scam is the actual PayPal website. If you look at the address bar the URL has an HTTPS and the area where the padlock exists has both the company name and is green.

Again, the previous slides you've seen were all part of the scam. So the fact that the legitimate PayPal website is on the screen now means nothing; the forms were all submitted and somewhere a criminal is abusing your information in a number of creative ways.

When it comes to Phishing, avoiding them 100 percent of the time can be tricky. However, it isn't an impossible task. When in doubt, don't click anything in the email and visit the website in question (e.g. PayPal) directly.

Remember, email is the last method banks or financial firms will use to contact you in a majority of cases. Online, pay attention to the address bar and look for HTTPS when you're about to enter personal or financial information into a form.

Posted by at No comments:
Labels: , , ,
Subscribe to: Posts (Atom)