How to access Microsoft Management Console in Windows 10 and create Certificate snap-in?

It is not difficult to create a certificate snap-in in Windows 10. Just follow the steps in this step-by-step procedure. The screenshots are self-explanatory but a few comments have been added. You can use a certificate snap-in for the following accounts, Computer Account, My User account, or Service account.

Invoking the Microsoft Management Console.

Just type in MMC in the windows search at the bottom of the desktop and use the Run Command as shown.

Or you can invoke the RUN command and type 'mmc' in it.

Yet another way you may invoke is by typing in 'certmgr.msc' in the Search box as shown.

Adding a snap-in.

In the File menu item choose Add/Remove snap-in as shown.

The Add/Remove snap-in windows get displayed. There are many items you can add as a snap-in. Observe that 'Certificates' is one of the snap-ins you can add. 

Adding the snap-in is easy. Observe the 'ADD' button between the two boxes in the above figure. Highlight Certificate in the left box and click ADD.

A new window opens asking you to choose from 3 of the options for which certificates can be added as shown.

Choosing 'My User Account' brings up this image.

Click 'Finish' adds the Certificate 'Current User'.

Now click OK. The various items related to the certificates of the Current User are displayed as shown.

The current user of this computer has the following certificates as shown.

From here explore for yourself the different items of the current user to learn about them.

Good luck

What is dynamic locking in Windows 10?

 It is a security feature that locks up your computer/laptop when you are away (out of the Bluetooth range) from the computer. You can use this feature with your Bluetooth-enabled SmartPhone, Bluetooth headset, etc.

It is possible to lock the computer with Windows Key+L but the dynamic key can be useful when you forget to log out or go to sleep.

The "Dynamic Locking" feature is by default inactivated but you need to activate it.

Here are some screens that may be useful to you. I have paired my Samsung smartphone with my laptop.

What verb-noun pairs are available in PowerShell?

In PowerShell, verb-name pair refers to naming of Cmdlets.

Here is an example:
---------------
Verb-Noun
Get-Command
---------------

Get is the verb and Command is the noun. This cmdlet retrieves all commands registered in PowerShell

PowerShell has an extensive set of Cmdlets to cover various aspects of Management.
These are the principle high-level verbs.

Common Verbs  
System.Management.Automation.VerbsCommon enumeration class to define generic actions that can apply to almost any cmdlet.

Communication Verbs
System.Management.Automation.VerbsCommunications class to define actions that apply to communications.

Data Verbs
System.Management.Automation.VerbsData class to define actions that apply to data handling.

Diagnostic Verbs
System.Management.Automation.VerbsDiagnostic class to define actions that apply to diagnostics

Lifecycle Verbs
System.Management.Automation.VerbsLifeCycle class to define actions that apply to the lifecycle of a resource

Security Verbs
System.Management.Automation.VerbsSecurity class to define actions that apply to security.

Other Verbs
System.Management.Automation.VerbsOther class to define canonical verb names that do not fit into a specific verb name category such as the common, communications, data, lifecycle, or security verb names verbs.

Read more here:
https://docs.microsoft.com/en-us/powershell/developer/cmdlet/approved-verbs-for-windows-powershell-commands

What is the difference between dbo and db_owner?

This question pops up now and then.

dbo is a user and db_owner is a database role. They both are in the Security node in the Object Browser. The SQL Server Management Studio (SSMS) makes it abundantly clear.

dbo

dbo.png

db_owner

db_owner.png

It will be instructive to review their properties as shown here.

dbo - Properties

dboProps.png

db_owner - Properties

db_ownerProps.png

What is TOR?

If you want to improve your Internet privacy and security TOR is the solution.TOR works on volunteer-operated servers. In fact you can volunteer yourself to take on this task. Using TOR, you and your target are not connected directly by recognizable Internet intermediate points but you are connected to your target by virtual tunnels. This way you can share information without compromising privacy. You can even access blocked sites.

What are use case scenarios:

• Identity thefts and unscrupulous marketing will be a thing of the past. Your identity information may leak out of your ISPs or your web surfing activities.
• Protecting your children on line who may share private information without realizing the seriousness

These above are only some of the simple scenarios that normal people use but many others have great use for such a service:

• Journalists and their audience
• Law Enforcement Officers
• High and low profile folks
• Business executives
• Bloggers
• IT Professionals
• Military
• Activists and whistleblowers

While anonymity provides a secure shield for you it can also be misused.

The safe way is to surf the internet using the Tor Browser. Don't use Torrent file-sharing applications while using Tor browser as they ignore and make direct connection. Also do not install any kind of plug-ins as they can compromise privacy. Do not open applications downloaded while using Tor Browser.

There is a possibility that Tor Browser may not work as censors may block Tor traffic even when what are called Tor bridges are used.

It is still possible to work around to use Tor Browser review this link:
https://www.torproject.org/docs/bridges.html.en

You can download the Tor Browser from the above site. Here are some screen shots of my download.

 Double click the executable that you downloaded.

This is where Tor files are installed.

 I used the first option by making direct connection to a Tor Network.

 You can use this short cut to use your Tor Browser. I will be using mostly to do some surfing. I am not planning to visit sites that require username/password authentication.

Tor Browser starts after installation.

Enjoy surfing knowing your privacy info is intact!

What is Credential Guard?

It is a new feature in Windows 10 but only available in Windows 10 Enterprise or Windows 10 Education. This is meant to beef up on security. It protects the core kernel from malware by not allowing taking control of the machine remotely.
Credential Guard provides isolation for the secrets held in Local Security Authority in the older systems by a virtualization based security. Data stored by virtualization is not accessible to the rest of the OS. Credit Guard has no device drivers but hosts a reduced subset of OS binaries needed for security only. Of course the binaries are signed with trusted certificates.

The Credential Guard feature depends on the Hypervisor.  Here is a high-level overview of Credential Guard(virtualization based security).

(https://technet.microsoft.com/en-us/library/mt483740%28v=vs.85%29.aspx)

The Credit Guard offers the following features/solutions:
Hardware security Credentials Guard takes advantage of platform security features, such as Secure Boot and virtualization to increase security.

•Virtualization-based security Windows services can run in a protected environment that is isolated from the running operating system.

•Better protection against advanced persistent threats Credential Guard does this by securing domain user's credentials in the virtualization-based security environment. Malware running in the operating system, even with administrative privileges, cannot extract secrets that are protected by virtualization-based security.

•Manageability You can manage Credential Guard by using Group Policy, WMI, from a command prompt, and Windows PowerShell.
The following virtualization extensions are required to support virtualization-based security:
•Intel VT-x or AMD-V
•Second Level Address Translation
It run only on X64 Bit platforms.
Watch this video from Channel 9: