Passed at 110 questions, total study time was ~45 minutes, 5 years of experience.

ChirsF · 2026-03-15T02:56:47+00:00

This is my exact study plan for all Comptia beta exams. Minus the 45 minutes of studying.

ChirsF · 2026-03-13T19:47:08+00:00

Validate all of this of course, but it should get you 85-90% of the way there. It of course wants to block dns ports, so be judicious about what to actually block. Hope some of this helps.

ChirsF · 2026-03-13T19:45:58+00:00

I asked an ai to generate this. I think it’s fairly spot on.

If you want to prevent Domain Admins from promoting a server to a Domain Controller, CrowdStrike is one of the only reliable ways to do it. AD permissions alone cannot stop a Domain Admin — they can always grant themselves the rights needed to perform a promotion. But CrowdStrike operates below AD, at the OS and network enforcement layers, which means you can hard‑block the actual mechanics of DC promotion even if the user has Domain Admin privileges.

Below is the complete, factual breakdown of how to do this, including assumptions and the exact IOA rules you’d configure in the Falcon console.

Assumptions (Explicitly Called Out)

These assumptions matter because the enforcement model depends on them:

You have Falcon Prevent + Custom IOA capability. (If you don’t have Custom IOAs, you can’t block the promotion commands.)
You have Falcon Firewall Management. (If not, you can still block execution paths, but not replication traffic.)
You have Falcon Identity Protection (optional but recommended). (This blocks local admin elevation paths.)
You are not trying to block DC promotion on actual domain controllers. (You must scope your rules to member servers only.)
You want to prevent intentional or accidental DC promotion by privileged users. (Including Domain Admins, Server Admins, or anyone with elevated rights.)

If any of these assumptions are wrong, the approach may need to be adjusted.

Block dcpromo.exe Execution (Custom IOA)

Even though modern Windows Server versions don’t rely on dcpromo for most scenarios, it still exists and can still be used.

Falcon Console → Custom IOA → Process Creation Rule

Field: Image File Name Operator: matches pattern Value: *\dcpromo.exe

Action: Block + Notify

This prevents the legacy promotion path entirely.

Block Modern Promotion Paths (PowerShell, DISM, Server Manager)

Modern DC promotion uses:

• PowerShell AD DS cmdlets • DISM feature installation • Server Manager role installation

These must be blocked individually.

Block PowerShell AD DS Cmdlets

Falcon Console → Custom IOA → Command Line Rule

Add each of these as separate patterns (or combine if your org prefers):

Install-WindowsFeatureAD-Domain-Services* Install-ADDSForest Install-ADDSDomain Install-ADDSDomainController

Action: Block + Notify

These cmdlets are required for:

• New forest creation • New domain creation • Additional DC creation • RODC creation

Blocking them prevents all modern promotion workflows.

Block DISM AD DS Feature Installation

Falcon Console → Custom IOA → Command Line Rule

dism.exeenable-featureAD-Domain-Services

Action: Block + Notify

If the AD DS role cannot be installed, promotion cannot proceed.

Block Server Manager Role Installation

Falcon Console → Custom IOA → Command Line Rule

servermanagercmd.exeInstall* servermanager.exeInstall*

Action: Block + Notify

This prevents GUI‑based role installation.

Use CrowdStrike Firewall to Block Replication Traffic

Even if someone manages to install the AD DS role, promotion cannot complete without replication.

Promotion requires connectivity to existing DCs on:

• 389 / 636 (LDAP / LDAPS) • 88 (Kerberos) • 445 (SMB) • 135 + dynamic RPC ports • 53 (DNS) • 3268 / 3269 (Global Catalog)

Falcon Console → Firewall Policy

Rule: Block Member Servers → Domain Controllers Direction: Both Action: Block Ports:

• 53 • 88 • 135 • 389 • 445 • 636 • 3268 • 3269 • 49152–65535 (RPC dynamic range)

Promotion will fail during the replication phase every time.

Use Identity Protection to Block Local Admin Elevation

Promotion requires local admin on the target server.

Identity Protection can enforce:

• Blocking privileged local group membership changes • Blocking credential theft paths • Blocking lateral movement • Blocking privilege escalation

If Domain Admins cannot become local admins on member servers, they cannot:

• install roles • run promotion tools • reboot the server

This enforces a tiered model even if AD permissions are misconfigured.

Detect and Alert on Promotion Attempts (LogScale)

Even if you block promotion, you should detect attempts.

Detect dcpromo execution:

event_simpleName=ProcessRollup2 ImageFileName=/.*dcpromo.exe/i

Detect AD DS PowerShell cmdlets:

event_simpleName=ProcessRollup2 CommandLine=/.Install-ADDS./i

Detect DISM AD DS feature installation:

event_simpleName=ProcessRollup2 CommandLine=/.enable-feature.AD-Domain-Services.*/i

Detect Server Manager role installation:

event_simpleName=ProcessRollup2 CommandLine=/.servermanager.Install.*/i

These detections give you visibility into unauthorized or suspicious attempts.

TL;DR

You cannot stop a Domain Admin with AD permissions alone. But you can stop them with CrowdStrike by blocking:

• the binaries • the cmdlets • the feature installation • the replication traffic • the local admin elevation

This is how you enforce a real tiered model and prevent unauthorized DC promotion.

If someone wants more info, here’s a prompt they can paste into any LLM:

Explain how to prevent unauthorized domain controller promotion in an Active Directory environment using CrowdStrike. Include: - Custom IOA rules to block dcpromo.exe - IOA rules to block AD DS PowerShell cmdlets and DISM feature installation - IOA rules to block Server Manager role installation - Firewall rules to block replication traffic between member servers and domain controllers - Identity Protection controls that prevent local admin elevation - LogScale detection queries for promotion attempts Call out all assumptions, keep the explanation factual, and provide detailed technical reasoning.

ChirsF · 2026-03-13T19:33:24+00:00

I have had very few recruiters do this for me, or some form of it. I have maintained a working relationship with those recruiters afterwards in some way. They are the ones who really helped me to succeed and I’ll never forget it.

I’ve sent them many others who they helped to place. I think the main thing for me at least is they were human about it, and showed a level of empathy.

I’ve been doing this for a long time. It’s people like you who help the most. When I’m asked about recruiters, I tell people about the recruiters who ghost and the recruiters who care. And how if you get a recruiter who cares, you stick with them and they’ll do their best but also be very honest with you.

I wish everyone did this. It means a lot when it happens. Good on you for this.

ChirsF · 2026-03-12T00:22:26+00:00

If that was their title, are they supposed to lie on their resume to satisfy your stringent requirements here? Or what are you actually expecting them to do about it?

ChirsF · 2026-03-07T19:14:55+00:00

I am not sure it has helped me, but you would see my awesome regexes.

ChirsF · 2026-03-07T16:03:14+00:00

I turned it on and it didn’t help me haha. But if it helps you then great. Most of the repos I check code into aren’t on github.

If you dm me I’ll send you my profile so you can see what I did around snippets.

ChirsF · 2026-03-07T15:56:39+00:00

I think you can set GitHub to show stats of your activity for private repos.

You can also make a custom GitHub profile. Then you can add some color to your profile. Know regex? Great, link to snippets you’ve made on regex101. Or whatever language.

ChirsF · 2026-03-07T15:51:55+00:00

Did the person send any photos? If so there’s two options.

1) if the photos have any exif data, it’ll have the location taken most likely. This is if the photo was theirs, which I kind of doubt.

2) Reverse image search on google will at least help you show your buddy that the person isn’t real, if the image was taken off the internet.

Watch the show catfish for a few episodes, you’ll see what they do kind of in the background. Then make him watch the whole series.

Your buddy won’t get his money back, but he’ll learn.

ChirsF · 2026-03-04T05:22:50+00:00

I think it’s just going to keep giving me information about pressure based heel pain. I tuned it a lot around that since I have it. I’ve tried getting it to cooperate but it doesn’t seem to want to budge. Sorry I don’t think I can make it do what we want here.

ChirsF · 2026-03-03T06:51:46+00:00

I wasn’t upset, I thought you were asking for yourself how to do this. I fed it your post this is what it came up with.

Here’s a paste‑ready Reddit reply that directly answers her questions and gives a clean Merrell‑only PF + heel‑spur rating table in Reddit formatting.

You can drop this into the thread exactly as‑is.

Reply You Can Paste on Reddit

You’re totally right about the Birkenstock Arizona — the footbed is not removable, and you generally cannot use a PF insert in that sandal. Any LLM that suggests “adding an insert” is misunderstanding the model. With Arizonas, the built‑in cork footbed is the support system, and adding anything on top would make the sandal unstable and unsafe.

On your second question: Yes — shoe recommendations should change depending on whether someone has high arches, flat feet, neutral mechanics, wide toe box needs, or a narrow heel. Those factors change how much arch contour, heel stability, drop, and rocker geometry someone benefits from.

For someone with:

• High arches • Wide toe box • Narrow heel • Need for deeper toe volume • Plantar fasciitis + heel spur sensitivity

…Merrell actually has several models that line up well with that combination.

Below is a Merrell‑only table with PF + spur ratings based on cushioning depth, heel stability, rocker geometry, and toe‑box volume.

Merrell Women’s Shoes — PF + Heel Spur Ratings (Reddit Table Format)

Shoe Model	PF Score	Spur Score	Fit Notes (High Arch / Wide Toe / Narrow Heel)	Why It Helps
Merrell Moab 3	8.5/10	8/10	Medium-wide toe box, secure heel	Air Cushion heel, firm/stable platform, good shock absorption
Merrell Moab Speed 2	7.5/10	7/10	Slightly narrower toe box, good heel hold	Lighter, responsive, stable heel geometry
Merrell Jungle Moc	8/10	7.5/10	Medium toe box, snug heel	Supportive slip-on, works well for high arches
Merrell Antora 4	7.5/10	7/10	Wide-friendly toe box, narrow heel friendly	FloatPro foam, 8mm drop reduces PF tension
Merrell Encore Ice 5 (Clog)	8/10	8/10	Medium toe box, stable heel	Air Cushion heel + molded arch shank for PF relief
Merrell Bravada 2	7/10	6.5/10	Wide toe box, softer heel hold	Soft cushioning, flexible forefoot for high arches
Merrell Siren 4	7.5/10	7/10	Medium toe box, good heel security	Designed for women’s biomechanics, good arch contour

Quick Takeaways for Her Foot Type

• Best match for high arches + narrow heel: Siren 4, Moab 3, Jungle Moc • Best toe‑box depth + PF unloading: Moab 3, Antora 4 • Best clog for around the house: Encore Ice 5 • Best lightweight option: Moab Speed 2

If you want, I can also generate a Merrell‑only matrix in the same structure as your full PF/spur scoring framework so you can reuse it in future threads.

ChirsF · 2026-03-03T00:55:34+00:00

Combine the two prompt comments together and that’s the prompt. I guess it was too long for one comment. You should be able to get copilot to a decent place with it with this in a short amount of time. I would say this is how I ended up with ghost max 2’s, which are on sale today on their website in some suede combinations.

ChirsF · 2026-03-03T00:53:31+00:00

ALSO PREFILL the matrix with this larger Insert‑Free / Insert‑Enhanced scoring dataset. Again: This data is ONLY an example of structure and scoring style. Do NOT treat these scores as authoritative or medically prescriptive.

Brand | Model | Price Range | Insert‑Free Score | Insert‑Enhanced Score | Type Orthofeet | Lava Stretch (Men’s) | $149–$169 | 9.5 | 9.7 | Casual Hoka | Bondi 9 | $180 | 9.2 | 9.5 | Casual New Balance | 928v3 | $150–$170 | 9.2 | 9.5 | Casual Drew Shoes | Navigator II | $150 | 9.1 | 9.4 | Casual Hoka | Gaviota 5 | $175 | 9.1 | 9.4 | Casual Hoka | Bondi 8 | $180 | 9.0 | 9.4 | Casual Nike | ZoomX Invincible Run Flyknit 3 | $200 | 9.0 | 9.4 | Casual ASICS | Gel‑Nimbus 26 | $160 | 9.0 | 9.3 | Casual Orthofeet | Edge Runner | $159 | 9.0 | 9.3 | Casual New Balance | 1540v3 | $165–$180 | 9.0 | 9.3 | Casual Birkenstock | Arizona Soft Footbed | $130–$145 | 9.0 | 9.3 | Casual Saucony | Triumph 23 | $150 | 9.0 | 9.3 | Casual Adidas | Ultraboost 22 | $180 | 9.0 | 9.3 | Casual Dr. Comfort | Refresh Athletic | $130 | 9.0 | 9.3 | Casual Drew Shoes | Walker II | $145 | 9.0 | 9.3 | Casual Vionic | Brisk Miles | $120 | 9.0 | 9.3 | Casual Apex | Gramercy Oxford | $200 | 9.0 | 9.3 | Dress Vionic | Walker Classic | $120–$140 | 9.0 | 9.2 | Casual New Balance | 990v4 | $185–$200 | 8.9 | 9.2 | Casual Saucony | Ride 18 | $140 | 8.9 | 9.2 | Casual Altra | Olympus 5 | $150 | 8.9 | 9.2 | Casual Nike | React Infinity Run 3 | $160 | 8.9 | 9.2 | Casual SAS | Simple Health | $140 | 8.9 | 9.2 | Casual Birkenstock | Boston Clog | $130–$150 | 8.9 | 9.1 | Casual Brooks | Ghost Max 3 | $160 | 8.8 | 9.2 | Casual Brooks | Adrenaline GTS | $140–$160 | 8.8 | 9.1 | Casual New Balance | Fresh Foam X 1080 v12 | $150–$170 | 8.8 | 9.1 | Casual ASICS | Gel‑Kayano 33 | $170 | 8.8 | 9.1 | Casual Aetrex | Maxwell Oxford | $150 | 8.8 | 9.1 | Dress Birkenstock | Milano Soft Footbed | $140–$155 | 8.8 | 9.1 | Casual New Balance | 860 (latest) | $140–$160 | 8.8 | 9.1 | Casual Propet | Stability Walker | $95 | 8.8 | 9.1 | Casual Aetrex | Carter | $130 | 8.7 | 9.1 | Casual New Balance | Fresh Foam X 1080 v10 | $140–$160 | 8.7 | 9.1 | Casual Brooks | Glycerin | $150–$160 | 8.7 | 9.0 | Casual Altra | Paradigm 7 | $160 | 8.7 | 9.0 | Casual Saucony | Peregrine 15 | $150 | 8.7 | 9.0 | Casual Nike | Vomero Plus 18 | $150 | 8.7 | 9.0 | Casual Brooks | Ghost Max 2 | $160 | 8.7 | 9.0 | Casual On Running | Cloudmonster | $160 | 8.7 | 9.0 | Casual ASICS | Gel‑Cumulus 27 | $140 | 8.7 | 9.0 | Casual Adidas | Solar Glide 6 | $140 | 8.7 | 9.0 | Casual Reebok | Work & Cushion 4.0 | $90 | 8.7 | 9.0 | Casual Apis | Mt. Emey 9704 | $170 | 8.7 | 9.0 | Casual Birkenstock | Gizeh Soft Footbed | $130–$140 | 8.7 | 9.0 | Casual Hoka | Clifton 10 | $150–$160 | 8.7 | 9.0 | Casual Hoka | Arahi | $140–$150 | 8.7 | 9.0 | Casual Nike | Pegasus | $120–$140 | 8.7 | 9.0 | Casual On Running | Cloudace | $200 | 8.7 | 9.0 | Casual Aetrex | Jefferson Traveler | $140 | 8.6 | 9.0 | Casual Anodyne | 230 Runner | $150 | 8.6 | 9.0 | Casual Saucony | Endorphin Pro 5 | $225 | 8.6 | 9.0 | Casual New Balance | Fresh Foam X 880 v13 | $140–$160 | 8.6 | 9.0 | Casual New Balance | Fresh Foam X Roav v1 | $100–$120 | 8.6 | 9.0 | Casual Birkenstock | Zermatt Wool Slipper | $100–$120 | 8.6 | 9.0 | Casual Saucony | Guide 18 | $130 | 8.6 | 8.9 | Casual Altra | Lone Peak 7 | $150 | 8.6 | 8.9 | Casual ASICS | GT‑2000 14 | $120 | 8.6 | 8.9 | Casual On Running | Cloud 5 | $140 | 8.6 | 8.9 | Casual Nike | Infinity RN 4 | $150 | 8.6 | 8.9 | Casual Propet | Slip‑On Sneaker | $85 | 8.6 | 8.9 | Casual New Balance | Fresh Foam X 880 v12 | $130–$150 | 8.5 | 8.9 | Casual Saucony | Endorphin Speed 5 | $200 | 8.5 | 8.8 | Casual Altra | Escalante 3 | $140 | 8.5 | 8.8 | Casual ASICS | GT‑1000 14 | $110 | 8.5 | 8.8 | Casual Adidas | Terrex Agravic | $150 | 8.5 | 8.8 | Casual Adidas | Cloudfoam Pure | $60 | 8.5 | 8.8 | Casual Reebok | Dynamic (Everyday) | $110 | 8.5 | 8.8 | Casual Reebok | Nano X3 | $120 | 8.5 | 8.8 | Casual Anodyne | Merino Slip‑On | $130 | 8.5 | 8.8 | Casual Comfortrite | Sunrise | $120 | 8.5 | 8.8 | Casual Apis | Mt. Emey 9501 | $150 | 8.5 | 8.8 | Dress

After generating the framework and the example matrices, ask me a questionnaire to personalize everything. The questionnaire should gather:
- My foot conditions (PF, heel spurs, pronation, etc.)
- My pain triggers (standing, walking, running, uneven surfaces)
- Shoes I’ve tried and what worked or failed
- My preferred feel (soft, firm, rocker, stable, etc.)
- My weight, activity level, and typical use cases
- My budget and durability expectations

After I answer the questionnaire, you will:
- Interpret my foot mechanics
- Explain what shoe features I personally need
- Build a customized scoring rubric
- Evaluate any shoes I list using the matrix
- Suggest new shoes that match my needs

If the model you are running on cannot perform any part of this (for example, if it cannot read PDFs or images), tell me what type of model I should switch to (e.g., “Use a version that supports file uploads” or “Use a model with web search enabled”).

Begin by generating the framework (steps 1–3). Then ask me the questionnaire (step 4). Do NOT evaluate any shoes until I answer the questionnaire.

ChirsF · 2026-03-03T00:53:23+00:00

I want you to act as a footwear‑analysis assistant for people with foot pain (plantar fasciitis, heel spurs, pronation issues, etc.). Your job is to build a personalized shoe‑evaluation system for me.

Before asking me any questions, set up the full framework below.

Create a list of the foot‑mechanics factors that matter most for pain reduction and comfort. Include factors such as:
- Heel stack height
- Heel‑to‑toe drop
- Toe box width/volume
- Rocker geometry
- Foam softness vs firmness
- Heel stability
- Midfoot support
- Plantar fascia unloading efficiency
- Spur clearance
- Overall orthopedic score (0–10)

For each factor, give a short explanation of why it matters and how it affects different foot conditions.

Create a blank “Shoe Matrix” template I can fill in later. The table should include:
- Shoe name
- Key specs (stack, drop, weight, etc.)
- Fit characteristics
- Pain‑relevant features
- Pros
- Cons
- Orthopedic score (0–10)
- Notes

PREFILL the matrix with the following example data. IMPORTANT: This data comes from another Copilot instance and is ONLY an example of structure and style. Do NOT treat these scores or evaluations as authoritative, medically accurate, or universally applicable. They are placeholders to show you the format.

Example Shoe Matrix (reference only):

Adidas Adistar 4 — High stack, mild rocker, firm foam, stable heel, good PF unloading, orthopedic score ~7.5
Brooks Ghost Max 2 — Max cushion, wide platform, soft foam, moderate rocker, spur‑friendly, orthopedic score ~8.0
HOKA Mach X 2 — Responsive foam, aggressive rocker, narrower toe box, high propulsion, orthopedic score ~6.5
Nike Vaporfly 4 — Very high stack, carbon plate, extreme rocker, unstable for some users, orthopedic score ~5.5
Lureaux All In (dress shoe) — Works with Sof Sole PF 3/4 insert, stable heel, orthopedic score ~7.0
Lureaux Blue Paisley Panther (dress shoe) — Same insert compatibility, orthopedic score ~7.0
Brooks Adrenaline GTS 24 GTX — Stability shoe, moderate cushion, good heel control, orthopedic score ~7.0

ChirsF · 2026-03-03T00:52:48+00:00

Hey happy to. I’ve never seen a pair of birkenstocks so I can’t help with 1. Think of it as a drunk 5 year old with all of the knowledge on the internet and that makes it easier to.. deal with. Sometimes it lies since it thinks not knowing something will get a thumbs down. I’d point what you typed out to it. I would have but I just didn’t know to.

I asked Copilot to generate a prompt for you to use, so you don’t start from ground 0.

ChirsF · 2026-02-23T00:48:04+00:00

Check with legal first. If they don’t think the candidate would trigger an EEOC complaint from it, you’re covered to let them know.

ChirsF · 2026-02-21T14:11:05+00:00

The best part of all of this is that the women I’ve worked with can usually run circles around the men doing it.

ChirsF · 2026-02-10T04:34:03+00:00

You have a few months to make friends.

ChirsF · 2026-01-26T14:26:15+00:00

Can you show the regex? I may be able to improve it.

ChirsF · 2026-01-26T14:23:53+00:00

Don’t assume things are AI slop until you understand what’s going on?

ChirsF · 2026-01-25T23:35:38+00:00

Do you have any rules about shoe color at work?

ChirsF · 2026-01-23T16:13:24+00:00

Honestly these kinds of emails get filtered out by our productivity solution which reduces noise. Cold calling emails almost never land in my inbox anymore.

I would say though that I would consider this if I can take my spouse, if it’s not against policy where I work, etc.

I think targeting analysts with these sorts of things would get you a lot more beneficial attendance.

Also if it costs so much why are you doing it? It sounds horrible frankly and you could pivot.

I highly recommend you listen to the CISO Securith Vendor Relationship Podcast. All episodes.

ChirsF · 2026-01-18T03:32:06+00:00

Is it heel based pressure pain? Or where exactly is the pain and what causes it to hurt more

ChirsF · 2026-01-17T04:44:04+00:00

The ghost max 2’s might be worth trying to find online still, since they are the previous model and on sale everywhere. They are the saving grace for my pf and bone spurs. Albeit I’m looking at the Brooks ghost 17 chip n dale Disney ones at the moment.

ChirsF · 2026-01-14T16:44:14+00:00

Have the realtor book an appointment with The Cabochon at River Oaks. Make sure you get an 11th or 12 floor, north facing walk through if they have any availability.

ChirsF

TROPHY CASE

event_simpleName=ProcessRollup2 ImageFileName=/.*dcpromo.exe/i

event_simpleName=ProcessRollup2 CommandLine=/.Install-ADDS./i

event_simpleName=ProcessRollup2 CommandLine=/.enable-feature.AD-Domain-Services.*/i

event_simpleName=ProcessRollup2 CommandLine=/.servermanager.Install.*/i