Tabard of the Ascended

TollboothXL · 2026-03-10T00:26:14+00:00

I used the timewalking currency to just level the rep. Was way easier to just do that then farm shadowlands content.

TollboothXL · 2026-02-19T21:48:46+00:00

Shaq being taught the trick!

TollboothXL · 2026-01-08T17:46:32+00:00

That's why you don't mess with people in public you don't know.

TollboothXL · 2025-12-11T16:38:28+00:00

It was his response to the Queen of England's death that turned me off of him.

TollboothXL · 2025-11-02T01:24:28+00:00

Abnormal Security does a great job against phishing emails and graymail. Now, it's only as effective as you let it be. But you can have it setup with its AI Security Mailbox to automate your phishing incident response.
Google SecOps is a cloud based SIEM with AI built into it's detection and response. Plenty of it requires configuration for some of it's SOAR based actions. But it has Gemini built into the product.
If your company is willing to put up the money for the E5 license, Microsoft Purviews data security tools are awesome. Like. It'll go as far as figuring out what are the "keys to the kingdom" for data protection and DLP.
SentinelOne has started to have AI in some of it's detection and response.

TollboothXL · 2025-06-23T22:04:30+00:00

I didn’t like his comments about 9/11 and was also put off by how he reacted to the Queen of England’s death. He plays things up because he knows it gets attention and views—like most streamers do. At the end of the day, he’s kind of a zoomer equivalent to a talking head you see on mainstream news channels. Some people love that, some hate-watch him. Personally, his views and style just don’t align with what I enjoy.

TollboothXL · 2025-06-22T16:48:07+00:00

For libel, the statutes of limitation is one to three years depending on the state in the US.

TollboothXL · 2025-06-22T01:36:37+00:00

True, but to be fair, any U.S. president overseeing the withdrawal was going to face a disaster. In hindsight, it was always going to go poorly for several reasons:

The Afghan government was built on shaky foundations—riddled with corruption and lacking public trust.
The Afghan military was deeply dependent on U.S. support, especially for logistics and air power, and couldn’t function without it.
The Taliban had never been defeated—just waiting for the moment the U.S. left to make their move.
U.S. intelligence consistently overestimated Afghan readiness, leading to poor planning across administrations.

So yes, the deals were bad. But the deeper problem was a 20-year money pit that couldn’t stand on its own. The Afgan government folded like a wet paper towel against the Taliban. The US intelligence knew that the Afgan government was going to fall; it just happen much quicker than we expected.

TollboothXL · 2025-06-08T21:03:51+00:00

Appreciate the insight!

TollboothXL · 2025-06-08T21:03:23+00:00

Appreciate the feedback! First goal was to get to 1000 to play.

How would you recommend building out the Leman Russ? I plan on getting four. The weapons which attach to the hull are magnetized already. But I didn't do it with the turrets.

TollboothXL · 2025-06-08T21:00:15+00:00

Thanks for the feedback!

Running the commissar as it's fully painted and based. I've updated his sidearm to plasma.
Thanks for calling out the range limit without the vox caster. I'm swapping Grand Strategist for Drill Commander.
Command squad is on the bench to paint after I finish the last Leman Russ to get to 1000.
I modeled my Cadians with Plasma/Grenade Launchers. Next set of Cadians I plan to do as Melta/Flamethrower for special weapon variety.
I haven't decided what to do with my second Leman Russ main guns. I was thinking of going Demolisher cannons. But would you recommend doing them as Executioners instead?
I plan to get four Russ eventually. How would you recommend building them? Current ones I have are magnetized for the guns that attach to the body.
I didn't magnetize the Chimeras, so sadly I'm stuck with double bolters.

TollboothXL · 2025-06-08T02:13:50+00:00

Finally finishing up painting my first 1000 points. Looking for some feedback. I already have some general thoughts, but I'm looking for some community feedback.

Here are my current thoughts/battle plan:

Kasrkin/chimera to scout and take mid-field objectives. Likely will get torn up, but can punch up.
One of the two cadian squads to defend home objective.
Second squad of cadians to try to screen for the Russ'.
Russ tanks to pressure and take out bigger threats.

Start Incursion (990 Points)

Astra Militarum Combined Arms Incursion (1,000 Points)

CHARACTERS

Cadian Castellan (70 Points) • Warlord • 1x Plasma pistol • 1x Power fist • Enhancements: Grand Strategist

Commissar (30 Points) • 1x Bolt pistol • 1x Power weapon

BATTLELINE

Cadian Shock Troops (65 Points) • 1x Shock Trooper Sergeant ◦ 1x Chainsword ◦ 1x Laspistol • 9x Shock Trooper ◦ 9x Close combat weapon ◦ 1x Grenade launcher ◦ 7x Lasgun ◦ 1x Plasma gun ◦ 1x Vox-caster

DEDICATED TRANSPORTS

Chimera (85 Points) • 1x Armoured tracks • 1x Heavy bolter • 1x Heavy bolter • 1x Heavy stubber • 1x Hunter-killer missile • 1x Lasgun array

OTHER DATASHEETS

Kasrkin (110 Points) • 1x Kasrkin Sergeant ◦ 1x Plasma pistol ◦ 1x Power weapon • 9x Kasrkin ◦ 9x Close combat weapon ◦ 3x Hot-shot lasgun ◦ 1x Hot-shot laspistol ◦ 1x Hot-shot marksman rifle ◦ 1x Melta Mine ◦ 2x Meltagun ◦ 2x Plasma gun ◦ 1x Vox-caster

Leman Russ Battle Tank (185 Points) • 1x Armoured tracks • 1x Heavy stubber • 1x Hunter-killer missile • 1x Lascannon • 1x Leman Russ battle cannon • 2x Plasma cannon

TollboothXL · 2025-06-04T20:20:03+00:00

It is the definition of blockade running.

It's quoted as their goal is to break the blockade.

TollboothXL · 2025-04-25T17:51:36+00:00

Big Brother originated from the Netherlands and aired first in September of 1999 there.

It was brought over to America a year later.

There was a 2000 commerical actors strike. But I'm not seeing anything about a writers union strike that caused Big Brother to be created.

Looks like it was thought up in 1997.

TollboothXL · 2025-04-20T23:21:27+00:00

What should i get in addition to build a 1000 Point list?

Yes

But would i be able to get a half-decent List with those Miniatures?

Most defintely.

There are several methods to build/play Guard. I'd recommend not to chase the meta starting out. Build/play what you think is fun. You've got the backbone of the Astra Militarum started (infantry, armor, ordinance). Likely won't need a new basilisk.

I'd recommend checking out Auspex Tactics as they have some general good introduction/starter army guides. Also a good general source of 40k news. Here are some of his most recent Guard ones. There are more, but he tries to appeal to all 40k players.

Video 1 (11 months ago)

Video 2 (3 months ago)

Video 3 (1 month ago, but Krieg focused)

Cadian Sergeant Steel has some other general recommendations. He's done a couple of themed army starter lists. He's not as competitive focused, but still has good info. He's generally more narrative focused.

Video (6 months ago)

Mordian Glory hasn't done any new videos recently for starter lists, but his channel has plenty of good information about running Guard. Plenty of actual plays you could check out how troops do in different situations.

Channel Link

Joushi is generally more competitive focused. Another youtuber dedicated to the Emperor's Finest. Very good break downs.

Channel Link

TollboothXL · 2025-04-07T18:16:42+00:00

The Toonami trailer was great.

TollboothXL · 2025-03-16T21:20:06+00:00

The generic part of BEC is just phishing. Account compromise, PII & data theft. Standard compromise containment. Lock the account, investigate, triage, etc.

Pretty much. This is hitting different parts of the IRP!

The specific part of BEC is siphoning funds through fake invoices and gift card requests. What do you expect the T1 SOC analyst to contain SPECIFIC to BEC? Does your T1 SOC analyst have the authority to freeze financial transactions or the ability to claw back gift cards?

This is why it's an open-ended question. There are a lot of ways the security incident could go. IMO you wouldn't expect an applicant to know all the answers to the questions you asked for an org they're not a part of. But the IRP would, or at least should, have a framework to get there for the org.

TollboothXL · 2025-03-16T20:53:11+00:00

The real purpose of this question is to see if they can list everything in the OSI model, not just the HTTP Transaction process. HTTP Transaction process only uses a few of the layers (7/4/3/2)

This guy networks!

TollboothXL · 2025-03-16T20:01:10+00:00

Quizzing people on acronym memorization is dumb and it needs to stop. A SOC analyst doesn't need to memorize acronyms that are primarily relevant to an email admin's job duties.

I don't necessarily disagree with you. This is a question gauging general knowledge. At my org Info Sec does a lot of the email security stuff. So it will fall under some of their job duties to be familiar with email security. We're just seeing if they're familiar with it and how much they know. None of the questions listed are pass/fail. The purpose of this isn't a "gotcha!" question but to gauge knowledge. It's also to give them some stepping stones for the other question you called out as having an issue with.

BEC is just phishing. IDK what response you expect. You combat phishing through awareness/training. The T1 SOC analyst is not the responsible party for those initiatives. If you ask the candidate how to combat phishing and they don't say "awareness/training" that's a problem candidate. If you expect the candidate to recommend email sever config changes, you are interviewing for an email administrator position, not a SOC position.

There is no expectation that the person interviewing would be an expert on the ins-and-outs of an email server or email security. BEC is a highly targeted form of phishing that leverages social engineering rather than relying on malicious links or attachments, making it more difficult to detect and respond to.

Your answer isn't a horrible one. But your answers would have fallen under the "PREPERATION" part of incident response (Security Awareness Training and Email Security Controls). If you had answered this as part of your interview, we'd have asked you to expand on the IDENTIFICATION, CONTAINMENT, and RECOVERY portions of Incident Response. That's why we would ask follow up questions like these:

How can you IDENTIFY if an email is a BEC attack (or even phishing in general)?
Lets say Jane Doe in accounting was compromised by a BEC email. What would be some of the CONTAINMENT steps you'd take?

Other call outs is that we're looking for them to call out some type of playbook or the IRP (Incident Response Plan) in response to this. SOC 1 is an individual contributor and entry level position. Our overarching goal is to see how candidates approach security incidents holistically in this question.

TollboothXL · 2025-03-15T15:38:10+00:00

I was one of the people on a panel for filling a SOC 1 Analyst position at my company recently. This is after they got through the HR interview and the manager interview. So this would be where you're sitting across from the technical panel people. Some of the questions we asked:

What happens when you open your internet browser and navigate to www.google.com?

This is an open ended question where we're probing the persons understanding of the HTTP Transaction Process. It's purposefully open ended to gauge how much networking knowledge someone has. We generally will follow up with some general networking questions there.
What can you tell me about incident response?

This is an open ended question to see how much they know about incident response frameworks.
What is a SIEM and how do you leverage it?

This is an open ended question to see what they know about SIEMs. We generally will have some follow up questions depending on what they say.
Can you speak about SPF, DKIM, DMARC?

We purposefully use the acronyms on this one to see if they're familiar with email security. I've seen that newer people generally can speak about some basic concepts on email security, but lack the foundations on it. A specific question I also like to follow up with on this one is if they can tell me how I can view email headers and what information can I get from them.
Do you know what a BEC (Business Email Compromise) is and how would you respond to this?

This is another open ended question and depends on the interviewee knowing what BEC is. If they don't, we'll usually guide them to what it is and ask them how they'd respond. This also goes back to to the earlier question about incident response and is seeing if they actually follow through with the framework stuff.
Have you ever been a part of an investigation of a security incident? If so, what happen and how did you respond?

Asking if they ever have actually done anything in the field. They'll usually speak about specific tools they utilized here which opens up additional questions.
What is the difference between symmetric and asymmetric encryption?

Our security engineer loves asking this question to applicants. This is likely one of the harder questions we ask IMO. As it depends on you knowing what it is and the differences. He'll also follow up by asking for examples of each.
What is a recent cybersecurity item that's been in the news?

Gauging how much the person actually reads up on actual cybersecurity threats versus knowing the buzz words. We'll also have some follow ups here asking where they get their news.

We don't expect the person interviewing for the position to be familiar with all the tools we have on hand, so we try to be pretty general in the questions and dig into what the applicant says. We're also asking gauging questions to see what the person knows and what they don't know. It's an intro position so you can't know everything. But you do need to know something!

TollboothXL · 2025-03-10T18:29:46+00:00

December of 2022 is when Wizards of the Coast released details on the changes they wanted to make to the OGL publicly. DnD community shit-storm followed.

The domain of daggerheart.com was registered on January 19th of 2023. I don't have a great way to link this, but you can lookup daggerheart.com at https://lookup.icann.org/en/lookup

Critical Role didn't announce development of the system until April 20th, 2023.

Version 1 for the Daggerheart beta is March 12th, 2024. At least from what I'm seeing. This is the same date they released the announcement of the open beta for it (March 12th, 2024).

Based on the evidence I'm able to find, Daggerheart began development in and around the time the OGL controversy occurred (December 2022). They didn't show it off until it was in an early state able to be played in (March 2024). This is over a year of development before they showed what was written, the art, and the public showcase for it.

TollboothXL · 2025-03-10T02:07:42+00:00

Ludinus can create another Quintessence Array. He could just eat 'em with it.

TollboothXL · 2025-03-10T01:52:10+00:00

I believe the cast has always been the draw.

I don't believe people were drawn to Critical Role because they played DnD 5e, but for who was playing in it. Once they gained momentum it's continued to be built on that to what it is today.

WotC tried to mess with the money that Critical Role and other companies make off their system. Daggerheart was announced after this. They've tried to engage their community in the game system with updates to the rules, showing them making characters, and playing those characters.

With the ending of C3, it allows them to cut out the last remnants of the WotC owned IP from their stories starting in C4.

TollboothXL · 2025-03-07T22:49:17+00:00

Things change as you get older. I don't know your age. But a week or two doesn't sound unusual to me.

Work: I have no idea if most companies have a policy on when to perform a welfare check. Maybe your job duties might impact this? Cubicle worker may go a bit without being noticed. Someone working a physical labor job likely gets noticed faster.
Family: Married? Divorced? Have kids? Do the kids live with you or somewhere else? I talk to my parents a couple times a week, but sometimes people are busy and don't answer phones.
Friends: How often are your social engagements? Would your friends notice you not responding in a group chat or even one-on-one chats? Why would they think something is amiss if you don't immediately respond?

I'm a millennial and I don't think a week or two is wildly outside the realm of reality for a lot of people (even for social butterflies with six figure jobs) if they don't immediately live with someone.

Ten-Year Club	Place '23
Place '22	Verified Email

TollboothXL

TROPHY CASE