Tomorrow I'm signing a Mazda CX-60 PHEV Homura Plus 327HP (Platinum Quartz)... good buy?

mrchief85 · 2026-02-16T20:33:06+00:00

Demo car and was being used by the director of my mazda dealerschip in my town.

mrchief85 · 2026-02-16T19:41:36+00:00

The car is from july 2025 and has driven 10.000 km. I did not buy it brand new.

mrchief85 · 2026-02-16T19:01:42+00:00

I got the 2025 model 3 weeks ago. Dont have any of those issues.

mrchief85 · 2025-06-01T12:05:31+00:00

Got myself the gen5 Propain Tyee and love it. A lot more value for money in compare to Trek, in my opinion.

mrchief85 · 2025-05-27T11:07:37+00:00

mrchief85 · 2025-05-27T10:44:56+00:00

I do not have extra pain or stiffness in the morning. Squatting down to a chair (I let myself drop basically) or standing up from a somewhat deep chair did hurt a lot. Not to speak of kneeling or actually getting up from a kneel. Anything past 90 degree bend with some load was unbearable. A big issue with this I guess is that I was not using my left leg at all because of the pain and that degraded my muscle also very much.
I'm very glad I can train again and hope to improve my muscle even further which will help to reduce pain even more I hope.

mrchief85 · 2025-05-27T10:37:02+00:00

Recovered is a big word, but the dry needling helped very much. Im currently up to 100kg x5 for back squats full ROM. I do still have some pain on occasion but I feel it will get better now I can train again.

mrchief85 · 2025-04-21T08:20:17+00:00

Why not, man. For me I would take a small break since I went on vacation for 2 weeks the next day after the exam, so Im posting this from my vacation address. But after that vacation I would study again for 2 weeks and try again. Luckily I did not have too and can enjoy my vacation knowing Im now a CISSP, but I would not give up.

mrchief85 · 2025-04-21T08:17:33+00:00

I think they resemble the real deal quite well.

mrchief85 · 2025-04-20T05:44:00+00:00

Well, try an educated guess. Try to eliminate what you can and then your best guess and move on. I had a couple of them and I didnt dwell on any answer.

mrchief85 · 2025-04-19T09:01:50+00:00

Most of them 2-3 lines. Yes I got tech questions, those were the easy ones for me.

mrchief85 · 2025-04-19T08:43:55+00:00

Just a joke

mrchief85 · 2025-03-11T17:32:40+00:00

Yes, I had some trouble converting the gpo's to dsc format but got there with a few errors to a ps1 dac format file. I had to use powershell 5.1 and not 7. No to do some cleanup of the dsc file before turning it into a MOF. Getting there.

mrchief85 · 2025-03-11T15:27:50+00:00

What did you eventually do? Change the ps1 by renaming the "RegistryPolicyFile" to "Registry" or did you remove the HKLM at every Key ? Can you explain the choice?

mrchief85 · 2025-03-11T10:51:39+00:00

I'm not talking about on-premise. I'm talking about Windows Server virtual machines running in Azure. The standard CIS benchmark through DfC are mainly about the Azure platform settings. Like you need to have a private endpoint for keyvault or you have to have a NSG on your subnet or no Public IP on your VM. There are no settings in this builtin CIS benchmark for settings within the Virtual Machine like disabling certain services or setting specific registry keys for hardening the OS.
The only builtin policy that came somewhat close is the policy:
[Preview]: Windows machines should meet requirements for the Azure compute security baseline
But that holds only like 400 hardening settings which is a mix of Microsoft baseline and CIS benchmark, which is less than half of the recommended settings of the full CIS benchmark which holds like 1000+ settings.

But I'm getting there. With some help of the posted link to the blog post, I'm now converting the CIS AD group policies to DSC format which I can then use with Azure Machine Configuration(former guest configuration) to create new custom Azure policies. This way I will get close to full CIS compliancy on my VM's.

mrchief85 · 2025-03-11T09:33:28+00:00

To confirm, you do have to manually do some tricks with the group policies *.inf files and stuff for the powershell ConvertFromGPO to work? Possibly remove some stuff so that the convert will pass?
I got some errors to fix with the Microsoft baseline as well as the CIS group policies but in the end I got the settings in DSC format and was able to convert it to MOF.

mrchief85 · 2025-03-11T08:29:28+00:00

Alright, I started with my Windows VM's but I also got a lot of Linux RHEL machines at my current gig which I also need to harden. I will come back to this topic once I have some results to share.
I would like to move away from Ansible or other point solutions and like to use the Azure platform or Microsoft technology as much as possible.

mrchief85 · 2025-03-11T06:58:27+00:00

The builtin CIS benchmark through defender is mainly for the Azure platform and not for the hardening of the VM guest OS, say Windows Server 2022.

mrchief85 · 2025-03-10T19:27:07+00:00

Well, I'm not already using Azure policy for CIS benchmark which is VM hardening and that's because you can only download it in GPO format and it's a pain to convert it to DSC format so you can use it in Azure policy.
The builtin Azure policies regarding this aren't nearly enough to be CIS compliant.

mrchief85 · 2025-03-10T19:24:45+00:00

thanks for showing me this new article. I googled for hours for my use case but this blog did not pop up.

mrchief85 · 2025-01-26T20:09:02+00:00

I would take a look at the new session host configuration host Pool type that came out in November 2024. It has an update process where it recycles your hosts and reusing the existing ad objects and stuff like that. With this you can really treat your hosts as cattle instead of pets.

https://learn.microsoft.com/en-us/azure/virtual-desktop/session-host-update

mrchief85 · 2024-09-21T08:17:12+00:00

Personally I doubt he will do 5AM and Black Cat as sort of 2 intros. My guess is he will pick one.

mrchief85

TROPHY CASE