CIS 2.3.4.1 (L1) Ensure ‘Devices: Allowed to format and eject removable media’ is set to ‘Administrators and Interactive Users’

I am implementing CIS on Windows 10 1803 and I cannot work out this control.


Description: This policy setting determines who is allowed to format and eject removable NTFS media. You can use this policy setting to prevent unauthorized users from removing data on one computer to access it on another computer on which they have local administrator privileges. The recommended state for this setting is: Administrators and Interactive Users.

Rationale: Users may be able to move data on removable disks to a different computer where they have administrative privileges. The user could then take ownership of any file, grant themselves full control, and view or modify any file. The fact that most removable storage devices will eject media by pressing a mechanical button diminishes the advantage of this policy setting.


For a start, I have never known anyone not be allowed to eject and format removable media (assuming hard disks, usb drives etc).

But I am even less sure on why the control is asking me to set it to ‘Administrators and Interactive Users’ when the default is just ‘Administrators’.

CSC CIS Windows 1803: The recommended state for this setting is: Administrators and Interactive Users. The default value is Administrators only. Administrators and Interactive Users will be able to format and eject removable NTFS media.

docs.microsoft: It is advisable to set Allowed to format and eject removable media to Administrators. Only administrators will be able to eject NTFS-formatted removable media.

Would this setting also upset software that manages USB devices, such as Checkpoint Removable Media Encryption?

How do I ensure my product is correct the first time?

I am working on a product that will not be able to be updated once released. Furthermore, if the product malfunctions, the results may include death, serious bodily harm, or major financial setbacks. Therefore, my code must be correct the first time, as I will not get a second chance.

What techniques are available for this? I already plan on extensive testing, but I know that testing can only demonstrate the presence of bugs, not prove their absence.

How to ensure field is unique using JavaScript

I have two lists:

List A – a workflow tasks list

List B – an employees list containing fields such as employee name (person column), employee number (single line of text), etc.

I have a workflow that assigns tasks to a user on List A. As part of completing the task, the user is required to enter an employee number which is then copied by the workflow to the employee list (List B).

How can I ensure that the employee number entered when the task is completed does not already exist in List B. The same requirement applies to the employee name field which is a person column. How can I ensure that when the user clicks to complete the task, that the data entered does not already exist in the employees list.

I have thought of doing the check on the workflow after the task is completed and then reassign another task if the value already exists, but I think it will be better if the check is done on submit of the task.

I think JavaScript/JQuery/SPservices will be ideal for this scenario but I am still learning these stuff. Will appreciate some help solving this.

Thanks in advance.

How to ensure Chrome remembers open tabs?

For the past couple of weeks, Chrome has been forgetting which tabs I had open in the previous session, and opens with a blank tab.

I’ve been doing some testing, and it appears that Chrome is now treating the WhatsApp, Basecamp, Slack, etc. external Chrome apps as if they were Chrome windows. Since Chrome remembers only the tabs in the last window you close, I must remember to always open Chrome first and close it last. I forget half the time, and lose my pinned tabs, and whatever I was reading.

Any idea how to fix it?

Ensure unicity of a 10 characters alphanumeric String

I have a requirement of developing a service that must generate each day few millions of random and unique alphanumeric String of length 10 (I can’t increase this length, this is a customer prerequisite). Having a ID, the next ID must not be guessable.

I want to be sure that all IDs will be unique because thoses IDs will be later used in a database (not of my own) and will represent the ID of a product, so it MUST be unique. I know that the probability of a collision is low but I want to prevent this.

I have no problem to generate a random String, but I want to ensure that all generated IDs are really unique. I was thinking about using a local SQL database and inserting few millions per day in this database (which will ensure unicity as this ID would be a primary key). I will then pick up those IDs, mark them as “processed” and send them.

To improve insertion performance, I was thinking about having a table for each year (a partition?).

Do you think this is a good solution to ensure unicity? Would you have any other solution, may be better than a SQL database?

Thanks.

Ensure model fits specification

I am trying to write a tiny FIX protocol implementation. The specification states several data types. Here is a screenshot of the int types:

enter image description here

Now I have created a type Length like this:

public class Length  {     [Range(1, int.MaxValue)]     public int Value { get; set; } } 

I would have have expected some kind of exception if a value gets assigned which is out of the defined range. This is not whats happening. I guess I have a wrong understanding of how ValidationAttributes work.

So the question is:

What would be the best way to ensure the property only holds data that fullfills the specification?

This are the solutions I can think of:

  • Using some kind of ‘Guard’ library
  • Add checks to the setter method
  • Run validation after object creation

As you already have realized I am not very firm on this topics. So please bare with me.

How to ensure that my Google accounts sync frequently?

Since I upgraded my S7 to Nougat I notice that the syncing of my google accounts is particularly slow.

If on a computer I create a calendar event, or I send myself an email, I often do not see that as an Inbox notification, or reflected on my Google Calendar widget, until I actually open either app.

I guess (but I am not sure — how about push notifications?) that this is related to the Google Account syncing being too slow, see attached below (“Sync Calendar”, “Sync Gmail” and “Sync Inbox”), taken on 6/20 8:15am.

The things I already tried:

  • I do have continuous internet, tried switching between WiFi and 4G mobile internet, all work. I receive near-real time notifications for e.g. WhatsApp and Slack.
  • In Settings > Apps > Special Access > Optimize battery usage, I added the below to “not optimized”:

    • Calendar
    • Calendar storage
    • Gmail
    • Google Play services
    • Inbox
  • In Settings > Device maintenance > Battery > Unmonitored apps, I added
    • Calendar
    • Inbox

How can I ensure only one instance of a micro-service queries a database and downloads files to shared storage at a time?

I have a micro-service that sends files to clients on request.
It acquires these files by querying a database where other users have saved details of the file.
The micro-service queries the database periodically, if there is a new file(s) it contacts artifactory and downloads the file to a shared storage that all instances of the micro-service use.
How can I ensure that only one instance queries and downloads files at a time?

Huge two list data should be compared using c# and must ensure performance improves

I have a two list contains huge data and had the following code which I used till now. But have some doubts regarding this, due to lot of confusion about the data is compared or not in the list items. Here I am using sequence Equal to compare the data I have two questions, somewhere I found that sequenceEqual will compare the data in the lists. So used it. 1. Will sequenceEqual compares the data in the lists 2. better way of code to improve performance. As per understanding I kept only three items in both the lists but our requirement has huge data itmes in the lists. so need to improve performance

bool value = false;         List<string> list1 = new List<string>();         list1.Add("one");         list1.Add("two");         list1.Add( "three" );          List<string> list2 = new List<string>() { "one", "two", "three" };         list2.Add("one");         list2.Add("two");         list2.Add("three");         list1.Sort();         list2.Sort();         if (list1.SequenceEqual(list2))         {             value = true;         }         else         {             value = false;         }         return value; 

How to ensure the query use the index?

From the explain it shows that the does not use the indexing at all. the query is slow and I want to optimize it.

EXPLAIN SELECT     posts.* FROM     posts     INNER JOIN categories ON posts.category_id = categories.id         AND categories.main = 1         AND(categories.private_category = 0             OR categories.private_category IS NULL) WHERE     posts.id NOT IN('')     AND posts.deleted = 0     AND posts.hidden = 0     AND posts.total_points >= - 5 ORDER BY     posts.id DESC LIMIT 25; 
| id | select_type | table       | partitions | type | possible_keys                                                                                                                                                    | key                         | key_len | ref                           | rows  | filtered | Extra                                        | |----|-------------|-------------|------------|------|------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------|---------|-------------------------------|-------|----------|----------------------------------------------| |  1 | SIMPLE      | categories  |            | ALL  | PRIMARY,index_categories_on_private_category                                                                                                                     |                             |         |                               |    12 |    10.00 | Using where; Using temporary; Using filesort | |  1 | SIMPLE      | posts       |            | ref  | PRIMARY,index_posts_on_category_id,index_posts_on_deleted_and_hidden_and_user_id_and_created_at,index_posts_deleted,index_posts_hidden,index_posts_total_points  | index_posts_on_category_id  | 5       | mydb.categories.id            | 37516 |    12.50 | Using index condition; Using where           |