Posted on

How I Got High at SQLSaturday Orange County 2018

[I would like to ask a favor from those who attended my session; If you haven’t already, please go here to evaluate my session. I truly appreciate it!]

One of my goals for 2018 was to finally take the leap and jump into the world of public speaking.

So I went to the PASS website, navigated (myPASS –> mySQLSaturday) to the “Session Submission” section and scrolled through all the cities holding a SQLSaturday event.

For some reason, Orange County immediately popped out. I don’t know why, maybe it’s the ‘Housewives of OC’? (for the record: I do NOT watch that show). I went ahead and submitted to that event and “crossed my fingers.”

In the meantime I started to work on my presentation (probably a good idea right?)  A few weeks later I received an email saying I was accepted to speak. I felt both nervous and excited. Excited because this event would be my very first time speaking in public, and nervous because it would be my very first time speaking in public.

My session was under the “professional development” track, which you can view here. (By the way, if you were one of the wonderful people who attended my session, please rate it here)

I probably rehearsed between 15-20 times.

Then it came time to fly out.

Speaker Dinner

The speaker dinner is held on Fridays. It isn’t “mandatory” to attend but since this was my first time speaking I wanted to check it out. I’m glad I went! I met some awesome people like Andrew Nakamura (t),  Amy Herold (t), Chris Hyde (t), John Wells (t), Rie Irish (thanks for your support!), as well as the event organizer Ted Stathakis (t).

Ted handed out speaker gift bags, which included our speaker lanyards, and a pretty cool customized contraption.

I left the dinner a little early so I could go back to the hotel, rehearse one more time then get some sleep. Sleep is a MUST!

The Day Of…

After a night of tossing and turning, I finally got up around 5 am and did a final rehearsal. Funny enough, I wasn’t as nervous as I was the night before.

My session was on the 8:30 am slot. I had requested that time slot so that I could “be done with it” as soon as possible. I got to the venue around 7:45 am and started to walk to Room 208 of the Humanities building. The setup was fairly straight-forward. Plugged my laptop to the projector and boom! My PowerPoint was big and center of the room.

The first attendee walked in around 8:30. A few more people trickled in after that. It was 8:35 when a few more came in. I told the room that I’ll wait a few more minute because people were still registering outside. The minutes went by and more people came in.

It was 8:40 when I started.

Among the attendees were a few #sqlfamily like Chris Hyde, Amy Herold and John Wells. They all took pictures and shared it on Twitter.

Speaker High

Time went by quickly. Next thing I knew it was close to 9:30 and time for Q&A. Some great questions were asked! At the end, about half the room came up to shake hands, congratulate me on my first time speaking and take a business card. After it was all over, I went to the speaker room and felt extremely calm, hungry and elated.

I was high as hell. Speaker high! :)

Thank You

A BIG congratulations goes out to the first time speakers (including John Wells)!

A BIG thank you to all the volunteers and sponsors!

Also, a BIG thank you to the person who took this speaker group pic!

See you in Albuquerque!

Posted on

SQL Server 2016 STIG Overview

To make it easier for people in charge of “STIG’ing” their SQL Server 2016 environment, this blog is aimed to go over the newest MS SQL Server 2016 STIG Overview document (Version 1, Release 1) that was released on 09 March 2018. If you want to read through the whole document you can download it here. Otherwise, below is my summation of the relevant sections.

This overview document was developed by both Microsoft and DISA for the Department of Defense.

The entire overview document is 9 pages (including title page, etc.)

INTRODUCTION

Section 1.1 – Executive Summary

It just states the basic information that the MS SQL Server 2016 STIG is published as two documents. One for the database, and one for the instance.

Section 1.2 – Authority

This section describes what DoD Instruction (DoDI) 8500.01 requires. It pretty much says that all IT that receives/transmits/stores/displays DoD information will have to be configured in accordance to DoD cyber security policies. You can read the entire 59 page document here, or just skip to page 4 and read section “h.(1) Information Technology”

Note: This document is only for DoDI 8500.01. IF your systems security requirements need to meet NIST SP 800-53, you will have to look up CNSSI 1253. Or just click here :)

Section 1.3 – Vulnerability Severity Category Code Definitions

Severity Category Code (referred to as CAT) measure the severity in which a vulnerability can cause harm and needs to be remedied. Each vulnerability is given one of the following based on severity, CAT I, CAT II, CAT III.

Below is a snapshot of what each one means:

Section 1.4 – STIG Distribution

All latest copies of STIG can be found on the Information Assurance Support Environment (IASE) website here.

Section 1.7 – Other Considerations

This is just the “CYA” portion of the document. “DISA accepts no liability for the consequences…” etc. etc.

Section 1.8 – Product Approval Disclaimer

This is important to note; Just because you have a STIG does not mean you have DoD approval for the use of the product. The STIGs just provide security guidance for products being used by the DoD. In addition to the environment being STIG’d, it is important to have proper security documentation. A DoD Authorizing Official (AOs) may ask for this information.

ASSESSMENT CONSIDERATIONS

Section 2.1 – Security Assessment Information

Just a warning that this document is only one aspect of the entire defense-in-depth solution. The SQL Server 2016 STIG will only be successful if the Windows and Network STIGs are also applied.

Posted on

How I Studied For, and Passed, Exam: 70-764 Administering a Microsoft SQL Database Infrastructure

Two Sides of the Coin

I know there is a stigma about certifications. Pros and Cons.

Cons

  • Certifications are too costly
  • Easy to cheat
  • Does not mean much without real world experience
  • Does not reflect what really happens in the real production environments

Pros

  • It’s great to get your foot in the door (for someone starting out)
  • Validates what you already know (hopefully)
  • Can create advancement opportunities (imagine an MCSE vs someone who doesn’t have a cert)

I actually agree with both sides. It all comes down to your intentions. If you are okay with lying/cheating to get a certification, then that’s your prerogative. If you want to get a certification to move up in your career or just prove to yourself that you can get a certification…that’s cool.

My Goal

This year, I decided to pursue my MCSE 2016 : Data Platform and Analytics. I blogged about here.

A couple weeks ago I passed the first exam towards that goal, Exam: 70-764 Administering a Microsoft SQL Database Infrastructure.

How I Studied and Passed Exam: 70-764 Administering a Microsoft SQL Database Infrastructure

First, I read through this book by Victor Isakov (b | t)

(Note: If you read the Amazon (purchase the book) reviews on this book, they mention syntax errors, etc. I do agree. The book does have some errors in code examples, etc. but remember this: you should know a lot of these concepts before getting this book. This book isn’t intended to TEACH you. It’s intended to give you a “low-down” on what could possibly be on the exam. So regardless of the errors in the book, I thought it helped a lot.)

Second, I purchased the practice exam questions offered by Mindhub here. This gave me a 30 day access period to the exam questions. It provides 150 questions spread over 4 different tracks. You can do a single track at a time if you want. So if you want to focus on HA/DR then you pick those questions, then go over them. See below:

  • Configure data access and auditing – (30 questions)
  • Manage backup and restore of databases – (28 questions)
  • Manage and monitor SQL Server instances – (61 questions)
  • Manage high availability and disaster recovery – (31 questions)

One thing I will say is you need to understand the concepts and have working knowledge of the technologies listed in the simulation exam. You cannot just memorize the questions/answers.

The simulation exam has two options to choose from: practice or exam. The practice can be timed, not timed, choose 1 of 4 tracks, limit the questions it asks, see the answers before you submit, etc. The “exam” mode is timed just like you’re taking the real cert exam. The only difference is you need to pass with an 80% from 50 questions.

The real Microsoft exam is 50 questions with a passing score of 700.

The way Microsoft asks exam questions is different now. Their multiple choice questions have 8-10 options. They have mix/match/rearrange scenarios that have like 5-8 options. Not all the questions are like that, BUT, if you don’t know your stuff…you can fail this exam miserably. I understand why Microsoft is doing this: to prevent cheating.

Regardless, the exam simulation actually helped me a LOT. It helped getting my mind right and not to expect any surprises. See, the last certification exam I took was back in 2012 (MCITP 2008). Back then, Microsoft had fairly simple questions/answers. If I didn’t know that before taking the exam, I probably would have “freaked out” and failed out of nervousness.

Third, I schedule the exam 3 weeks out the same day I purchased the simulation exam. That gave me 3 weeks to study the questions, technologies, etc.

Exam Day

Test day is always nerve racking. I got to the testing center 15 minutes early. The exam questions were just like the simulation practice exam. None of the 150 questions in the practice exam were in the real exam. Like I said before, you need to know the material. There were 50 questions, and the passing score is 700. There were all types of questions with many multiple choice options, scenarios and a fair share of “regular” multiple choice questions.

I passed. :) Now I’m studying for Exam: 70-765 Provisioning SQL Databases.

Final Thoughts

I don’t think I would have passed if it wasn’t for the combination of reading the book AND practicing the simulation exam questions. I highly recommend doing both if you want to give yourself a better shot at passing the exam.

I hope this helps you! Feel free to let share techniques you used to pass cert exams in the comments below.

Good luck!

Posted on

Free SQL Server Perfmon Counter Poster

[NO! This is NOT an April Fools joke]

On a recent episode of Office Hours (by Brent Ozar Unlimited) I couldn’t stop laughing at a comment Brent made. The team was talking about “DBA porn” and Brent said (paraphrasing), “going to DBA cubes and seeing the perfmon counter poster.” (Subscribe to Office Hours on iTunes)

I had to tweet it!

The funny thing is…I started to ask myself, “Is there a perfmon counter poster out there??” :)

Free SQL Server Perfmon Counter Poster

Apparently, Quest Software put together a poster and it’s totally free!

You can download it here.

Note: Guess who is one of the writers of the poster? Download and find out for yourself ;)

Enjoy!

Posted on

Interview – Robert L. Davis

I decided to start a series of blogs where I interview key people in the SQL Server community. Instead of me asking technical questions, I plan on asking about their outlook on the future, books they read (non-fiction and/or technical), and their overall thoughts on where technology (mainly SQL Server) is headed. You can find more interviews here.

Next up: Robert L. Davis (b | t):Robert L Davis

Mohammad: Do you think people who dismiss the cloud as a “fad” or just don’t take it serious enough to learn about it (i.e. Azure, AWS, etc), will be in a tough spot to find a job 5 years from now?

Robert: It already is harder to find a job if you have gained no cloud skills or experience. Even companies that are still operating on-premises only realize that the cloud may be something they can take advantage of are looking for employees that already have those skills to help them make the right decisions. Along similar lines, companies not already taking advantage of the cloud are bringing in consultants when in the past they would have hired a full time person for a position because they need someone with cloud knowledge and experience.

Mohammad: Do you ever see the traditional SQL Server DBA role being replaced/eliminated?

Robert: I don’t see the position being replaced, but I do see its definition evolving. My last traditional DBA role was different than any I had ever held before due to the DevOps movement. For the first time ever, I was in a DBA role that had no participation at all in production deployments. The deployments were being automated by developers, and my job was more of one where I looked for potential problems and performance issues and fixed them after they hit production.

Mohammad: What are you most proud of doing/accomplishing for the SQL Server community so far in your career?

Robert: The proudest moment for me personally has been inspiring others to become helpers in the community. Some of my fondest memories are when I sat in on someone’s first SQLSaturday presentation at their request to give them confidence to make that first presentation or when I see people that used to be frequent help seekers on #sqlhelp on Twitter transition to start answering questions on #sqlhelp.

Mohammad: What non-technical/non-fiction book/s would you recommend? If you only read technical books…what do you recommend?

Robert: I’m a massive horror fiction fan. I read other stuff, but horror fiction is my first love. I also write horror fiction, and I hope someday to be able to recommend that someone read my own book. Until that day comes, I would say that if someone wants a good book to read, they should check out the books by horror writer Clive Barker. My favorite book of his is Imajica which is really more fantasy than horror, but it is great. I’ve read Imajica 3 times.

Mohammad: For someone who’s career focus has been on one aspect of SQL Server (i.e. Database Engine), do you think it would be wise for them to become a “jack of all trades” by starting to learn, SSRS/IS/Azure, etc. or remain focused on their area of expertise? In another words, which would you say is more valuable? mile wide / inch deep or inch wide / mile deep?

Robert: I think it’s good for someone’s career to have something that they are considered the expert of. However, I believe that a good SQL Server professional is one who never stops learning. People like to hire someone who is a specialist of something, but they also want someone that can do more than just that. You have to expand your skill set to stay relevant. You really need to be able to go both wide and deep, not necessarily on the same topic, but you can’t just be a one-trick pony.

Posted on

Interview – John Morehouse

I decided to start a series of blogs where I interview key people in the SQL Server community. Instead of me asking technical questions, I plan on asking about their outlook on the future, books they read (non-fiction and/or technical), and their overall thoughts on where technology (mainly SQL Server) is headed. You can find more interviews here.

Next up: John Morehouse (b | t):John Morehouse

Mohammad: Do you think people who dismiss the cloud as a “fad” or just don’t take it serious enough to learn about it (i.e. Azure, AWS, etc), will be in a tough spot to find a job 5 years from now?

John: I don’t believe so, no.  While the cloud is definitely changing the landscape of the traditional database administrator I think that on premises installations of SQL Server will be around for many years to come.  The cloud is slow to being adopted in several sectors, namely financial and health care.  Both of those sectors have strict guidelines around data security (as they should) so I think organizations are weary of it. However, with that said, I do think that individuals will be missing out of future career opportunities by not having some level of understanding of various cloud technologies.  I myself recognized the shift in this landscape and recently took a new job with a new company in part to explicitly gain more exposure to Microsoft Azure.

Mohammad: Do you ever see the traditional SQL Server DBA role being replaced/eliminated?

John: If you are active in reading SQL Server related sites, you have probably seen multiple articles around this very topic.  I do not believe that the traditional role of being a database administrator will be replace.  I know that starting with SQL Server 2017 Microsoft introduced an automatic tuning feature that will automatically identify and fix certain performance issues. I personally think this is a great feature to implement as it’ll help organizations resolve issues much quicker.  If issues are resolved quicker, then the customer end user experience is better, they buy more widgets and it rains money.  However, even with features such as automatic tuning, you’ll still need someone at the helm.  Even sophisticated systems (like the Space Shuttle) still has to have individuals at mission control to check up on things, make adjustments and even potentially hit the abort button. I think DBA’s will be around for quite some time regardless of the ongoing speculation on the interwebs.

Mohammad: What are you most proud of doing/accomplishing for the SQL Server community so far in your career?

John: Excellent question.  I think I’m most proud of the Omaha SQL Server User group.  Let’s use the TARDIS and travel back to mid-2007.  The local user group had been dead for sometime and I knew that I wanted to reboot it and get Omaha involved in the community.  Myself and a colleague decided to make a run at it and try to get things rolling.  Fast forward 7 years later, I moved to Louisville, Kentucky and turned the reigns over to someone else locally.  At that time, we had a very solid user base with an average meeting attendance between 30-40 people along with a mailing list of 800+ people.  This is an outstanding accomplishment for city like Omaha, Nebraska (yes, we had SQL server in Omaha, Nebraska).  We also hosted two SQL Server events in the last years of my tenure and had great turn out at both events.  I’ve always been very proud that I was a part of that journey and to be able to give back to my local community.  There are some really great #SQLFamily members in Omaha.

Mohammad: What non-technical/non-fiction book/s would you recommend? If you only read technical books…what do you recommend?

John: Right now I’m reading a book by Tom Roush called “Stupid Things Papa Did When He Was Younger“.  Tom was a #SQLFamily member who recently passed away and on the day of his passing, his book was published. It was an honor to have known him and his stories are always well worth the read. I am also a fan of self-help type of books.  I’m a firm believer that we can all be better people, so I’m trying to improve myself in this journey we call life. ;-)

Mohammad: For someone who’s career focus has been on one aspect of SQL Server (i.e. Database Engine), do you think it would be wise for them to become a “jack of all trades” by starting to learn, SSRS/IS/Azure, etc. or remain focused on their area of expertise? In another words, which would you say is more valuable? mile wide / inch deep or inch wide / mile deep?

John: As someone who is a die hard DBA (IE: I’m not a Business Intelligence guy), my recommendation is to have hybrid approach to this.  I love all things about the internal workings of SQL Server but I can also stand-up and manage the other facets of the stack.  I think as a database administrator, one of our roles that we should fulfill for our employers (or our clients) is to know as much of the landscape as possible to help drive the organization in the right direction.  So I’d recommend people to examine what they are passionate about within the field, obtain specific knowledge about that passion while being aware of the peripheral technologies.  This peripheral knowledge combined with that core expertise can only help the individual.  Once you’ve learned something, nobody can take that away from you and it is yours to wield.

Posted on

Interview – Kellyn Pot’Vin-Gorman

I decided to start a series of blogs where I interview key people in the SQL Server community. Instead of me asking technical questions, I plan on asking about their outlook on the future, books they read (non-fiction and/or technical), and their overall thoughts on where technology (mainly SQL Server) is headed. You can find more interviews here.

Next up: Kellyn Pot’Vin-Gorman (b | t):Kellyn Pot'Vin-Gorman

Mohammad: Do you think people who dismiss the cloud as a “fad” or just don’t take it serious enough to learn about it (i.e. Azure, AWS, etc), will be in a tough spot to find a job 5 years from now?

Kellyn: As I’m very multi-platform, I think the answer depends on the platform, the technology and the business you work for.

Those who work in larger enterprises, for government, finance or security are going to be more hesitant to move to the cloud.  Other reasons that will hold migrations to the cloud back:

  1. The Oracle cloud isn’t as mature as Amazon or Azure and still needs more time to catch up.
  2. I know of Fortran developers that are doing just fine managing what is left still in play.With the amount of Oracle DBAs retiring and those that will remain to work on-premises, the newer ones can manage those going to the cloud.
  3. Applications can transition to the cloud more easily and readily than home-grown or multi-tier systems.

Do I think those DBAs updating their skills will be more in demand and have an increase in salaries vs. those on-premises?  Yes, absolutely.

Azure is making it easier for DBAs to transition to become adept in cloud database management and they’ve continued to have a focus on DBAs, not just taken the easy route of aiming all enablement towards development.

Mohammad: Do you ever see the traditional SQL Server DBA role being replaced/eliminated?

Kellyn: No, the role may change a bit, but it will always be.  As we improve the optimizer performance and database technology, there will always be those environments that require “a human touch” of the expert.  There is a company that I spoke to a couple months ago, that has shifted 30% of their business to auditing cloud deployments.  Of those audits, over 80% of them aren’t viable and must rebuilt from the ground up.  Almost every one is because they didn’t have the database, the security and administration expertise to build the cloud deployment out in the first place.  The project thought they could speed up deployment by bypassing DBAs and others, but instead, discovered catastrophic flaws due to this choice.  There is a reason for the gatekeepers in technology.  DBAs with expertise in optimization, automation and security practices will continue to be in high demand for the long haul..

Mohammad: What are you most proud of doing/accomplishing for the SQL Server community so far in your career?

Kellyn: I’ve only become a part of the SQL Server community in the last year, having been a long time contributor for Oracle.  I would have to say, becoming an Idera ACE and becoming president of the Denver SQL Server User Group.  This is a great group of volunteers on the board and I hope that I can serve as president in a way that they can continue to do greater.

Mohammad: What non-technical/non-fiction book/s would you recommend? If you only read technical books…what do you recommend?

Kellyn: I’ve had the great pleasure of working and being taught by some of the best in the business, but as SQL Server DBAs, it’s time to learn Linux.

A Practical Guide to Linux by Mark Sobel

Linux, the Complete Reference

Pro SQL Server Internals by Dmitri Korotkevitch

And just because it’s awesome:  Mastering Trace Data by Cary Millsap

Mohammad: For someone who’s career focus has been on one aspect of SQL Server (i.e. Database Engine), do you think it would be wise for them to become a “jack of all trades” by starting to learn, SSRS/IS/Azure, etc. or remain focused on their area of expertise? In another words, which would you say is more valuable? mile wide / inch deep or inch wide / mile deep?

Kellyn: I have a very unique view on this topic.  I started out very multi-platform and then worked for two companies, (Oracle one of them) where I went in deep.  I believe in a little of both due to this.  Pick something that inspires you in a primary technology and then widen your knowledge in other areas.  As you learn about different technologies, it can make you better at the one you are passionate about.  My answer is a mile wide and an inch deep except in those that you become passionate about. For those, dive, dive!!

Posted on

Interview – Rie Irish

I decided to start a series of blogs where I interview key people in the SQL Server community. Instead of me asking technical questions, I plan on asking about their outlook on the future, books they read (non-fiction and/or technical), and their overall thoughts on where technology (mainly SQL Server) is headed. You can find more interviews here.

Next up: Rie Irish (b | t):Rie Irish

Mohammad: Do you think people who dismiss the cloud as a “fad” or just don’t take it serious enough to learn about it (i.e. Azure, AWS, etc), will be in a tough spot to find a job 5 years from now?

Rie: I don’t think so. They might not be able to get a flashy job at a fast-moving software company, but there will always be companies or industries that move more slowly than technology. The banking & hospital administration industries are a prime example of those that don’t respond quickly to leaps forward in technology and are far more likely to have reservations on the security of the cloud. My advice here would be to become familiar with the technologies. If you aren’t pursuing a job in that realm or your current job isn’t likely to need it, then a working knowledge is enough to keep you “in touch.” Then, when it becomes necessary, you’ll have a bit of a head start on where you need to be.

Mohammad: Do you ever see the traditional SQL Server DBA role being replaced/eliminated?

Rie: If you read too many SQL Family blogs, you’d be convinced all of our jobs are going away tomorrow. They surely believe the sky is falling! I don’t think DBA jobs will ever disappear. If you believe everything you read, then our jobs should have all been eliminated a decade ago or maybe longer. They will always be a need for administration, maintenance & recovery personnel. That isn’t to say the role of the “traditional” DBA won’t change. Of course it will, just as technology changes. That being said, there are some things you don’t want to leave to chance or to someone that’s just a button pusher. And the integrity, security and availability of your systems databases are one of those things.

Mohammad: What are you most proud of doing/accomplishing for the SQL Server community so far in your career?

Rie: This answer is a no-brainer. I’m most proud of being a part of the book, Let Her Finish: Voices from the Data Platform. A total of 7 authors, including myself, collaborated on a book dealing with all different aspects of the data platform, from BIML to backups. My chapter was on creating a disaster recovery plan. Each woman that contributed a chapter was an MVP or an MCM. Brilliant women with great experience in the data space agreed to write a book with me. We released the book during PASS Summit in 2017, with proceeds going to a women’s charity. The driver behind the book was supporting women’s voices in tech. We wanted each woman that contributed to the book to tell her story, in her own words. Without interruption or interpretation. It isn’t often that women get that chance. It was a great honor to be a part of the book.

Mohammad: What non-technical/non-fiction book/s would you recommend? If you only read technical books…what do you recommend?

Rie: I found a book that is a blend of technical & non-fiction.  A colleague recommended the book Technically Wrong: Sexist Apps, Biased Algorithms, and Other Threats and it changed the way I think about apps & web forms!  Don’t worry, this isn’t some feminist book.  It talks about how biases, averages or the status quo fails us all, but especially anyone that’s a person of color, not straight or otherwise coloring outside the lines.  It’s taught me to expect more; demand more from the technology I use.  Examples are far reaching.  An app for helping a woman track her cycle assumes we’re all trying to get pregnant (newsflash: we’re not!).  Social media apps tell us to wish happy birthday to deceased friends & relatives.  In 2011, if you told Siri you were considering shooting yourself, she gave you directions to a gun store.   It helped me understand how biases & a lack of diversity fail us as we develop technology to solve problems.

Mohammad: For someone who’s career focus has been on one aspect of SQL Server (i.e. Database Engine), do you think it would be wise for them to become a “jack of all trades” by starting to learn, SSRS/IS/Azure, etc. or remain focused on their area of expertise? In another words, which would you say is more valuable? mile wide / inch deep or inch wide / mile deep?

Rie: I think it’s probably best to blend those two paths. If you’re too focused, you’ll find a more limited range of options when you want to transition jobs. At the same time, if your skill-set covers a wide variety of experience but none of it goes very deep, you’ll find the same problem. My advice would be focus on something, but only go a half mile deep instead of a mile. That leaves you some bandwidth to get a working knowledge of several other aspects of the job.