Weekly blog series featuring real-world IT solutions, cloud security strategies, automation projects, and development tutorials to help professionals build resilient, scalable environments.
Organizing legacy cables while holding a squat—order through motion, clarity under pressure.
Excerpt
I don’t stay ready because I fear failure. I stay ready because experience taught me that motion reveals what stillness hides.
Intro
I am not a static person. I never have been. Sitting still has never helped me think clearly—especially in infrastructure work, where systems fail without warning and clarity often arrives too late. Movement keeps me alert, adaptive, and aware.
Notes from the Moment
While organizing a tangled pile of legacy cables, I wasn’t standing still. I was holding a squat—time under tension—sorting chaos into order. At the same time, my feet were subtly moving: slips, pivots, pendulum steps. The same habits I use at my standing workstation. The same habits I use in boxing.
This is how I work. Motion keeps my mind open.
Perspective
“Keep moving your feet.” — Elder David A. Bednar “If something can go wrong, it will.” — Murphy’s Law “Be water, my friend.” — Bruce Lee
Practice
I don’t wait for problems to announce themselves. I anticipate them.
Murphy’s Law isn’t pessimism—it’s preparation. If something can fail, it eventually will. That reality shaped how I think and move, starting in the mid-90s during the dot-com era, when uptime was survival and mistakes were unforgiving.
In boxing, moving your feet doesn’t give you x-ray vision like Superman. It gives you new angles. You see openings sooner. You avoid danger without panic. You’re no longer where the punch was.
In IT, it’s the same. I don’t “see afar off” because I’m gifted with foresight. I see because I move—physically and mentally. I change angles. I scan. I test assumptions. I stay proactive instead of reactive.
Health follows the same law. Circulation improves when the body moves. Stagnation invites breakdown. Motion sustains clarity, resilience, and longevity.
Final Reflection
Infrastructure professionals don’t get the luxury of being static. Thinking under pressure requires circulation—of blood, of ideas, of perspective. Standing still narrows vision. Motion expands it.
Water that moves stays clear. Water that stagnates decays.
Whether in boxing, IT, or life itself, the advantage isn’t supernatural vision. It’s movement.
Pocket I’m Keeping
Stay proactive. Stay moving. New angles reveal what stillness hides.
What I Hear Now
“You saw that coming.” “Good catch.” “How did you anticipate that?”
Most system failures don’t begin in Windows. They begin deeper, where firmware, drivers, and hardware quietly decide whether the OS will be allowed to run.
Intro
When a system reboots unexpectedly, freezes during a video call, or crashes the moment a camera turns on, Windows is usually the first thing blamed. But in most real-world cases, the operating system is only the messenger. The real problem lives below Windows, in layers most people never see until something breaks.
Over the years, I’ve learned that stability is not something you install. It’s something you negotiate between hardware, firmware, drivers, and the operating system, all trying to work together under load.
The invisible stack beneath Windows
Modern endpoints are layered systems.
Below Windows 11 sits firmware, BIOS, chipset drivers, GPU drivers, and kernel-mode components that operate outside the visibility of most logging tools. These layers handle power management, graphics acceleration, memory access, and hardware interrupts. When they disagree, Windows doesn’t always get a vote.
A failure in these layers doesn’t always generate a blue screen. Sometimes the system simply resets. From the outside, it looks random. Underneath, it’s not.
Why Windows 11 gets blamed
Windows 11 sits at the intersection of modern hardware acceleration and modern applications. Tools like Microsoft Teams, browsers, and Office apps make heavy use of GPU pipelines, video encoders, and camera drivers.
When something goes wrong at that boundary, the crash surfaces when the app is launched, the camera turns on, or a video stream initializes. Windows appears guilty because it’s present when the failure occurs, but the fault often belongs to a driver, firmware interaction, or hardware acceleration path that Windows merely exposed.
Why visibility tools don’t always catch it
Tools like Sysmon are excellent at recording what happens inside the operating system. They act like a flight recorder for processes, network connections, and file activity.
But Sysmon can’t log what never reaches the OS.
A reboot triggered by firmware, a GPU driver reset, or a kernel-mode failure can occur before logging completes. From an administrator’s perspective, it feels like the system went silent without warning. In reality, the failure happened below the level where logs exist.
The thin line between stable and broken
Stability often comes down to small decisions.
A BIOS update here. A GPU driver change there. Hardware acceleration enabled or disabled in a single application.
None of these changes look dramatic on their own, but together they determine whether a system runs quietly for months or reboots under pressure. That line between stable and broken is thinner than most people realize.
What I’ve learned
When troubleshooting modern Windows systems, I no longer ask, “What did Windows do wrong?” first.
I ask:
What changed below the OS
Which drivers are involved
What hardware path is being exercised
Whether the failure happens under load or acceleration
More often than not, the answer reveals itself there.
Final thought
Windows 11 is rarely the villain in these stories. It’s the surface where deeper tensions finally show themselves.
Understanding that difference changes how you troubleshoot, how you update, and how you design systems meant to stay online.
Most Windows 11 instability doesn’t live in the OS itself, but at the edges where hardware, drivers, and applications meet.
Understanding Failure at the Boundaries
Why this post exists
When something breaks after a Windows 11 update, the operating system is usually the first thing blamed.
That reaction is understandable. It is also often wrong.
Most Windows 11 issues I’ve seen in production environments were not caused by Windows itself, but by interactions at the boundaries — drivers, firmware, graphics acceleration, and modern hardware pipelines colliding under load.
This post is about recognizing that pattern before making changes you can’t easily undo.
Windows 11 changed the execution model
Windows 11 didn’t just refresh the UI. It tightened and modernized how the system interacts with hardware.
Notable shifts include:
heavier GPU offloading
deeper integration with modern drivers
stricter timing and power management
increased reliance on hardware acceleration
These changes improved performance and security — but they also exposed weaknesses that were previously hidden.
Where failures actually occur
Most Windows 11 instability I’ve seen does not originate in the OS core.
It shows up at the edges:
camera pipelines invoking GPU acceleration
browsers rendering complex content
collaboration tools engaging media stacks
document editors interacting with graphics layers
When these systems overlap, failure is rarely clean.
The result can look dramatic:
sudden reboots
frozen screens
applications triggering system instability
But the OS is often just the messenger.
Why blaming the OS is tempting
Blaming Windows feels productive because it is visible and recent.
But doing so can lead to:
unnecessary registry changes
disabling core protections
rolling back updates prematurely
introducing instability elsewhere
Experienced engineers pause here.
They ask a different question: “What interaction just occurred?”
A real-world pattern
In several recent incidents, systems rebooted only when:
the camera was enabled
a browser rendered media-heavy pages
a document triggered graphics rendering
The same machines were otherwise stable.
That pattern points away from Windows itself and toward:
GPU drivers
hardware acceleration paths
firmware timing
vendor-specific optimizations
The fix is rarely global. It is almost always surgical.
Why restraint matters
Windows 11 gives us many levers:
registry overrides
advanced graphics settings
feature toggles
Just because a lever exists does not mean it should be pulled.
Sometimes the most correct decision is:
identify the root cause
mitigate user impact
document the behavior
wait for vendor correction
Stability is not always achieved by action. Sometimes it is preserved by restraint.
What Windows 11 is actually doing well
Despite the noise, Windows 11 has proven to be:
more secure by default
more consistent under load
better integrated with modern hardware
less tolerant of outdated assumptions
Those are strengths, not weaknesses.
They require us to think more holistically about the stack.
The lesson Windows 11 keeps teaching
Modern systems fail at the seams.
Operating systems, drivers, firmware, and applications now behave as a single organism.
When one part misbehaves, symptoms surface elsewhere.
The job is not to assign blame quickly. The job is to understand interaction.
Final reflection
Windows 11 didn’t break our environments.
It revealed where we were already fragile.
Once you see that pattern, troubleshooting becomes calmer, more precise, and far less reactive.
Sysmon Event ID 1 in action. Each entry records a process creation event, showing when a process started and providing the first layer of visibility into how activity begins on an endpoint.
Seeing What Actually Happens
Why this post exists
Sysmon is often misunderstood.
Some expect dashboards. Others expect alerts. A few expect it to magically explain incidents on its own.
Sysmon does none of those things.
What it does extremely well is something more fundamental. It records what actually happened.
Think of Sysmon as a black box flight recorder for a computer.
What Sysmon is
Sysmon (System Monitor) is a Windows system service from Microsoft Sysinternals.
Once installed, it continuously records detailed system activity into the Windows Event Log, including:
Process creation and command lines
Network connections
DLL and driver loading
Process access and injection behavior
Sysmon does not block activity. It does not alert. It observes and records.
What Sysmon is not
Sysmon is not:
A SIEM
A reporting platform
An inventory system
A centralized logging solution
Sysmon logs locally on each endpoint only.
Visibility comes later, when those logs are queried, collected, or forwarded.
Where Sysmon logs live
All Sysmon telemetry is written to the Windows Event Log on each machine.
Log path:
Microsoft-Windows-Sysmon/Operational
These logs can be:
Queried locally with PowerShell
Forwarded using Windows Event Forwarding
Collected by a SIEM
Reviewed during investigations
Why companies deploy Sysmon
Most security incidents are investigated after the fact.
Without Sysmon, questions like these are difficult to answer:
How did this process start?
What command launched it?
What network connection did it make?
Was this behavior normal for this system?
Sysmon provides the raw telemetry needed to answer those questions with evidence, not assumptions.
Where Sysmon comes from
Sysmon is part of Microsoft Sysinternals and is downloaded directly from Microsoft:
Subnetting in the real world. A /30 is the transit bridge to the ISP. The routed /29 is the public space you actually use behind the firewall.
Excerpt Subnetting clicks when you stop treating it like math and start treating it like design. The moment you get public IPs from an ISP like Comcast, you realize there are two stories happening at once. The transit link that connects you to the ISP, and the routed public block you can actually use inside your firewall.
Intro Subnetting is the practice of dividing an IP space into smaller networks so routing, security, and growth stay predictable. That sounds academic until you get a real ISP handoff and suddenly someone says, “Here’s a /30,” and you discover you only get one IP you can assign. Then they also give you a /29, and you are told those are your public LAN IPs, but they do not live on your WAN port the way you think they do.
This post will make that feel normal.
Notes from the Author Subnetting became real for me when Comcast handed us public IP space and the physical reality did not match the training diagrams. I learned there is a difference between an ISP transit network and a routed block. Once you see that difference, /29 and /30 stop being confusing and start being tools.
Perspective What is subnetting Subnetting is splitting a network into smaller networks by borrowing bits from the host portion and adding them to the network portion. The prefix length, like /24 or /30, tells you how many bits are network bits.
Why it is necessary
Routing clarity Routers make decisions based on networks, not individual IPs.
Security boundaries Separate systems by function. Users, servers, guests, printers, management.
Broadcast control Smaller broadcast domains reduce noise and improve performance.
Clean growth You can expand without renumbering everything if you plan.
Two ISP stories you must separate Story 1: The transit link, often a /30 or /31 This is the point to point connection between your firewall WAN interface and the ISP. It is not your “public LAN block.” It is just the link.
Story 2: The routed block, often a /29, /28, or larger These are the public IPs you can use for NAT, 1:1 mappings, public services, or DMZ addresses. The ISP routes that block to you through the WAN link.
This is why people say, “Comcast gave me a /30 and I only have one usable IP.” In a /30 there are 4 addresses total. Two are usable, but one is almost always used by the ISP side, and the other is used by your WAN interface. That leaves you with only one you can assign on your equipment, which makes it feel like “one usable.” That is normal.
Practice Today (Not Someday) Here are easy to very difficult examples with answers. Read them in order. The goal is understanding, not speed.
Example 1, easy Network: 192.168.1.0/24 Question: How many usable IPs, and what is the usable range
Example 2, easy to medium Requirement: at least 50 devices Base: 192.168.10.0 Question: What prefix fits, and what is the first subnet range
Answer Need at least 50 hosts. Next power of two is 64 addresses. 64 addresses means /26. Mask: 255.255.255.192 First subnet: 192.168.10.0/26 Network: 192.168.10.0 Broadcast: 192.168.10.63 Usable: 192.168.10.1 to 192.168.10.62
Example 3, medium Network: 10.20.30.0/27 Question: What is the usable range and how many usable IPs
Answer /27 means 32 addresses Usable: 30 Network: 10.20.30.0 Broadcast: 10.20.30.31 Usable: 10.20.30.1 to 10.20.30.30
Example 4, public IP reality check, /30 transit Comcast gives you: 203.0.113.8/30 Question: What are the four addresses, and which one do you typically put on your firewall WAN
Answer /30 is 4 addresses total, increments of 4 Block: 203.0.113.8 to 203.0.113.11
Network: 203.0.113.8 Usable: 203.0.113.9 and 203.0.113.10 Broadcast: 203.0.113.11
Typical assignment ISP gateway: 203.0.113.9 Your firewall WAN: 203.0.113.10 This is why it feels like you only got one usable IP. You only got one usable IP for your side. The other usable belongs to the ISP side.
Example 5, common ISP setup, /30 transit plus routed /29 Comcast gives you two things
Transit: 198.51.100.0/30
Routed block: 198.51.100.8/29 routed to your WAN IP
Question A: What goes on the WAN interface Question B: What is the usable range of the /29 and how do you actually use it
Answer A, WAN interface Transit /30 block is 198.51.100.0 to 198.51.100.3 Network: 198.51.100.0 Usable: 198.51.100.1 and 198.51.100.2 Broadcast: 198.51.100.3
Typical ISP gateway: 198.51.100.1 Your WAN: 198.51.100.2
Answer B, routed /29 /29 is 8 addresses total, increments of 8 Block: 198.51.100.8 to 198.51.100.15 Network: 198.51.100.8 Broadcast: 198.51.100.15 Usable: 198.51.100.9 to 198.51.100.14
How you use it These /29 addresses usually do not get placed directly on the WAN interface. Instead, the ISP routes that entire /29 to your WAN IP on the transit /30. Then inside your firewall you can use them for:
1:1 NAT mappings to internal hosts
Public VIPs on a DMZ interface
NAT pools
Assigning a public IP to a specific service
The key phrase you ask Comcast for is: “Confirm the routed block is routed to my WAN IP and provide the next hop.” That next hop is your WAN IP on the /30.
Example 6, difficult, find the /29 block and answer fast Given public IP: 64.71.22.14/29 Question: What is the network, broadcast, usable range
Answer /29 increments by 8 in the last octet Find the nearest multiple of 8 less than or equal to 14 8 and 16 bracket it, so network is 8
Network: 64.71.22.8 Broadcast: 64.71.22.15 Usable: 64.71.22.9 to 64.71.22.14
Example 7, difficult, build a WAN /30 from a random IP You are told your WAN IP is 75.120.44.6/30 Question: What is the /30 block and what is the ISP gateway likely to be
Answer /30 increments by 4 Nearest multiple of 4 less than or equal to 6 is 4 So block is 75.120.44.4 to 75.120.44.7
Network: 75.120.44.4 Usable: 75.120.44.5 and 75.120.44.6 Broadcast: 75.120.44.7
Likely ISP gateway: 75.120.44.5 Your WAN: 75.120.44.6
Example 8, very difficult, design for two ISPs with clean routing Requirement
ISP1 gives transit /30 and routed /29
ISP2 gives transit /30 and routed /29 You want to publish two services, one primary on ISP1, one primary on ISP2, with failover possible later.
Answer concept
Put only the transit /30 on each WAN interface
Confirm each routed /29 is routed to the correct WAN IP
Publish Service A using a public IP from ISP1 routed /29 with 1:1 NAT to internal host
Publish Service B using a public IP from ISP2 routed /29 with 1:1 NAT to internal host
Keep internal addressing private RFC1918 and do not mix public blocks inside LAN unless you have a real DMZ plan
Make sure the firewall supports policy based routing or proper default route tracking if you plan failover
This is where subnetting meets design.
Final Reflection Subnetting is not about counting. It is about ownership. When you know which addresses belong to the link, which belong to your routed block, and which belong to your internal network, you stop feeling confused. You start feeling calm.
Pocket I’m Keeping The /30 is the bridge. The routed /29 is the usable land.
What I Hear Now I can design this with intention. I can separate the transit from the routed block. I can explain it clearly to anyone on the team.
Not every battle is visible. But every choice to keep hope alive matters more than we realize.
EXCERPT
Hope is not lost in a single moment. It is stolen quietly, one small lie at a time.
INTRO
Scripture teaches that the adversary does not simply oppose us. He seeks to strip us of joy, confidence, and hope itself. Lehi warned that the devil works tirelessly to rob us of our agency and lead us toward misery. Nephi later added that these efforts are rarely loud or obvious. They are subtle. Gradual. Easy to overlook if we are not watchful.
That pattern explains why discouragement so often feels heavier than temptation. The enemy’s goal is not only to make us stumble, but to convince us that getting back up is pointless.
Yet the scriptures also give us a clear pattern for resistance.
After Moses had seen God and spoken with Him, he found himself suddenly alone and physically weak. In that vulnerable moment, Satan appeared and demanded worship. The timing was no accident. Weakness is when doubt feels loudest.
But Moses was not confused. He did not argue. He did not panic. He anchored himself in truth.
He remembered who he was.
NOTES FROM THE SCRIPTURES
Moses’ encounter with Satan teaches us that temptation often comes after spiritual strength. When the vision ended, Moses was left exhausted. That is when Satan approached him, trying to blur the line between creator and pretender.
But Moses did not measure himself by his weakness. He measured himself by his identity.
He stood on three unshakable principles.
First, he remembered that he was a son of God. Second, he refused to stop resisting when temptation persisted. Third, he relied fully on the power of Jesus Christ.
Each step brought greater strength until Satan’s influence finally broke.
The pattern is clear. Identity anchors us. Persistence strengthens us. The Savior delivers us.
PERSPECTIVE (DIRECT QUOTES)
Scripture
“I have a work for thee, Moses, my son.” Moses 1:6
“Moses, son of man, worship me.” Moses 1:12
“Who art thou? For behold, I am a son of God.” Moses 1:13
“Get thee hence, Satan; deceive me not.” Moses 1:16
“Depart hence, Satan.” Moses 1:18
“In the name of the Only Begotten, depart hence, Satan.” Moses 1:21
“Satan cried with a loud voice, with weeping, and wailing, and gnashing of teeth; and he departed hence.” Moses 1:22
Sister Tamara W. Runia
“Satan is the thief of hope.”
“Your Repentance Doesn’t Burden Jesus Christ; It Brightens His Joy,” April 2025 General Conference
PRACTICE (TODAY, NOT SOMEDAY)
Today, I will resist temptation by choosing three simple acts of faith.
I will remember who I am. A child of God, not defined by weakness, but by divine heritage.
I will be persistent. I will not give up just because temptation returns. I will stand again, and again, and again.
I will rely on Jesus Christ. Not only in moments of crisis, but in every quiet struggle where hope feels fragile.
FINAL REFLECTION
Satan rarely begins by asking us to abandon faith. He begins by whispering that faith is not working.
He steals hope before he steals obedience. He drains courage before he attacks conviction.
But Moses shows us a better way.
Hope is protected when we know who we are. Strength grows when we keep standing. Victory comes when we trust in the Savior’s power instead of our own.
POCKET I’M KEEPING
Hope is not something I lose. It is something I must protect.
WHAT I HEAR NOW
“Satan is the thief of hope.”
But Jesus Christ is the Giver of strength. And with Him, hope can never truly be stolen.
Snow resting on the Oquirrh Mountain Temple this morning, a quiet reminder that even in the coldest seasons, God is still building something holy in us.
EXCERPT
God does not just see who we are. He sees what we can become — and invites us to help Him get there.
INTRO
Most of us want to feel valued, not just noticed, but trusted. We want to know that our lives matter beyond our own circle, that what we do makes a real difference.
One of the quiet truths of the gospel is that God increases our sense of worth by inviting us to participate in His work. He does not simply affirm who we are. He assigns us something meaningful to do.
When the Lord spoke to Moses, He first declared, “Thou art my son.” Then He added an invitation that changed everything: “I have a work for thee.” In that moment, identity became purpose.
The same pattern appears again and again in scripture. Abraham learned that he had been chosen before he was born. Alma taught that many were prepared from the foundation of the world to help others enter God’s rest. These were not random callings. They were expressions of divine confidence.
Not everyone receives a visible role like Moses or Abraham. Most of us are called in quieter ways. Still, the principle is the same. Whether the work feels large or small, every invitation to serve is God saying, I trust you. I need you. You matter in My plan.
NOTES FROM THE SCRIPTURES
Throughout scripture, God affirms worth and then invites action.
Moses learned he was a son of God before being sent to liberate a nation. Abraham learned he was chosen before being entrusted with leadership. Alma taught that many were prepared long before they were ever called.
The pattern is consistent. Calling follows confidence. Service follows identity.
Even Amulek, who described himself as being “called many times,” shows us that repeated, simple invitations can be just as sacred as dramatic ones.
PERSPECTIVE (DIRECT QUOTES)
Scripture
“I have a work for thee, Moses, my son.” Moses 1:6
“Thou wast chosen before thou wast born.” Abraham 3:23
“They were called and prepared from the foundation of the world.” Alma 13:3
President Spencer W. Kimball
God does notice us, and he watches over us. But it is usually through another person that he meets our needs. Therefore, it is vital that we serve each other in the kingdom. … So often, our acts of service consist of simple encouragement or of giving mundane help with mundane tasks, but what glorious consequences can flow from mundane acts and from small but deliberate deeds!
“Small Acts of Service,” Ensign, December 1974
President Thomas S. Monson
I experienced … as I have many times before, a sense of gratitude that my Heavenly Father had answered another person’s prayer through me.
“The Priesthood—a Sacred Gift,” April 2007 General Conference
PRACTICE (TODAY, NOT SOMEDAY)
Today, I will look for the ways God is calling me to serve.
Not only in the obvious moments, but in the quiet ones. In a kind word. In a listening ear. In a simple act that no one else may notice.
I will recognize these invitations for what they truly are. Not interruptions. Not obligations. But expressions of trust.
Each small call is a reminder that God believes in me. That He sees my potential. That He trusts my ability to bless others right now.
FINAL REFLECTION
Some people are asked to lead nations. Others are asked to lift one soul at a time.
Both are sacred.
God’s work does not move forward only through grand moments. It advances through countless quiet acts of faith, done by ordinary people who accept divine invitations.
To be given work in God’s kingdom is not a burden. It is a gift. A sign of confidence from heaven.
POCKET I’M KEEPING
When God gives me something to do, He is not testing me. He is trusting me.
WHAT I HEAR NOW
“I have a work for thee.”
Not just for prophets. Not just for leaders. But for me. Today.
A quiet morning at the Los Angeles Temple, where light meets stillness and reminds me that every day with Jesus Christ is a new beginning.
EXCERPT
A new year does not begin because the calendar changes. It begins because Jesus Christ makes change possible, again and again.
INTRO
January always feels like a threshold, but this year feels different. I am not stepping into 2026 only with goals, but with a deeper awareness of how much I still need the grace of new beginnings.
On a personal level, I began something in late December that has already humbled me. I enrolled in boxing training and quickly learned the truth of a saying I once heard, “Everyone can fight, but not everyone can box.” Since December 23, I have trained six days a week, three hours a day, discovering that boxing is not about force, but fundamentals. Footwork. Head movement. Timing. Discipline. Skills, technique, and speed matter more than power.
Watching the greats only deepened that lesson. Manny Pacquiao, an eight-division world champion, did not become legendary by relying on strength alone, but by mastering movement, adaptability, and relentless discipline. His career is proof that greatness is built on fundamentals refined over time.
The same principle echoes in Bruce Lee’s timeless words, “Be water, my friend.” To be adaptable. Formless. Fluid. To empty the mind and adjust to whatever shape life requires. Water flows around obstacles, yet can also crash through them when needed. That image has stayed with me in training. Every session feels like learning how to move with life rather than against it.
Professionally, 2026 brings its own kind of discipline. Major work lies ahead. Domain transitions. Intune migrations. Expanding responsibilities in Azure that will demand precision, patience, and steady endurance. These are not quick victories. They require humility, adaptability, and the willingness to begin again when plans change.
As I reflected on these personal and professional goals, Elder Patrick Kearon’s message from General Conference settled deeply in my heart. His words felt like the spiritual parallel to everything I was learning in the gym and at work.
“All of us can have a new beginning through, and because of, Jesus Christ. Even you.”
In that moment, I saw the connection clearly. Boxing teaches me to move with discipline. Work teaches me to adapt with patience. But the Savior teaches me something far greater.
No matter how many times I stumble, hesitate, or feel behind, through Jesus Christ I am never out of beginnings. This year is not just about improvement. It is about remembering that in every arena of life, spiritual and temporal, I am allowed to start again.
NOTES FROM ELDER PATRICK KEARON
Elder Kearon reminded us that when Jesus walked among the people, He did more than perform miracles. He restored hope. He reached those society avoided. He touched the diseased and comforted the weary. He taught liberating truth and called sinners to repentance.
To the blind, the lame, the grieving, the ashamed, and the broken in spirit, what the Savior offered was not simply relief from pain. He offered a new beginning.
Not once. Not rarely. But as often as needed.
Elder Kearon taught that baptism is not our only chance to start again. Through weekly sacrament and daily repentance, we are invited into continual renewal. This is not a church of one-time forgiveness. This is the Church of new beginnings.
PERSPECTIVE (DIRECT QUOTES)
“All of us can have a new beginning through, and because of, Jesus Christ. Even you.”
“With baptism by water and the Spirit, we are born again and can walk in newness of life.”
“These new beginnings can happen every day.”
“Jesus gives us as many new beginnings as we need.”
PRACTICE (TODAY, NOT SOMEDAY)
Today’s practice is choosing renewal over regret.
It is stepping into the gym again, even when yesterday felt like failure. It is opening the laptop again, even when yesterday felt overwhelming. It is kneeling in prayer again, even when yesterday felt heavy.
Faith is not demanding perfect conditions. Faith is trusting the Savior who makes imperfect beginnings holy.
Repentance is not fear. It is hope in motion.
FINAL REFLECTION
The Savior never gave up on His mission, even when the cost was suffering beyond measure. He endured so that I would never run out of beginnings.
Not just at baptism. Not just at major turning points. But every ordinary day when I choose to stand up again.
That is what faithful endurance looks like. Not perfection. But persistence with God.
POCKET I’M KEEPING
I do not have to wait for a perfect moment to change. I only need to choose to begin again, today.
WHAT I HEAR NOW
“All of us can have a new beginning through, and because of, Jesus Christ. Even you.”
“This is the Church of new beginnings.”
“Jesus gives us as many new beginnings as we need.”
In the world of Infrastructure Engineering, we often say that “Complexity is the enemy of reliability.” Whether we are managing an M365 environment or a distributed network of remote nodes, the goal is always the same: High Availability (HA).
As a Senior Engineer, I view system resilience through three specific forensic lenses. Here is how we ensure “Uptime” when the environment becomes unpredictable.
1. The Heartbeat Protocol: Real-Time Telemetry
In a distributed system, you cannot manage what you cannot see. Implementing a “Heartbeat” or real-time location sharing for remote assets is the difference between proactive recovery and forensic failure analysis.
A consistent heartbeat ensures that the central controller knows exactly where the data (or the asset) is at all times. If a node goes silent—especially during a critical window like a 3:00 AM deployment—the system shouldn’t have to wait for a user to report a “down” status; the heartbeat failure should trigger the “Rescue Protocol” automatically.
2. Edge Hardening: Preparing for Environmental Extremes
We often focus on the software, but the physical “Base Layer” is where many systems fail. In engineering, we call this Environmental Hardening. Just as we provide thermal protection for outdoor hardware to prevent “cold-start” failures, we must ensure our digital assets have the proper “insulation.” In an enterprise context, this means:
Redundant Power: Ensuring “thermodynamic” stability for remote nodes.
Physical Security: Using high-fidelity interfaces to maintain signal integrity in noisy environments.
3. Resource Pooling: Eliminating Single Points of Failure
The most resilient systems utilize Resource Pooling. By creating a “Joint Account” of resources (storage, compute, or capital), we ensure that the system has immediate access to what it needs, even if one “administrator” is offline.
Moving from a single-owner architecture to a shared-resource model reduces latency and ensures that the mission (the application) continues to run without interruption. It is the ultimate safeguard against the “Government Thieves” of data—bottlenecks and probate-like locks.
Forensic Conclusion: True engineering isn’t about building a system that never fails; it’s about building a system that is sensible enough to recover when it does. As the late Bruce Lee said, “The stiffest tree is most easily cracked, while the bamboo or willow survives by bending with the wind.”
System Monitoring Made Simple for IT Admins & Security Pros
Sysmon (System Monitor) is part of Microsoft’s Sysinternals Suite, and it gives you deep visibility into process creation, network connections, file changes, and system activity. For threat detection, forensics, and baselining, Sysmon is one of the most powerful free tools you can deploy.
In this guide, I’ll walk through the step-by-step process of installing Sysmon cleanly on a Windows 11 machine, loading a hardened configuration, enabling the event log, and validating that everything is working.
This is the exact method I used on my laptop — clean, repeatable, and production-ready.
1. Prerequisites
Before you start:
Log in as a user with Local Administrator rights.
Open PowerShell as Administrator.
You’ll be using a mixture of PowerShell commands and Event Viewer, so make sure you have admin elevation.
2. Download Sysinternals Suite
Microsoft distributes Sysmon inside the Sysinternals Suite ZIP.
Download Sysinternals Suite from Microsoft’s official site.
Right-click Sysmon → Operational → Add to Favorites.
9. Updating the Sysmon Config Later
If you want to modify or replace the config:
cd C:\Sysinternals
.\Sysmon64.exe -c C:\Scripts\Sysmon\sysmonconfig.xml
You should see:
Configuration updated.
No reinstall required.
10. Uninstall Sysmon (if needed)
cd C:\Sysinternals
.\Sysmon64.exe -u force
This removes:
Sysmon64 service
SysmonDrv driver
Registry entries
Event manifest
Conclusion
Once installed, Sysmon becomes a powerful source of system telemetry for:
Threat hunting
Malware investigation
Lateral movement detection
Process monitoring
Incident response
Forensic analysis
With a hardened config, Sysmon gives deep visibility with minimal overhead — making it an essential component of any Windows security stack.
If you’re deploying Sysmon across multiple endpoints (like we do at work), you can automate it using Intune, GPO, or a custom PowerShell deployment package.
A fiery sky closing the day, almost as if heaven was offering its own hymn. The temple stood steady, unchanged, reminding me to praise Him not only in blessings received, but in blessings still forming.
Excerpt
A Thanksgiving weekend temple visit, four evening photos, quiet worship, and a lesson about gratitude that opened my heart in a new way.
Intro
Last night at the Syracuse Utah Temple, I watched the sky turn from warm sunset to cold moonrise. Christmas lights glowed on the temple grounds, and a waxing gibbous moon appeared just as I finished my proxy endowment session. It reminded me of something simple but powerful: joy is meant to be expressed. And worship, especially through music, is one of the clearest ways to do it.
Notes from Elder Cook and Elder Soares
Giving voice to our joy is just as important as seeking comfort in sorrow. Elder Quentin L Cook taught that lives full of praise, music, and thanksgiving are uniquely blessed. Moroni described worship this way: Preaching, exhorting, prayer, supplication, and singing — all led by the Spirit. Elder Ulisses Soares reminded us to tune our hearts to the Lord through sincere singing of sacred hymns. Singing is the one form of worship where the entire congregation participates. It is unity in real time.
Perspective
Last night I thought about the way music lifts the soul. A hymn is not just melody. It is prayer with a pulse. When we sing, we do not stand alone. Heaven joins us. I felt that inside the endowment room and again as I took photos outside: worship is not something we check off. It is something we become.
Practice (today, not someday)
Today I will worship with music. I will lift my voice, even quietly, in hymn-singing. I will let the words settle into my mind and soften my heart. I will give thanks in song, not just in thought.
Final Reflection
Tonight a single scripture opened in a new way for me: D&C 59:21. The Lord did not say to thank Him for all things. He said to acknowledge His hand “in” all things.
There is a difference. For is gratitude for what God has already done. In is gratitude for what God is about to do.
“For” looks back. “In” looks forward. For celebrates what arrived. In trusts what is still forming.
Being thankful for blessings is remembering. Being thankful in blessings is faith — the kind that walks forward without seeing the whole path. Last night I learned that gratitude is not only a reaction to the past. It is trust in the present. It is the courage to say, even before the blessing is visible, I know God is working in this.
Pocket I’m Keeping
Gratitude is not only looking back at what God has done. It is looking forward with faith at what He is shaping next.
What I Hear Now (direct quotes)
Moroni 6:6 Their meetings were conducted after the manner of the workings of the Spirit. Elder Cook Lives full of praise, music, and thanksgiving are uniquely blessed. Elder Soares Tune your heart to the Lord through sincere singing.
Whether it’s PowerShell, VMware, or supporting the team, I give my best because people depend on what happens behind this screen.
Introduction
Email is still the heart of business communication, and it’s also the easiest door for attackers to exploit. This is my real-world approach to securing Exchange Online: how I protect messages, enforce policies, retain critical data, and keep unwanted activity out of the environment. These are the tools I use every day — quiet, behind-the-scenes work that keeps an entire organization safe.
Messaging Policies and Mail Protection
What
Mail flow rules control how messages enter, exit, and move inside the company. They prevent risky behavior, secure sensitive data, and keep communication structured.
Why
Without strict policies, users can accidentally leak information, forward confidential data, or bypass compliance rules.
How
Mail Flow Rules I Maintain
• Prevent auto-forwarding outside the company • Block forwarding to personal Gmail/Yahoo • Restrict sensitive keywords (finance, HR, payroll) • Add disclaimers for external recipients • Enforce rules for shared mailboxes
This is my Exchange Online security toolkit — the messaging controls, retention systems, compliance protections, and routing safeguards I use every day. These tools protect users, leadership, legal teams, and the entire organization from silent risks that hide inside email traffic.
Real security isn’t loud. It’s consistent, careful, and invisible — until the moment it saves the business.
One of my favorite seasons of my life. Serving the city, keeping critical systems alive, and learning the foundations that shaped who I am as an engineer today. Every console screen taught me something new and every problem strengthened my desire to help others through technology.
My Essential IT Troubleshooting Guide
In every company I have worked for, the tools that saved the day were not fancy dashboards but simple commands and fundamentals I could trust. This is my personal troubleshooting arsenal, written so even a non technical reader can follow the logic behind what I do.
Each section answers three things • What it is • Why it matters • How I use it in real life
Name Resolution Basics
A record
What • A record is a phone book entry that says “this name belongs to this IP address.”
Why • Users remember names better than numbers. If the A record is wrong or missing, they land in the wrong place or nowhere.
How I use it • When a site is not loading, I ping the name and check if the IP address matches what we expect. • If it does not, I fix the A record in DNS and wait for it to replicate.
CNAME
What • A CNAME is a nickname that points one name to another name.
Why • It lets you move services without breaking users. The public name stays the same while the target changes behind the scenes.
How I use it • For services like autodiscover or app portals, I often see CNAMEs that point to Microsoft or another provider. • When something breaks after a cutover, CNAMEs are one of the first things I verify.
DNS
What • DNS is the global phone book that turns names into IP addresses.
Why • If DNS fails, everything feels broken. Browsers, Outlook, file shares, all of them depend on DNS.
How I use it • I run nslookup name.company.com to see which DNS server is answering and what IP it returns. • If users in one site can reach something and other users cannot, I compare DNS answers between locations.
Hosts file
What • The hosts file is a tiny local phone book on the computer.
Why • It overrides DNS for that machine. One bad line can send traffic to the wrong place.
How I use it • Location on Windows
C:\Windows\System32\drivers\etc\hosts
• I open it with Notepad as administrator. • If someone hard coded a testing IP and forgot about it, I comment it out or remove it, then flush DNS.
Flush cache
ipconfig /flushdns
Nbtstat and TCP IP
What • Nbtstat is an older tool for NetBIOS name resolution. • Hard coded TCP IP means a manual IP instead of DHCP.
Why • Nbtstat helps when legacy name lookups act strange. • Hard coded IPs can cause conflicts or make VLAN changes painful.
How I use it • nbtstat -n to see local NetBIOS names. • nbtstat -c to see the name cache. • When I find static IPs on client machines, I document them and move them to DHCP reservations so the network is easier to manage.
Network control panel shortcut
I still use this every week
From Run
ncp.cpl
It opens the Network Connections window so I can quickly check adapters, enable or disable, or look at IPv4 settings.
DHCP Essentials
What • DHCP hands out IP addresses, gateways and DNS to clients.
Why • If DHCP fails, users cannot get on the network or suddenly have duplicate addresses.
Best practices • Use at least two DHCP servers where possible. • Define scopes with correct gateway and DNS. • Use reservations for printers and key servers.
Commands I use on clients
ipconfig /release ipconfig /renew
If a user can reach the internet but not internal resources, I check that DNS from DHCP is internal and not a public resolver.
MX, Autodiscover and Mail Flow
MX record
What • MX tells the world which server receives mail for your domain.
Why • If MX points to the wrong place or has a low priority backup you forgot, email can vanish or queue.
How I use it • I use MXToolbox to check MX records and verify that they point to Exchange Online or the correct email gateway.
Autodiscover
What • Autodiscover tells Outlook where to find the mailbox and settings.
Why • A broken autodiscover record means constant password prompts or profile creation failures.
How I use it • I verify the Autodiscover CNAME or SRV record. • I test with Outlook connectivity tools or Test-OutlookConnectivity when available.
Hunting spam engines and bad SMTP
Where malware hides • In browser extensions • In Outlook add ins • In unknown services or scheduled tasks that send mail through SMTP
How I clean it without reimaging • Check Outlook add ins and disable anything suspicious. • Run msconfig and Task Manager to review startup items and tasks. • Review SMTP logs on the server to see which host is sending unexpected traffic.
Certificates and SSL in Hybrid Environments
Internal web apps depend on trusted certificates so browsers know the site is safe. When an SSL expires, internal apps stop working and Chrome or Edge will show warnings.
Why we create new SSLs • Internal web apps must be trusted. • Intranet portals and legacy apps often stop working when an internal CA certificate expires. • External issued certs from DigiCert or GoDaddy are trusted by browsers.
Where I keep it • C:\Certs or another controlled folder • Never leave certificates scattered in Downloads
Core servers • I open Task Manager with Ctrl Shift Esc • File, Run, then mmc • Add the Certificates snap in and import there Or I import directly with PowerShell.
Machine Trust Relationship Problems
When Windows says “the trust relationship between this workstation and the primary domain failed,” the computer account and the domain no longer agree.
On a traditional domain • Disable LAN and WiFi • Log in using cached credentials • Reset the local admin password if needed • Disjoin from the domain and put it in a workgroup • Reboot • Join it back to the domain
For Azure AD joined devices
Check status
dsregcmd /status
If broken
dsregcmd /leave
Then re join from Settings under Access work or school.
RDP Session Cleanup
Sometimes users cannot remote into their office desktop because a stale session is still connected.
After that, they can reconnect without rebooting the server.
Active Directory Tools
ADSIEdit
What • A low level editor for Active Directory objects.
Why • Last resort for fixing broken attributes or lingering records when normal tools cannot reach them.
How I use it • Only with full backups and a clear change plan. • I use it to clean up orphaned objects or legacy settings left behind.
Event Viewer
What • The black box recorder of Windows.
Why • Every blue screen, login failure, replication problem and service crash leaves a trace here.
How I use it • eventvwr.msc • I focus on System and Directory Service logs on domain controllers, and Application logs on servers hosting apps.
FSMO Roles
What • Flexible Single Master Operations are special AD roles for schema, naming, PDC, RID and infrastructure.
Why • These make sure there is one source of truth for sensitive changes.
Best practice • Know exactly which DC holds each role. • Protect those DCs like crown jewels.
If a FSMO owner is gone forever • You can seize the role to a healthy DC using ntdsutil. • After seizing you never bring the old DC back online.
This is rare but every senior engineer should know the process in theory.
AD and Entra ID Health
On premise AD health
dcdiag repadmin /replsummary repadmin /showrepl
I always confirm • DNS is correct • SYSVOL is in sync • Time is correct and within a few minutes across all DCs
Entra ID health
Connect-MgGraph Get-MgUser Get-MgDirectoryAudit
I check • Sign in logs for failures • Conditional Access for blocked locations • Device compliance for machines that suddenly appear non compliant
AD controls computers and users on site. Entra controls cloud identity and device trust. In a hybrid world, both must be healthy.
Azure and Terraform
Azure CLI read only commands
az login az account show az group list az vm list az storage account list
These tell me what exists without changing anything.
Terraform for infrastructure as code • Initialize the directory terraform init • Format terraform fmt • Validate terraform validate • Plan terraform plan
Nothing changes until terraform apply is run. For interviews, being comfortable with init, plan and validate already shows good understanding.
Microsoft 365 Services
Group Policy
Purpose • Central control of security and settings for on premise joined machines.
How I create it gpmc.msc • New GPO • Edit with the settings I want • Link to the correct OU
Universal Print
What • Cloud based printing that removes the need for classic print servers.
Why • Easier management for hybrid and remote users.
I register printers in Universal Print and assign permissions based on groups, so users can get printers automatically.
SharePoint Online
Steps I follow • Go to Microsoft 365 admin center • Open SharePoint admin • Create a new site • Assign owners and members • Set sharing and retention policies
This becomes the central place for team documents and intranet content.
OneDrive and Data Migration
OneDrive • Sync client installed on machines • Known Folder Move for Desktop, Documents and Pictures • Version history to protect from mistakes and ransomware
Migrating data • I prefer SharePoint Migration Tool or Mover. • I clean old data first so I do not carry garbage into the cloud. • I communicate to users what will move and what will not.
Why This Arsenal Matters
These are the tools I have relied on in city government, banks, energy drinks, and manufacturing. They are not fancy, but they work.
Every time I help a user reconnect, restore a service, or clean up a broken configuration, I am really doing three things
• Protecting the company and its data • Supporting my teammates so they are not alone in the fire • Honoring the gift God gave me to understand and fix complex systems
This arsenal is how I serve. Whether I am helping a small office or a multi site enterprise, the pattern is the same ask good questions, run the right checks, fix the root cause, and leave clear notes so the next engineer can see the path.
Introduction Infrastructure as Code is not optional anymore. Terraform gives you a declarative way to build, modify, and destroy cloud resources cleanly. This tutorial shows exactly how to install Terraform, create your first configuration, and connect it to Azure without affecting your company’s production environment. I used these steps to rebuild my own skills after leaving California and stepping into Utah’s quiet season of learning.
Step 1 Install Terraform using Winget
Open PowerShell as admin
Run the installer winget install HashiCorp.Terraform –source winget
Restart your PowerShell window
Verify the installation terraform -version
You should see something like Terraform v1.14.0
Step 2 Create your Terraform workspace
Create a folder mkdir C:\terraform\test1
Go inside the folder cd C:\terraform\test1
Create a new file New-Item main.tf -ItemType File
Leave the file empty for now. Terraform just needs to see that a configuration file exists.
Step 3 Write your first Terraform configuration
Open main.tf and paste this:
provider “azurerm” { features {} }
Nothing created yet. This is read only.
The goal is to connect Terraform to Azure safely.
Save the file.
Step 4 Initialize Terraform
Run terraform init
This downloads the AzureRM provider and sets up your working directory.
You should see Terraform has been successfully initialized
Step 5 Install the Azure CLI
Terraform connects to Azure using your Azure CLI login. Install it with:
winget install Microsoft.AzureCLI
Verify it az –version
Step 6 Log into Azure
Run az login
A browser opens. Select your Azure account.
Important note If you see Martin’s Azure subscription, stop here and do not run terraform apply. Terraform plan is safe because it does not make changes.
Step 7 Check your Azure subscription
az account show
This confirms who you are logged in as and which subscription Terraform will use.
Step 8 Run your first Terraform plan
terraform plan
This reads your main.tf and checks for any required changes. Since your config is empty, the output will say: No changes. Infrastructure is up to date.
Step 9 Useful Azure CLI commands for Cloud Engineers
Check all resource groups az group list -o table
Check all VMs az vm list -o table
Check storage accounts az storage account list -o table
Check virtual networks az network vnet list -o table
Check VM status az vm get-instance-view –name VMNAME –resource-group RGNAME –query instanceView.statuses[1].displayStatus
Check Azure AD users az ad user list –filter “accountEnabled eq true” -o table
Check your role assignments az role assignment list –assignee <your UPN> -o table
These commands show LC that you are comfortable with both Terraform and Azure CLI.
Step 10 Can Terraform check Defender?
Terraform itself does not “check” Defender, but you can manage Defender settings as resources.
Since we did not deploy anything, no cleanup is required.
If you later create real resources, destroy them with terraform destroy
Final thoughts Terraform is one of the most powerful tools in cloud engineering. Once you know how to initialize it, authenticate with Azure, and run plans, you are already ahead of many engineers who feel overwhelmed by IaC. LC will immediately see that you are not just an Exchange guy or a VMware guy. You are becoming a modern DevOps cloud engineer who can manage infrastructure in code.
Terraform for M365 and Azure — Infrastructure-as-Code Made Simple
Introduction
Terraform is one of the most powerful tools for managing cloud environments because it lets you declare what you want and Azure builds it. No guessing. No clicking. No forgetting what you changed.
Even if M365 doesn’t support Terraform natively for all workloads, you can still automate Azure AD, Conditional Access, Groups, SPNs, Networking, Key Vault, and App Registrations through the Microsoft Graph provider.
I used IaC principles while supporting Church systems — Terraform makes environments repeatable, auditable, and consistent.
1. Installing Terraform
choco install terraform
2. Azure Login Block
provider "azurerm" {
features {}
}
provider "azuread" {
}
Elder Dieter F. Uchtdorf — October 2025 General Conference
Where effort meets grace, discipleship blooms
Excerpt
“Trust the Savior and engage, patiently and diligently, in doing your part with all your heart.”
Intro
Life moves fast — technology, deadlines, expectations, and noise. Elder Uchtdorf’s message reminded me to slow down, trust the Savior, and stay consistent in the small habits that shape who I am. It’s not about speed. It’s about direction. And the quiet discipline behind every disciple’s journey.
Notes from Elder Uchtdorf
Trust the Savior completely and give Him your steady daily effort. Discipleship requires practice. Skills fade without continued effort. Greatness grows from repetition, humility, and patience. The Lord magnifies even small efforts when offered with heart.
Perspective (direct quotes)
“Getting good at anything… takes consistent self-discipline and practice.” Whether flying, rowing, sowing, learning, or becoming — practice never stops.
“Trust the Savior and engage… in doing your part with all your heart.” He doesn’t ask perfection — just faith in motion.
Practice — Today, Not Someday
My Discipline in IT Technology evolves every day. You don’t master it once — you study daily. I use Microsoft Learn, Udemy, and YouTube Premium, and I blog because writing helps me lock in what I learn. This is my stewardship: my part in staying sharp.
My Discipline in Photography Photography isn’t just technical settings. It’s learning to read the light, study it, and anticipate it. Capturing it is an act of patience and discipline — just like discipleship.
My Discipline in Health My body is my engine. If I don’t stay fit, how can I keep up with the never-ending pace of IT? Health keeps my mind focused. My discipline keeps me grounded.
My RFC Trio Just like SPF, DKIM, and DMARC work as a trio — strengthening trust and protecting identity — my three disciplines work together:
Mind (IT) Creativity (Photography) Body (Health)
One supports the other. One anchors the next. And that’s how discipleship grows: line upon line, habit upon habit.
Final Reflection
Discipline is not punishment. It’s devotion — devotion to the future you, and trust in a God who sees more in you than you see in yourself. “Doing your part” isn’t dramatic or loud. It’s small steady steps that build spiritual muscle.
Pocket I’m Keeping
“Trust the Savior… and engage diligently in doing your part.” Not perfectly. Not instantly. Just faithfully.
What I Hear Now (direct quotes)
Consistency is strength. “Keep practicing.” “I will make your small offering enough.” “Do your part — I will do Mine.”
