177 Results Found
For several years, most news articles about a computer, network, or Internet-based compromise have mentioned the phrase "zero day exploit" or "zero day attack," but rarely do these articles define what this is. A zero day exploit is any attack that was previously unknown to the target or security experts in general. Many believe that the term refers to attacks that were just released into the wild or developed by hackers in the current calendar day. This is generally not the case. The "zero day" component of the term refers to the lack of prior knowledge about the attack, highlighting the idea that the victim has zero day's notice of an attack. The main feature of a zero day attack is that since it is an unknown attack, there are no specific defenses or filters for it. Thus, a wide number of targets are vulnerable to the exploit.
The novel coronavirus has changed many aspects of life for millions of people globally, including where they work. With the increase in remote work, it is important for both individuals and companies to be aware of the added cybersecurity risks. Join us as Paula shares real world examples and tips on how we all can be better prepared.
For women in IT, advancing your career can be a challenge in itself. In the Global Knowledge 2019 IT Skills and Salary Report, only eight percent of senior- and executive-level IT professionals are women. We have pulled data from our research that sheds light on the job roles, skills, challenges, certifications and experience of women in tech who have progressed to the highest levels of an organization.
Does your company have a risk management program? In this hour-long webinar, cybersecurity expert and Global Knowledge instructor David Willson will explain why you should. In light of recent breaches at Target, Nieman Marcus, Michaels, Yahoo, and a growing list of others, we're learning that FBI Director Mueller was right when he said getting breached is not a matter of if, but when. While having a risk management program may not prevent a breach, it can certainly lower the risk of one, ensure compliance, and reduce or even eliminate your liability if a breach does occur, enabling you to recover quickly and to protect your reputation. Beyond explaining the importance of a risk management program, David will tell you how to implement one, including conducting a basic risk assessment, policies you'll need, and training your workforce.
Watch this recorded webinar as CompTIA’s chief technology evangelist and Global Knowledge’s federal sales director discuss how pentesting has morphed.
This year, CISSP-certified IT professionals have the third highest global salary ($116,573) and the 10th highest in North America ($123,815). This is nothing new—CISSP has ranked in the top 10 in the U.S. each year since 2015, even coming in first in 2018. CISSP is a top-paying certification year after year. But how has it remained so relevant and valuable?
I recently responded to a message on LinkedIn from a regular reader of this blog. He asked several questions which I will answer over the course of several posts. As part of his first question, he described a strategy report that his group is producing. The audience for this strategy report considers ITIL important to the future of their business, and so he must describe which ITIL processes his data center operations group works most closely with.
The technologies examined reduce operational expenses (OpEx), not capital expenses (CapEx) that has traditionally been the focus of virtualization. Many companies implemented virtualization with the goal of saving money in the form of fewer servers to buy with a side benefit of reducing the footprint of the servers and lowering the required power and cooling. Most of the savings were in capital, but do not expect the same with many of the technologies listed here, because some may even require some additional capital expenditures, at least for software, in order to save on the day-to-day operations of IT. The bigger cost in running an IT department is in the OpEx category anyway, so savings there are recurring.
One of the main weapons of organized crime on the Internet is the use of junk email, also called spam. Hackers use spam for a number of purposes such as selling counterfeit products (medicines, particularly) to steal your personal or financial information, or to infect your computer with spyware and malware. This malicious software can then hijack your computer and your Internet connection to help propagate itself.
vSphere 5.5 is now available with myriad small improvements such as a faster Web Client, LACP, Autoscale and higher configuration maximums. In addition, there are changes coming such as VSAN, which may be ground-breaking in regard to VM storage of the future. Since the release of vSphere 5.5, they have not yet announced a change to the blueprint for the test. That being the case, I will say, for now, that the VCP-510 test should remain unchanged as well. My goal here is not to reeducate you on everything that you need to know for the test; instead, it is to point out the few changes that might apply in your company or organization.
The Cisco UCS is truly a “unified” architecture that integrates three major datacenter technologies into a single, coherent system: Computing Network Storage Instead of being simply the next generation of blade servers, the Cisco UCS is an innovative architecture designed from scratch to be highly scalable, efficient, and powerful with one-third less infrastructure than traditional blade servers.
According to Cisco marketing, Dynamic Multipoint VPN (DMVPN) “will lower capital and operation expenses, simplifies branch communications, reduces deployment complexity, and improves business resiliency.” Okay. But what is it, really, and why should we care?
The bad guys just keep getting better! No matter how much patching and tweaking we do, the bad guys' constantly changing tactics and techniques continue harming our networks, stealing and damaging data, and just generally screw things up. What motivates someone to do such terrible things in the first place? How have these hackers changed and improved? What kinds of attacks are popular now and why? In this hour-long webinar, security expert, former hacker and Global Knowledge instructor Phillip D. Shade will provide insight into understanding the latest hacking techniques, what the current threat landscape looks like, and suggested countermeasures to mitigate threats. He will include specific examples of the current threat landscape, including data mining, social engineering cyber threat terminology, man-in-the- middle attacks and Denial of Service (DoS) attacks.
Networks are under attack as hackers try to access systems to compromise or steal sensitive data and information. Understand the threats posed by malware, ransomware and social engineering.
Driven by recent increases in cryptocurrency values, Cryptojacking is poised to be the center of conversation in 2018. It’s one of the latest innovations in hacking in which a victim’s computer is enlisted to mine cryptocurrency. Unlike ransomware, this attack steals processor cycles in an attempt to mine Monero and other currencies, typically without the user’s knowledge or consent. Watch this timely 1-hour webinar where we will discuss – A quick overview of cryptocurrencies. A walk-through of a typical attack. The economics of the attackers. Possible mitigation strategies to keep you and your organization safe. With miners trying to take advantage of the rising cryptocurrency industry, join us as we investigate this cyber-crime and learn how you can protect yourself and your organization. View our complete Cybersecurity curriculum for courses that help you build fundamental to advanced cybersecurity techniques, prepare for top industry-recognized certifications or master product-specific skills.
Cloud and virtualization technologies have spawned a whole ecosystem of applications. But like any powerful technology, they can be used for bad as well as good. This session reviews the top 10 most common mistakes made in cloud and virtualization security.
Cyber resilience is becoming a bigger issue for all organizations. But what does “good cyber resilience” look like? And how do you get there?
In the previous post, we discussed the need for VXLAN in the cloud along with the issues it solves. In this post, we will focus more on how VXLAN works.
One of the most important steps in mastering a new technology is learning the associated terminology or vocabulary. In the IT field, this can be a very challenging step, as much of the terminology is often used inconsistently. This white paper defines the terminology associated with IT virtualization. It is mainly vendor-agnostic, but it does provide some vendor-specific terms, product names, and feature names used by VMware, Citrix, and Microsoft.
In 2013, VMware announced VMware Virtual SAN (VSAN), which is VMware's native version of Software Defined Storage (SDS). It is simple, easy to setup and managed by user-defined policies. This paper explains VSAN, its basic requirements and how it works.
There are some common misconceptions on the part of some of my students as to how VPN sessions are established from either a remote location or remote user to the ASA firewall. In particular, a “gray area” seems to be when the attributes from the tunnel group are app...
Resource Pools are often misunderstood, disliked, and untrusted by vSphere Administrators. However, resource pools can be very useful tools for administrators who want to configure resource management without having to individually configure each VM. This leads to the administrator’s desire to explore the proper usage of resource pools.
This vSphere Essentials white paper will give you a basic understanding of some of the concerns or planning points to consider as you get ready to deploy vSphere in your organization. This is a glimpse into some of the essential things to consider for implementing vSphere. This will focus on some of the basics that vSphere administrators run into when installing the latest features and not realizing they still have some older versions implemented.
While the recent trend towards cloud computing might make it seem like virtualization is new, it has existed in some form for many decades.
Examine fifteen common myths surrounding virtualization, including many that prevent IT administrators (or their bosses) from getting the maximum value from virtualization. This paper is designed to be vendor-neutral; in other words, the basic concepts and advantages are the same whether you choose to use Citrix XenServer, VMware vSphere, Microsoft Hyper-V, or one of the many Linux-based solutions. We'll break the reasons into three broad categories (Cost/ROI, Performance, and Other), allowing you to focus in on a specific area if desired, or you can review the entire white paper for a broader view.
This article defines many of the most commonly used terms in the virtualization vocabulary.
Virtualization is an umbrella term that continues to evolve to include many different types that are used in many different ways in production environments. Originally virtualization was done by writing software and firmware code for physical equipment so that the physical equipment could run multiple jobs at once. With the success of VMware and its virtualization of x86 hardware, the term virtualization has grown to include not just virtualizing servers, but whole new areas of IT. This article is going to look at the origins of virtualization and how some of the historical development has spurred on today's virtualization. In addition, we will discuss different types of virtualization that are being utilized in the marketplace today and a listing of some of the leading vendors.
Many people believe that cloud computing requires server (or desktop) virtualization. But does it? We will look at using virtualization without cloud computing, cloud computing without virtualization, and then look at using both together. In each case, we'll look at where each deployment might be most useful, some use cases for it and some limitations.
While the last few years have brought about many great advances in IT and network technology security and risk management have a critical point. There is a host of new concerns the IT security manager must be concerned with, including social networking, mobile, cloud, and information sharing. This has unleashed a new wave of change and potential risk. Risk management is required to deal with these emerging technologies and should provide the rationale for all information security activities within the organization. You can think of risk management as the process of ensuring that the impact of threats and exploited vulnerabilities is within acceptable limits at an acceptable cost. Risk management requires the use of countermeasures. Countermeasures can include any process that serves to reduce threats or vulnerabilities.
Occasionally as I'm teaching a Cisco training class, I get an idea for a blog post and it happened again this week. The Securing Networks with ASA Fundamentals curriculum is mostly based on the Adaptive Security Device Manager (ASDM). While the class describes the us...
If you are upgrading to ESXi 5.1, there are some important facts that you should consider first. Upgrading involves many stages and processes that must be performed in a specific order. Many of these processes are one-way and do not provide a "back button." If you do not use care and consideration in your upgrade plan, you could possibly lose important data and configuration; and potentially even lose contact with your servers.
If you're running SharePoint 2010, learn how SharePoint 2013 is different and what you'll need to learn to deploy it effectively.
Join Microsoft SQL Server expert Brian Egler for an hour-long webinar covering the key features and updates in the upcoming release of Microsoft SQL Server 2014! You will get a thorough review, along with demonstrations, of how SQL Server 2014 provides substantial improvements in performance, manageability, and availability that will make your job easier.
There is a wide-range of services available in GCP ranging from Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS) to completely managed Software-as-a-Service (SaaS). In the first part of this series, we will discuss the available infrastructure components and how they provide a powerful and flexible foundation on which to build your applications.
A brief introduction to the basics of penetration testing.
The responsibility for securing organizational data has spread beyond the traditional IT professional. While there are more diverse security solutions, there are more diverse and sophisticated security threats. Security awareness and training is essential for everyone within an organization. Learn how Cisco has continued to evolve its security solutions and training.
The VMware NSX platform combines networking and security functionality directly in the hypervisor and it interoperable with a vast majority of VMware’s products. The platform provides a set of logical networking elements and services, using logical switching, routing, load balancing, VPN, firewall, etc. This product decouples network functionality from the physical devices.
VMware announced Horizon 7 in February and subsequently released the software updates. Horizon 7 provides a more streamlined, high-performance virtual desktop and application experience. New updates include features such as Instant Clones, Smart Policies, Blast Extreme and greater scalability with Cloud Pod Architecture. Let’s dig into the seven key features that Horizon 7 brings!
The Internet is not a safe place. We see that more than ever with the security breaches of businesses and individuals in the news on a daily basis. As Internet citizens, we need to take our protection into our own hands, as obviously most online services are not doing their best to protect us.
Many employees are not as well-versed in their company’s security policy as they should be. This may result in workers performing tasks that might seem innocent or benign on the surface, but which actually put the organization at risk of a security breach. Understanding what you are doing (as an employee) or what your users are doing (as a boss or manager), can help you work toward a viable resolution to these situations. In most cases, user behavior changes as well as implementation of new technological solutions can curb exposure to risk and increase security policy compliance.