77 Results Found
Virtualization is a constantly evolving process, with new platforms introducing tools every day that are designed to make the process of moving to the cloud simpler.
While the recent trend towards cloud computing might make it seem like virtualization is new, it has existed in some form for many decades.
National Cybersecurity Awareness Month has grown into a global effort, with both individuals and organizations taking part — and for good reason.
Look back at the some of the highest paying IT certifications of 2020.
Despite an organization's best efforts to prevent downtime and avoid compromises, failures will still happen from time to time. “I am convinced that there are only two types of companies: those that have been hacked, and those that will be,” said Robert Mueller, former FBI Director, in a statement. “Even that is merging into one category: those that have been hacked and will be again.” So, what is your organization doing about it? How do you plan for failures and security breaches?
Many employees are not as well-versed in their company’s security policy as they should be. This may result in workers performing tasks that might seem innocent or benign on the surface, but which actually put the organization at risk of a security breach. Understanding what you are doing (as an employee) or what your users are doing (as a boss or manager), can help you work toward a viable resolution to these situations. In most cases, user behavior changes as well as implementation of new technological solutions can curb exposure to risk and increase security policy compliance.
The Internet is not a safe place. We see that more than ever with the security breaches of businesses and individuals in the news on a daily basis. As Internet citizens, we need to take our protection into our own hands, as obviously most online services are not doing their best to protect us.
It’s been about 10 years since public cloud offerings like AWS opened up the world of big data analytics. This post examines the top five most useful architectures used for big data stacks to learn the sweet spots of each.
This quick reference guide will highlight the various certification tracks to help you find your path through the EC-Council programs.
Gaining access is the most important phase of an attack in terms of potential damage, although attackers don’t always have to gain access to the system to cause damage. For instance, denial-of-service attacks can either exhaust resources or stop services from running on the target system.
Once an attacker gains access to the target system, the attacker can choose to use both the system and its resources and further use the system as a launch pad to scan and exploit other systems, or he can keep a low profile and continue exploiting the system.
ISACA’s role is to help those in the field of cybersecurity get greater utilization out of the people already in the fold. This means enabling IT professionals to take a leadership role and increase their depth of knowledge.
Attackers use a method called scanning before they attack a network. Often attackers use automated tools such as network/host scanners and war dialers to locate systems and attempt to discover vulnerabilities.
Here's an introduction to encryption. What is it? Why do we need it? It's a complicated area, so we're here to help get your started. You'll understand the general function of three categories of mathematical ciphers: Symmetric, Asymmetric and Hashing.
The 2021 revised and updated version CISSP (Certified Information System Security Practitioner) certification exam will be released on May 1, 2021. This new version of the popular CISSP exam will include a modest revision and re-organization of previously included topics, but will integrate a significant number of new topics.
Cybersecurity has matured into a complex and diverse set of functions. Each of these functional specializations represent different roles requiring different knowledge, skills, and abilities.
Here are five date points from the 2020 IT Skills and Salary Report that illustrate important trends in professional development, skills gaps, hiring and top-paying certifications.
There are several advantages to implementing a route-based VPN (a.k.a. tunnel interface VPN) instead of a site-to-site one. Learn more.
There’s a lot of pressure on IT decision-makers to fill the cybersecurity holes in their organization. The cyber skills shortage is palpable and growing. Cybersecurity is the most challenging IT hiring area in the world. Those of you expecting to hire your way out of your cyber skills gaps, we have some bad news for you—it’s not viable.
As IT departments struggle with skills gaps and businesses attempt to recovery economically from the COVID-19 pandemic, these 10 IT skills are essential to drive success. Job roles in these areas pay well, but decision-makers are struggling to find qualified candidates. If you’re looking to make an IT skills investment or start a new career path this year, these are the areas to consider.
These technology job roles are proven to be essential during a crisis as enterprises scramble to change strategies and meet goals. The skills demonstrated by IT professionals in these 10 positions can make the difference between business success and failure, especially during a recession.
While cybersecurity remains the most popular certification category in our IT Skills and Salary Report, foundational-level certifications highlight our list of the most popular IT certifications of 2020.
For women in IT, advancing your career can be a challenge in itself. In the Global Knowledge 2019 IT Skills and Salary Report, only eight percent of senior- and executive-level IT professionals are women. We have pulled data from our research that sheds light on the job roles, skills, challenges, certifications and experience of women in tech who have progressed to the highest levels of an organization.
According to the Global Knowledge IT Skills and Salary Report, women make up 16% of the tech workforce, and an even smaller percentage (8%) are at the senior or executive level. Here’s an overview of the most popular and most pursued certifications by women in tech.
If you’re looking to fortify your cloud expertise, there are a number of certifications to consider. We have compiled 10 cloud certifications that are sure to positively affect your career.
Global Knowledge subject matter experts predict the top trends for 2020 in IT training, Microsoft, Cisco, AWS, cybersecurity and more.
Managers are in dire need of cybersecurity professionals with specific skills. If you’re looking to advance your career, or transfer into the cyber field, now is the time to get certified.
Cybersecurity is a top technology investment area around the globe, with over half of our survey respondents saying it’s a priority. It’s no longer a niche skill—every IT professional needs some cybersecurity knowledge.
The value of IT certifications has grown considerably over the last decade. Examine the evolution of certification trends, see the top-paying certifications and learn how decision-makers are struggling to hire certified employees.
Looking ahead at new and emerging certifications provides insight into the areas deemed valuable in the IT industry. If you are an early adopter or in a position where you need to show that you have the bleeding-edge expertise of a technology, this list of recent and upcoming certifications is for you.
Google Cloud certifications had a breakout year according to the Global Knowledge 2019 IT Skills and Salary Report. GCP Cloud Architect is the top-paying IT certification in North America and Europe, the Middle East and Africa (EMEA), while Google Cloud salaries are 34% higher than the average for North America. As more IT departments adopt multi-cloud strategies, Google Cloud skills are increasing in popularity.
ISACA certifications are some of the most popular and highest-paying in the Global Knowledge 2019 IT Skills and Salary Report. Eleven percent of IT professionals in the United States and Canada are ISACA-certified, and their salaries are 12% above the North American average.
This year, CISSP-certified IT professionals have the third highest global salary ($116,573) and the 10th highest in North America ($123,815). This is nothing new—CISSP has ranked in the top 10 in the U.S. each year since 2015, even coming in first in 2018. CISSP is a top-paying certification year after year. But how has it remained so relevant and valuable?
There are two types of networks: those that have been hacked and those that will be. To defend against hacks, cyber professionals can benefit greatly from ethical hacking programs.
In 2019, Microsoft has thoughtfully adapted their curriculum to boost Azure skills adoption. And to further speed up Azure consumption, Global Knowledge has stepped in to support Microsoft’s evolution and their new strategy. We’re fighting change with change. And here’s how we did it.
Should an organization that is the victim of an intentional nefarious hacking activity resort to retaliation? It’s a question that has been gathering a lot of attention. Retaliating against bad actors might seem appealing, but what are the legal ramifications? In this article, find out if there is a legal precedent to "hacking back."
Cloud computing has risen from relative obscurity to the No. 1 tech area of interest in the world, according to the 2017 Global Knowledge IT Skills and Salary Report.
Cloud adoption continues to soar. In fact, worldwide Infrastructure-as-a-Service (IaaS) public cloud services grew by 29.5 percent in 2017, according to Gartner. If it’s not in a company’s current plans to utilize cloud technology, it most certainly will be (or should be) in the next couple of years.
Have you been afraid to implement PowerShell in your environment because of security fears? The reality of PowerShell security doesn’t always match the perception. When compared to other scripting languages, PowerShell is actually more secure by default.
Despite a growing awareness and preparation for distributed denial-of-service (DDoS) attacks, the overall arc of DDoS attacks is not weakening, but actually gaining more attention from the companies and personnel who have experienced these threats first-hand.
Behind various Google services lies the powerful Cloud AI, a neural net-based, machine learning technology that Google has perfected for use with services like image search and voice recognition. Here are five ways you could use Cloud AI to improve your business.
A longtime leader in data analytics, Google continues to earn their position by continually improving their data analytics offerings. Now, with Google Cloud Platform (GCP), you can capture, process, store, and analyze your data in one place, allowing you to change your focus from infrastructure to analytics that informs business decisions. However, you can also use GCP Big Data tools in combination with other cloud-native and open-source solutions to meet your needs. Below is an overview of GCP Big Data Tools and how you might utilize them to improve analytics.
Google takes security to a whole new level thanks to their years of experience as one of the most popular targets on the internet for would-be hackers and denial of service bots. This led Google to build a sophisticated security infrastructure the likes of which few companies or organizations can claim. Google approaches security holistically and involves everything from the physical data centers, to the data pipelines between them, down to the training of each employee that is responsible for managing the infrastructure.
Consider how many financial transactions are performed on the Internet everyday. Protecting all this data is of upmost importance. Cryptography can be defined as the process of concealing the contents of a message from all except those who know the key. Cryptography can be used for many purposes, but there are two types of cryptographic algorithms you need to understand, symmetric and asymmetric. Symmetric uses a single key, whereas asymmetric uses two keys. What else is required to have a good understanding of cryptography? It’s important to start with an understanding of how cryptography relates to the basic foundations of security: authentication, integrity, confidentiality, and non-repudiation.
Moving capabilities to a cloud provider such as Microsoft Azure is pretty straightforward. However, given the depth and breadth of service offerings provided by Azure, it’s easy to miss the product’s less obvious capabilities. If you're implementing a Microsoft Azure cloud platform, you'll want to consider these five services to save time, money, and your sanity.
If you’re looking for serious change, why not focus on your IT professional career? How much can you really learn from a five-point “Hack” list that speaks to everyone, yet no one? Not much. Too many articles rattle off a quick hit list. After reading this goal-setting guide you’ll be able to develop a game plan to bring successful change in your professional life.
Data center return on investment – which is measured by time to cost savings, time to revenue, time to break even, etc. – has proven more elusive than expected. But that doesn’t mean it isn’t attainable. To understand the genesis of the bad and ugly parts of data center ROI, we need to recognize the good parts and appreciate why so many companies are putting their faith in new and unfamiliar technologies.
You might already know what cloud computing is, and you might already be implementing it into your business, but are you able to have a conversation about it? The lingo surrounding this newer technology can be a bit, well, cloudy. Here are just some of the terms we keep hearing as cloud computing spreads from organization to organization.
There is a wide-range of services available in GCP ranging from Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS) to completely managed Software-as-a-Service (SaaS). In the first part of this series, we will discuss the available infrastructure components and how they provide a powerful and flexible foundation on which to build your applications.
As with all technologies transforming the way organizations operate, it’s expected that roles will also evolve. Cloud computing already has and will continue to change traditional IT roles and functions for years to come. We'll begin our overview of the transformation of cloud job roles with a look at some of the top cloud computing roles and responsibilities for architects, engineers and developers.
We spoke with Doug Cutting about his role with Cloudera and learned more about Big Data, training options for IT professionals interested in Big Data, and how Cloudera compares to Red Hat.
Having a breadth and depth of skills -- especially on new and emerging technologies -- can only weigh in your favor.
Get an insider’s take on 2017 cloud computing, DevOps, and Internet of Things (IoT) trends from an industry expert.
The VMware NSX platform combines networking and security functionality directly in the hypervisor and it interoperable with a vast majority of VMware’s products. The platform provides a set of logical networking elements and services, using logical switching, routing, load balancing, VPN, firewall, etc. This product decouples network functionality from the physical devices.
Projects are a social endeavor. Traditional project management approaches have shied away from the social advantages a more agile project environment brings. By nature, we are storytelling, pattern seeking and social people. We need colocation to shine truly in a project environment.
My most recent blog addressed whether PMP and CAPM boot camps are worth the time and effort. I concluded that for most exam writers, it really did make sense to buckle down and take advantage of all that a quality boot camp offers.
Accessing cloud-based resources, whether they be IaaS/PaaS/SaaS-based, is very convenient. With a browser and Internet connection, you are up and running. No driving to your work office, no need to log into the corporate network. Just open up your web browser and go. This convenience, however, comes with a security risk. All of your business work is conducted over an insecure communication network. Unlike your office network, where the network link between you and the data center is under corporate control and is physically secure, the cloud access link is over the Internet.
Business Continuity and Disaster Recovery (BC/DR) planning is the process of developing the plans, processes and procedures to respond to the range of incidents. We start with understanding the essential functions of an organization, called Business Impact Analysis (BIA). In life, we set the same priorities: protection of family and friends, shelter, food and water and other life-giving essentials.
One of the main weapons of organized crime on the Internet is the use of junk email, also called spam. Hackers use spam for a number of purposes such as selling counterfeit products (medicines, particularly) to steal your personal or financial information, or to infect your computer with spyware and malware. This malicious software can then hijack your computer and your Internet connection to help propagate itself.
Pen testers beware. Whether you believe you know and understand all the potential legal issues, read on. First of all, a penetration test or “pen test” is a method that’s used to evaluate the security and/or vulnerabilities in a network. This test is normally conducted externally wherein the tester is attempting to hack a network or computer. Breaking into computers and networks is illegal under the Computer Fraud and Abuse Act (CFAA), and depending on your activities and other factors, other federal laws and state laws may be broken.
Have you ever Googled yourself to see how much of your personal information is online? In many cases it can be pretty scary and include things like your home address, phone number, likes, dislikes, etc. One young man searched for himself and found all of his banking information online. In that case it turned out to be a mistake by a bank employee, exposing the banking information of 86,000 customers.
According to Cisco marketing, Dynamic Multipoint VPN (DMVPN) “will lower capital and operation expenses, simplifies branch communications, reduces deployment complexity, and improves business resiliency.” Okay. But what is it, really, and why should we care?
Constant change in the technology landscape has been mirrored by the steady evolution of information security. The current information system environment is increasingly complex, comprising storage, servers, LANs/WANs, workstations, Unified Communications, Intranet, and Internet connections.
Dell SonicWALL's CSSA (Certified SonicWALL Security Administrator) exam is an open book, online certification exam that certifies a student’s understanding of the SonicOS Unified Threat Management (UTM) operating system. The exam tests a student’s network security knowledge, and their ability to use the GUI menu structure for configuration of standard network security scenarios.
While the last few years have brought about many great advances in IT and network technology security and risk management have a critical point. There is a host of new concerns the IT security manager must be concerned with, including social networking, mobile, cloud, and information sharing. This has unleashed a new wave of change and potential risk. Risk management is required to deal with these emerging technologies and should provide the rationale for all information security activities within the organization. You can think of risk management as the process of ensuring that the impact of threats and exploited vulnerabilities is within acceptable limits at an acceptable cost. Risk management requires the use of countermeasures. Countermeasures can include any process that serves to reduce threats or vulnerabilities.
One of the many useful features of tunneling is to carry non-IP traffic across an IP network, and this is still the case when dealing with IPv6 traffic. This transition mechanism makes use of a configured tunnel to transport IPv6 over a native IPv4 network, which may consist of two sites or more. Unlike the previous transition mechanisms, tunneling is not monolithic; while the basic principles may be similar, the operations are different. The following chart gives a breakdown of the current, major tunneling types in use, particularly in a Cisco environment:
Risk is something we deal with on a daily basis. Living in New Jersey and having the occasional storm, I’ve recently performed my own risk assessment determining the value of certain assets and activities and made a decision on what I was willing to spend to reduce risk to what I perceived as an acceptable level. My management of risk was a rather simple case. Sure, in my revised business continuity plan for my home, I’ll make sure that I have more D cell batteries, have my garage door adjusted so it opens manually again, more food I can heat on a stove and that doesn’t rely on refrigeration, and finally I’ll consider a whole house gas generator that uses natural gas, which has always been available to power critical systems like the sump pump in my basement. What if, however, I was a really large business? One with lots of components and interdependencies that require a tight integration in order to succeed? How and where can a large volume of information necessary to management, business continuity, and disaster recovery be correlated and communicated to those individuals who, because of their roles and responsibilities, need to make the critical decisions regarding the management of risk?
An attacker needs to destroy evidence of his presence and activities for several reasons like being able to maintain access and evade detection (and the resulting punishment). Erasing evidence of a compromise is a requirement for any attacker who wants to remain obscure and evade trace back. This usually starts with erasing the contaminated logins and any possible error messages that may have been generated from the attack process.
In the fourth of his five-part series, Eric Strause explores the hardware and application benefits inherent in a cloud-based architecture.
I attended a meeting this week with a customer of mine and a potential new vendor. The new vendor was there to pitch his configuration and setup service offerings for a specific ITSM toolset. My customer has already had one bad experience with an ITSM tool configuration vendor who promised one thing and delivered much less. He ended up with a tool that’s minimally used and not configured to match his business needs. He’s looking for a vendor that can understand his business needs and priorities and quickly help him get his tool configured and working in a short time frame. Then the topic of standard changes came up. My customer asked for examples of standard changes. The vendor responded, “Server reboots are an example of standard changes.”
As any network administrator will tell you, the ASA Security appliance (as well as its forerunner, the PIX) are capable of generating massive amounts of log messages, especially when the firewall/security appliance is set to log messages at debug level to the syslog...
A feature common to IPSec Virtual Private Network implementations throughout the Cisco product line is Perfect Forward Secrecy (PFS). This optional additional component is now a default supplied configuration setting with the Adaptive Security Device Manager (ASDM) I...
Occasionally as I'm teaching a Cisco training class, I get an idea for a blog post and it happened again this week. The Securing Networks with ASA Fundamentals curriculum is mostly based on the Adaptive Security Device Manager (ASDM). While the class describes the us...
The subject of this week’s post was actually prompted by a question from a former colleague. Soon after the PIX Firewall added support for IPSec Virtual Private Networks, a command was added to the command-line, sysopt connection permit-ipsec. This command was subse...
I recently was presented with the challenge of logging ALL of the pertinent connection, disconnection, and termination messages associated with the Cisco SSL AnyConnect client without overwhelming the syslog capture display with extraneous messages. This blog will br...
There are some common misconceptions on the part of some of my students as to how VPN sessions are established from either a remote location or remote user to the ASA firewall. In particular, a “gray area” seems to be when the attributes from the tunnel group are app...
ASA and PIX software version 7.0 introduced the configuration command nat-control which didn’t exist in previous versions of code. Although training course material for both the SNAF (Securing Networks with ASA Fundamentals) and SNAA (Securing Networks with ASA Advan...