Resource Library

Whether you are operating a home system, overseeing a small startup, or performing security governance for an enterprise, everyone can benefit from paying attention to security. This white paper provides a list of 10 security tools and tests that will help you check out suspicious issues and keep ahead of new risks and threats.

The flexibility, reduced cost, and mobility of cloud computing have made the concept a hot topic. Before implementing this method of computing, however, it is important to consider the security of the "cloud." In this white paper, you will learn some of the risks and benefits of cloud computing to be sure it is the right solution for you.

The flexibility, reduced cost, and mobility of cloud computing have made the concept a hot topic. Before implementing this method of computing, however, it is important to consider the security of the "cloud." During this webinar, we will help you understand some of the risks and benefits of cloud computing so you can decide if it is the right solution for you.

Security is complicated, which has led to the many misconceptions and misunderstandings about security. By paying attention to these 10 concerns that security experts want you to know, you can gain knowledge and understanding about security and be securer both at work and in your personal life.

The cloud revolution is truly a revolution - the way we work, learn and even play is very different now than it was just 10 or 15 years and will probably be a lot more different in 10 or 15 years. With this in mind, let's look at 10 ways the cloud will (and to a large degree already has) changed the world.

Many security breaches over the last year have taught us new lessons (or clarified ones we should have already learned). This paper reviews these key issues and focuses attention on 10 responses that we all need to adopt in our approach to security in 2015.

Private networks are under constant threat of attack, even when steps have been taken to "secure" them. The large volume of malicious codes, and their ability to evolve and adapt, requires security professionals and common computer/internet users alike to be mindful of their actions and constantly play defense. This white paper focuses on 10 common ways that malicious code can penetrate a network. Knowledge of these methods and the ability to recognize them are the first steps in preventing them from succeeding in harming your network.

Having a breadth and depth of skills -- especially on new and emerging technologies -- can only weigh in your favor.

IT departments have multiple opportunities and challenges as a result of the Bring Your Own Device (BYOD) invasion. The most common opportunity is to reinforce enterprise network security from both the inside and the outside. Supporting BYOD also offers more monitoring and tracking of activities that provide a more detailed view of network traffic flow. Alternatively, it will be a challenge for some IT departments to give up control over which devices may access their enterprise network. Another challenge will be to have the users doing configurations for network access, which adds human error to a crucial part of the process. The opportunities and challenges BYOD represents are real. Enterprises must make their network infrastructure BYOD ready to meet the onslaught.

Which mainstay certifications should be in your list of credentials? What's the next up-and-coming certification? This article will help you answer both questions by providing a review of the 15 top-paying certifications.

Look back at the some of the highest paying IT certifications of 2020.

ISACA certifications are some of the most popular and highest-paying in the Global Knowledge 2019 IT Skills and Salary Report. Eleven percent of IT professionals in the United States and Canada are ISACA-certified, and their salaries are 12% above the North American average.

Here are five date points from the 2020 IT Skills and Salary Report that illustrate important trends in professional development, skills gaps, hiring and top-paying certifications.

Gaining access is the most important phase of an attack in terms of potential damage, although attackers don’t always have to gain access to the system to cause damage. For instance, denial-of-service attacks can either exhaust resources or stop services from running on the target system. 

Behind various Google services lies the powerful Cloud AI, a neural net-based, machine learning technology that Google has perfected for use with services like image search and voice recognition. Here are five ways you could use Cloud AI to improve your business.

Cybersecurity has matured into a complex and diverse set of functions. Each of these functional specializations represent different roles requiring different knowledge, skills, and abilities.

Virtualization is a constantly evolving process, with new platforms introducing tools every day that are designed to make the process of moving to the cloud simpler.

This Certification Prep Guide provides an overview of the current Google Certified Professional Cloud Architect certification and offers helpful tips that you can use when preparing for your GCP certification exam.

This Certification Prep Guide provides an overview of the current Google Certified Professional Cloud Architect certification and offers helpful tips that you can use when preparing for your GCP certification exam.

This Certification Prep Guide provides an overview of the current MCSE: Cloud Platform and Infrastructure certification and offers helpful tips that you can use when preparing for your MCSE certification exam.

This Certification Prep Guide provides an overview of the current AWS Certified Solutions Architect – Associate certification and offers helpful tips that you can use when preparing for your AWS Architect certification exam.

This Certification Prep Guide provides an overview of the current CompTIA Cloud+ certification and offers helpful tips that you can use when preparing for your CompTIA Cloud+ certification exam.

The National Institute of Standards and Technology (NIST) created a cloud definition that has been well-accepted across the IT industry. NIST was mandated to assist government agencies to adopt cloud computing for their IT operations. As part of their mandate, NIST created multiple working groups to define cloud computing, its architecture, and requirements. In this paper we explore the center core of NIST's cloud definition.

Here's an introduction to encryption. What is it? Why do we need it? It's a complicated area, so we're here to help get your started. You'll understand the general function of three categories of mathematical ciphers: Symmetric, Asymmetric and Hashing. 

There are several advantages to implementing a route-based VPN (a.k.a. tunnel interface VPN) instead of a site-to-site one. Learn more.

The subject of this week’s post was actually prompted by a question from a former colleague.  Soon after the PIX Firewall added support for IPSec Virtual Private Networks, a command was added to the command-line, sysopt connection permit-ipsec. This command was subse...

Getting a clear understanding of what Amazon Web Services (AWS) is and how it can help your business can be a daunting task. The depth and breadth of AWS is significant, comprising over 100 services in dozens of data centers located in 16 Regions throughout the globe (with five more in the works). They offer computing, storage, networking, deployment, management, and a host of "supporting" services like queues, serverless functions, and e-mail. There's a great chance that AWS has more than a few products to help you work faster, smarter, and more cost effectively. So, where should you start?

Amazon Web Services: An OverviewThere's a really good chance that Amazon Web Services (AWS) has more than a few products to help you work faster, smarter, and more cost effectively. After all, the depth and breadth of AWS is significant, comprising more than 30 services in dozens of data centers located in nine regions across the globe. They offer computing, storage, networking, deployment, management, and a host of supporting services, such as queues and email services. Getting a clear understanding of what AWS is and how it can help your business can be challenging. Never fear. In this hour-long webinar, Global Knowledge instructor and cloud and big data analyst Rich Morrow will help. He'll give an overview of AWS and its many benefits.

With Forrester Research declaring "Waterfall processes have become obstacles to speed, quality and predictability," and more than 85% of CIO's surveyed by CIO Magazine using or planning to pursue Agile practices in 2014, this one-hour webinar will explore the basics of Agile and why so many organizations are adopting Agile methods.

Amazon Redshift opens up enterprise data warehouse (EDW) capabilities to even the smallest of businesses, yet its costs, security, and flexibility also make it appealing to the largest of enterprises. It allows companies to easily and conveniently scale their EDW needs both up and down, and as a managed service, it allows your team to offload all of the "undifferentiated heavy lifting" of building and maintaining an EDW. Its raw storage costs are about one-fifth to one-tenth of traditional in-house EDW, and AWS has taken great care to ensure its performance is still competitive with those in-house solutions. Before deciding to use Amazon Redshift, however, it's important to understand what it is and is not.

AWS is an incredibly rich ecosystem of services and tools, some of which have security aspects baked in (like S3 SSE), and others that provide overarching security capabilities (like IAM and VPC) that apply to many services. With regard to data storage, operating system, and applications, security functions largely the same in the cloud or on-premises software. Customers can and should continue to follow best practices that have served them well in their own data centers.

The Global Knowledge IT Skills and Salary Report is a window into the inner workings of IT departments, revealing insights and opinions held by professionals around the world. For 10 years, we have surveyed over 120,000 men and women in IT about the state of the industry. With a decade of data at our fingertips, we analyzed 10 years’ worth of reports and noticed four major trending areas: certifications, salaries, cloud computing and cybersecurity. 

I recently was presented with the challenge of logging ALL of the pertinent connection, disconnection, and termination messages associated with the Cisco SSL AnyConnect client without overwhelming the syslog capture display with extraneous messages. This blog will br...

Constant change in the technology landscape has been mirrored by the steady evolution of information security. The current information system environment is increasingly complex, comprising storage, servers, LANs/WANs, workstations, Unified Communications, Intranet, and Internet connections.

With Microsoft SQL Server 2016, you can distribute your data to the cloud using the Stretch Database feature to improve local access while allowing cloud access to large amounts of historical data. You can also provide transparent end-to-end security using Always Encrypted technology and track changes automatically through temporal data. Download this white paper to learn why these features and more make SQL Server 2016 Microsoft's most important release to date.

I attended a meeting this week with a customer of mine and a potential new vendor. The new vendor was there to pitch his configuration and setup service offerings for a specific ITSM toolset. My customer has already had one bad experience with an ITSM tool configuration vendor who promised one thing and delivered much less. He ended up with a tool that’s minimally used and not configured to match his business needs. He’s looking for a vendor that can understand his business needs and priorities and quickly help him get his tool configured and working in a short time frame. Then the topic of standard changes came up. My customer asked for examples of standard changes. The vendor responded, “Server reboots are an example of standard changes.”

As any network administrator will tell you, the ASA Security appliance (as well as its forerunner, the PIX) are capable of generating massive amounts of log messages, especially when the firewall/security appliance is set to log messages at debug level to the syslog...

You’ll be hearing a lot about AWS in Canada in 2017 as Canadian organizations are evaluating their options for moving to the cloud. Now is the time to get up to speed and find out what you and your organization need to know.

This white paper explores the native AWS storage solutions, enabling you to deliver applications in the cloud in the most efficient, cost-effective, and secure manner. In terms of storage, it's important to understand the characteristics of each AWS storage option so that you can implement one or more AWS storage services to meet your needs. Often, you'll find that utilizing multiple storage options together will give you the best outcomes.

Understand how password length and complexity can make your passwords easy to guess or virtually impossible to bypass.

In the fourth of his five-part series, Eric Strause explores the hardware and application benefits inherent in a cloud-based architecture.

Projects are a social endeavor. Traditional project management approaches have shied away from the social advantages a more agile project environment brings. By nature, we are storytelling, pattern seeking and social people. We need colocation to shine truly in a project environment.

Despite advances in security, hackers continue to break through network defenses. In this hour-long webinar, network security specialist Catherine Paquet will examine the favorite methods and targets of hackers and will introduce you to the different categories of security technologies. In this foundational presentation, you will learn about the benefits of security solutions such as firewalls, VPNs, IPS, identity services and BYOD.

Business Continuity and Disaster Recovery (BC/DR) planning is the process of developing the plans, processes and procedures to respond to the range of incidents. We start with understanding the essential functions of an organization, called Business Impact Analysis (BIA). In life, we set the same priorities: protection of family and friends, shelter, food and water and other life-giving essentials.

Agile is a set of principles requiring a significant cultural shift, new paradigms in thinking and team organization. Over the years, Agile has become "productized" or in many cases "institutionalized", creating different flavours and levels of commitment among teams and organizations. Along the way, managers and team members have lost sight of Agile's principles and tried to enforce the use of certain tools and structure where they may not belong. In this one hour webinar, Perry McLeod will explain how tools such as use cases can be successful in an agile environment, provided the principles of agile are always active in the minds of the managers and the team members that are using them. Join Perry to determine whether or not making the cultural shift towards the use case method in an agile environment is the right move for you and your organization.

The value of IT certifications has grown considerably over the last decade. Examine the evolution of certification trends, see the top-paying certifications and learn how decision-makers are struggling to hire certified employees.

Global Knowledge practice director for cloud solutions, Hank Marquis, explains the people, process, and technology aspects of cloud computing.

In this informative, hour-long webinar, Global Knowledge instructor Debbie Dahlin will explore an abundance of important cloud computing security issues. She will help you gain insight into the key cloud security issues of maintaining the confidentiality, integrity, and availability of corporate information and applications.

The definition of cloud computing depends largely on whether you are a consumer or producer. The public cloud is geared more for the individual consumer or small company, while the private cloud is geared more for a medium-to-large company. In addition, the private cloud is branching out to incorporate the ability to have some data and applications serviced from the public cloud. This white paper examines the different types of cloud computing and shows what cloud computing can offer you.

Cloud computing has risen from relative obscurity to the No. 1 tech area of interest in the world, according to the 2017 Global Knowledge IT Skills and Salary Report.

Get an insider’s take on 2017 cloud computing, DevOps, and Internet of Things (IoT) trends from an industry expert.

Despite an organization's best efforts to prevent downtime and avoid compromises, failures will still happen from time to time. “I am convinced that there are only two types of companies: those that have been hacked, and those that will be,” said Robert Mueller, former FBI Director, in a statement. “Even that is merging into one category: those that have been hacked and will be again.” So, what is your organization doing about it? How do you plan for failures and security breaches?

Consider how many financial transactions are performed on the Internet everyday. Protecting all this data is of upmost importance. Cryptography can be defined as the process of concealing the contents of a message from all except those who know the key. Cryptography can be used for many purposes, but there are two types of cryptographic algorithms you need to understand, symmetric and asymmetric. Symmetric uses a single key, whereas asymmetric uses two keys. What else is required to have a good understanding of cryptography? It’s important to start with an understanding of how cryptography relates to the basic foundations of security: authentication, integrity, confidentiality, and non-repudiation.

Course director Jim Thomas explains how our custom labs, which utilize external hosts, ISR routers, and DMZ, provide a real-world environment for students.

Discover the ways in which cybercrime occurs in three realms: individual, business, and governmental. Learn what you can do to protect yourself and your organization.

Expert Hesham Mahmoud discusses the importance of cybersecurity, how to secure your IT infrastructure and detect the latest vulnerabilities and threats your organization might encounter. This webinar will cover the latest cybersecurity trends and how to react to data breaches. View the slide deck>

You have spent money on software and hardware, implemented best practices, and believe you are secure, right? You may have overlooked the weakest link: your employee. Many breaches occur as a result of an employee mistakenly clicking on a link or visiting a site that allows a virus to be unknowingly downloaded, giving hackers access to your network. Today, a well-trained workforce is a necessity and may even be your most important cybersecurity tool. In this webinar, security expert David Willson will discuss how many breaches have occurred and are occurring, the tools and techniques hackers use to trick employees into clicking on links or opening attachments, and how to prevent such behavior.

This video focuses on the roles and responsibilities of cybersecurity architecture and policy job functions at successful cybersecurity organizations.  

This video focuses on the roles and responsibilities of cybersecurity data loss prevention engineers at successful cybersecurity organizations.  

This video focuses on the roles and responsibilities of governance, risk, and compliance job functions at successful cybersecurity organizations.  

This video focuses on the roles and responsibilities of identity and access management job functions at successful cybersecurity organizations.  

This video focuses on the roles and responsibilities of incident response and forensic analysis job functions at successful cybersecurity organizations. 

This video focuses on the roles and responsibilities of penetration testing job functions at successful cybersecurity organizations.  

This video focuses on the roles and responsibilities of secure devops and devsecops job functions at successful cybersecurity organizations. 

This video focuses on the roles and responsibilities of secure software development job functions at successful cybersecurity organizations.

As an IT professional you deal day in and day out with securing operating systems, patching software, installing and configuring firewall and routers But what about the physical infrastructure? Do you understand how simple techniques can allow theft of your company resources? In this session we will discuss how to reduce the possibility of loss of data and equipment. Physical security may not be part of your job but you should be aware and having discussions with the personnel who are responsible. Or does Physical Security become one of your job responsibilities? Come to this session and learn about one of the most important and yet least thought about areas of security by IT professionals.

This cybersecurity white paper explores the origins and motivations of cyberwarfare, and provides actions you can take in response.

Experts agree that as long as there is data, there will be people trying to steal it. For every defense mechanism put in place, there is someone who will find a way to get around it. Constant vigilance, education of the workforce, and management support are all necessary to implement effective security policies. While a well-trained IT staff is key to protecting data, all employees must understand the importance of protecting company assets, including data.

A mobile phone is just like a small computer, that can be hacked.  Learn basic mobile phone security practices to lock down this potential entry point to your corporate systems.

Data center return on investment – which is measured by time to cost savings, time to revenue, time to break even, etc. – has proven more elusive than expected. But that doesn’t mean it isn’t attainable. To understand the genesis of the bad and ugly parts of data center ROI, we need to recognize the good parts and appreciate why so many companies are putting their faith in new and unfamiliar technologies.

Despite a growing awareness and preparation for distributed denial-of-service (DDoS) attacks, the overall arc of DDoS attacks is not weakening, but actually gaining more attention from the companies and personnel who have experienced these threats first-hand.

The world of Incident Response is evolving. No longer do we focus on indicators of compromise; we now focus on attacker behavior. MITRE has turned attacker behaviors into a usable framework shared both on their website and on GitHub. MITRE provides the MITRE ATT&CK Navigator on GitHub which includes a complete mapping of all techniques and sub-techniques to help you understand the attacker’s behavior. The Navigator can be leveraged to optimize Incident Response, evolving your team from responsive to predictive response.

Cloud computing enables development teams to get applications into production faster. IT Service Management (ITSM) leaders must adopt new strategies and change existing processes or risk becoming a barrier to success. Cloud computing requires DevOps-the blending of development and operations with the goal of accelerating time-to-market and reducing time-to-value. The good news is that ITIL® is uniquely positioned to accelerate DevOps, but it requires changes to existing ITSM processes.

A Dynamic Multipoint Virtual Private Network (DMVPN) can be used with other networks like Multiprotocol Label Switching (MPLS), but streaming multicast is accomplished quite well using "Default" and "Data" Multicast Distribution Trees (MDTs) with MPLS.

This quick reference guide will highlight the various certification tracks to help you find your path through the EC-Council programs.

There are two types of networks: those that have been hacked and those that will be. To defend against hacks, cyber professionals can benefit greatly from ethical hacking programs.

The 2021 revised and updated version CISSP (Certified Information System Security Practitioner) certification exam will be released on May 1, 2021. This new version of the popular CISSP exam will include a modest revision and re-organization of previously included topics, but will integrate a significant number of new topics.

A feature common to IPSec Virtual Private Network implementations throughout the Cisco product line is Perfect Forward Secrecy (PFS). This optional additional component is now a default supplied configuration setting with the Adaptive Security Device Manager (ASDM) I...

Global Knowledge instructor Doug Notini discusses the benefits of our FIREWALL 2.0 - Deploying Cisco ASA Firewall Solutions course.

Mobile payment systems have solid promise to become the dominant means of financial transactions, but there are some hurdles to overcome. Apple Pay might be the dominant force today, but Google Wallet and others are not far behind. The year 2014 was when digital and mobile payment systems became known to a wide range of the general population, while only techno-enthusiasts were aware of the options in the four to five years prior. Thus, mobile payment systems are not new, but customers and merchants are quickly adopting them now that they have become popular. It still remains your responsibility to thoroughly research any mobile payment option before implementing it. It is your money and you have the burden of ensuring that it has the best protection possible.