Worldwide Locations
177 Results Found
For several years, most news articles about a computer, network, or Internet-based compromise have mentioned the phrase "zero day exploit" or "zero day attack," but rarely do these articles define what this is. A zero day exploit is any attack that was previously unknown to the target or security experts in general. Many believe that the term refers to attacks that were just released into the wild or developed by hackers in the current calendar day. This is generally not the case. The "zero day" component of the term refers to the lack of prior knowledge about the attack, highlighting the idea that the victim has zero day's notice of an attack. The main feature of a zero day attack is that since it is an unknown attack, there are no specific defenses or filters for it. Thus, a wide number of targets are vulnerable to the exploit.
The novel coronavirus has changed many aspects of life for millions of people globally, including where they work. With the increase in remote work, it is important for both individuals and companies to be aware of the added cybersecurity risks. Join us as Paula shares real world examples and tips on how we all can be better prepared.
For women in IT, advancing your career can be a challenge in itself. In the Global Knowledge 2019 IT Skills and Salary Report, only eight percent of senior- and executive-level IT professionals are women. We have pulled data from our research that sheds light on the job roles, skills, challenges, certifications and experience of women in tech who have progressed to the highest levels of an organization.
Does your company have a risk management program? In this hour-long webinar, cybersecurity expert and Global Knowledge instructor David Willson will explain why you should. In light of recent breaches at Target, Nieman Marcus, Michaels, Yahoo, and a growing list of others, we're learning that FBI Director Mueller was right when he said getting breached is not a matter of if, but when. While having a risk management program may not prevent a breach, it can certainly lower the risk of one, ensure compliance, and reduce or even eliminate your liability if a breach does occur, enabling you to recover quickly and to protect your reputation. Beyond explaining the importance of a risk management program, David will tell you how to implement one, including conducting a basic risk assessment, policies you'll need, and training your workforce.
Watch this recorded webinar as CompTIA’s chief technology evangelist and Global Knowledge’s federal sales director discuss how pentesting has morphed.
This year, CISSP-certified IT professionals have the third highest global salary ($116,573) and the 10th highest in North America ($123,815). This is nothing new—CISSP has ranked in the top 10 in the U.S. each year since 2015, even coming in first in 2018. CISSP is a top-paying certification year after year. But how has it remained so relevant and valuable?
I recently responded to a message on LinkedIn from a regular reader of this blog. He asked several questions which I will answer over the course of several posts. As part of his first question, he described a strategy report that his group is producing. The audience for this strategy report considers ITIL important to the future of their business, and so he must describe which ITIL processes his data center operations group works most closely with.
The technologies examined reduce operational expenses (OpEx), not capital expenses (CapEx) that has traditionally been the focus of virtualization. Many companies implemented virtualization with the goal of saving money in the form of fewer servers to buy with a side benefit of reducing the footprint of the servers and lowering the required power and cooling. Most of the savings were in capital, but do not expect the same with many of the technologies listed here, because some may even require some additional capital expenditures, at least for software, in order to save on the day-to-day operations of IT. The bigger cost in running an IT department is in the OpEx category anyway, so savings there are recurring.
One of the main weapons of organized crime on the Internet is the use of junk email, also called spam. Hackers use spam for a number of purposes such as selling counterfeit products (medicines, particularly) to steal your personal or financial information, or to infect your computer with spyware and malware. This malicious software can then hijack your computer and your Internet connection to help propagate itself.
vSphere 5.5 is now available with myriad small improvements such as a faster Web Client, LACP, Autoscale and higher configuration maximums. In addition, there are changes coming such as VSAN, which may be ground-breaking in regard to VM storage of the future. Since the release of vSphere 5.5, they have not yet announced a change to the blueprint for the test. That being the case, I will say, for now, that the VCP-510 test should remain unchanged as well. My goal here is not to reeducate you on everything that you need to know for the test; instead, it is to point out the few changes that might apply in your company or organization.
The Cisco UCS is truly a “unified” architecture that integrates three major datacenter technologies into a single, coherent system: Computing Network Storage Instead of being simply the next generation of blade servers, the Cisco UCS is an innovative architecture designed from scratch to be highly scalable, efficient, and powerful with one-third less infrastructure than traditional blade servers.
According to Cisco marketing, Dynamic Multipoint VPN (DMVPN) “will lower capital and operation expenses, simplifies branch communications, reduces deployment complexity, and improves business resiliency.” Okay. But what is it, really, and why should we care?
The bad guys just keep getting better! No matter how much patching and tweaking we do, the bad guys' constantly changing tactics and techniques continue harming our networks, stealing and damaging data, and just generally screw things up. What motivates someone to do such terrible things in the first place? How have these hackers changed and improved? What kinds of attacks are popular now and why? In this hour-long webinar, security expert, former hacker and Global Knowledge instructor Phillip D. Shade will provide insight into understanding the latest hacking techniques, what the current threat landscape looks like, and suggested countermeasures to mitigate threats. He will include specific examples of the current threat landscape, including data mining, social engineering cyber threat terminology, man-in-the- middle attacks and Denial of Service (DoS) attacks.
Networks are under attack as hackers try to access systems to compromise or steal sensitive data and information. Understand the threats posed by malware, ransomware and social engineering.
Driven by recent increases in cryptocurrency values, Cryptojacking is poised to be the center of conversation in 2018. It’s one of the latest innovations in hacking in which a victim’s computer is enlisted to mine cryptocurrency. Unlike ransomware, this attack steals processor cycles in an attempt to mine Monero and other currencies, typically without the user’s knowledge or consent. Watch this timely 1-hour webinar where we will discuss – A quick overview of cryptocurrencies. A walk-through of a typical attack. The economics of the attackers. Possible mitigation strategies to keep you and your organization safe. With miners trying to take advantage of the rising cryptocurrency industry, join us as we investigate this cyber-crime and learn how you can protect yourself and your organization. View our complete Cybersecurity curriculum for courses that help you build fundamental to advanced cybersecurity techniques, prepare for top industry-recognized certifications or master product-specific skills.
Cloud and virtualization technologies have spawned a whole ecosystem of applications. But like any powerful technology, they can be used for bad as well as good. This session reviews the top 10 most common mistakes made in cloud and virtualization security.
Cyber resilience is becoming a bigger issue for all organizations. But what does “good cyber resilience” look like? And how do you get there?
In the previous post, we discussed the need for VXLAN in the cloud along with the issues it solves. In this post, we will focus more on how VXLAN works.
One of the most important steps in mastering a new technology is learning the associated terminology or vocabulary. In the IT field, this can be a very challenging step, as much of the terminology is often used inconsistently. This white paper defines the terminology associated with IT virtualization. It is mainly vendor-agnostic, but it does provide some vendor-specific terms, product names, and feature names used by VMware, Citrix, and Microsoft.
In 2013, VMware announced VMware Virtual SAN (VSAN), which is VMware's native version of Software Defined Storage (SDS). It is simple, easy to setup and managed by user-defined policies. This paper explains VSAN, its basic requirements and how it works.
There are some common misconceptions on the part of some of my students as to how VPN sessions are established from either a remote location or remote user to the ASA firewall. In particular, a “gray area” seems to be when the attributes from the tunnel group are app...
Resource Pools are often misunderstood, disliked, and untrusted by vSphere Administrators. However, resource pools can be very useful tools for administrators who want to configure resource management without having to individually configure each VM. This leads to the administrator’s desire to explore the proper usage of resource pools.
This vSphere Essentials white paper will give you a basic understanding of some of the concerns or planning points to consider as you get ready to deploy vSphere in your organization. This is a glimpse into some of the essential things to consider for implementing vSphere. This will focus on some of the basics that vSphere administrators run into when installing the latest features and not realizing they still have some older versions implemented.
While the recent trend towards cloud computing might make it seem like virtualization is new, it has existed in some form for many decades.
Examine fifteen common myths surrounding virtualization, including many that prevent IT administrators (or their bosses) from getting the maximum value from virtualization. This paper is designed to be vendor-neutral; in other words, the basic concepts and advantages are the same whether you choose to use Citrix XenServer, VMware vSphere, Microsoft Hyper-V, or one of the many Linux-based solutions. We'll break the reasons into three broad categories (Cost/ROI, Performance, and Other), allowing you to focus in on a specific area if desired, or you can review the entire white paper for a broader view.
This article defines many of the most commonly used terms in the virtualization vocabulary.
Virtualization is an umbrella term that continues to evolve to include many different types that are used in many different ways in production environments. Originally virtualization was done by writing software and firmware code for physical equipment so that the physical equipment could run multiple jobs at once. With the success of VMware and its virtualization of x86 hardware, the term virtualization has grown to include not just virtualizing servers, but whole new areas of IT. This article is going to look at the origins of virtualization and how some of the historical development has spurred on today's virtualization. In addition, we will discuss different types of virtualization that are being utilized in the marketplace today and a listing of some of the leading vendors.
Many people believe that cloud computing requires server (or desktop) virtualization. But does it? We will look at using virtualization without cloud computing, cloud computing without virtualization, and then look at using both together. In each case, we'll look at where each deployment might be most useful, some use cases for it and some limitations.
While the last few years have brought about many great advances in IT and network technology security and risk management have a critical point. There is a host of new concerns the IT security manager must be concerned with, including social networking, mobile, cloud, and information sharing. This has unleashed a new wave of change and potential risk. Risk management is required to deal with these emerging technologies and should provide the rationale for all information security activities within the organization. You can think of risk management as the process of ensuring that the impact of threats and exploited vulnerabilities is within acceptable limits at an acceptable cost. Risk management requires the use of countermeasures. Countermeasures can include any process that serves to reduce threats or vulnerabilities.
Occasionally as I'm teaching a Cisco training class, I get an idea for a blog post and it happened again this week. The Securing Networks with ASA Fundamentals curriculum is mostly based on the Adaptive Security Device Manager (ASDM). While the class describes the us...
If you are upgrading to ESXi 5.1, there are some important facts that you should consider first. Upgrading involves many stages and processes that must be performed in a specific order. Many of these processes are one-way and do not provide a "back button." If you do not use care and consideration in your upgrade plan, you could possibly lose important data and configuration; and potentially even lose contact with your servers.
If you're running SharePoint 2010, learn how SharePoint 2013 is different and what you'll need to learn to deploy it effectively.
Join Microsoft SQL Server expert Brian Egler for an hour-long webinar covering the key features and updates in the upcoming release of Microsoft SQL Server 2014! You will get a thorough review, along with demonstrations, of how SQL Server 2014 provides substantial improvements in performance, manageability, and availability that will make your job easier.
There is a wide-range of services available in GCP ranging from Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS) to completely managed Software-as-a-Service (SaaS). In the first part of this series, we will discuss the available infrastructure components and how they provide a powerful and flexible foundation on which to build your applications.
A brief introduction to the basics of penetration testing.
The responsibility for securing organizational data has spread beyond the traditional IT professional. While there are more diverse security solutions, there are more diverse and sophisticated security threats. Security awareness and training is essential for everyone within an organization. Learn how Cisco has continued to evolve its security solutions and training.
The VMware NSX platform combines networking and security functionality directly in the hypervisor and it interoperable with a vast majority of VMware’s products. The platform provides a set of logical networking elements and services, using logical switching, routing, load balancing, VPN, firewall, etc. This product decouples network functionality from the physical devices.
VMware announced Horizon 7 in February and subsequently released the software updates. Horizon 7 provides a more streamlined, high-performance virtual desktop and application experience. New updates include features such as Instant Clones, Smart Policies, Blast Extreme and greater scalability with Cloud Pod Architecture. Let’s dig into the seven key features that Horizon 7 brings!
The Internet is not a safe place. We see that more than ever with the security breaches of businesses and individuals in the news on a daily basis. As Internet citizens, we need to take our protection into our own hands, as obviously most online services are not doing their best to protect us.
Many employees are not as well-versed in their company’s security policy as they should be. This may result in workers performing tasks that might seem innocent or benign on the surface, but which actually put the organization at risk of a security breach. Understanding what you are doing (as an employee) or what your users are doing (as a boss or manager), can help you work toward a viable resolution to these situations. In most cases, user behavior changes as well as implementation of new technological solutions can curb exposure to risk and increase security policy compliance.
Dell SonicWALL's CSSA (Certified SonicWALL Security Administrator) exam is an open book, online certification exam that certifies a student’s understanding of the SonicOS Unified Threat Management (UTM) operating system. The exam tests a student’s network security knowledge, and their ability to use the GUI menu structure for configuration of standard network security scenarios.
Microsoft SQL Server has evolved over the years as a scalable, robust database management system and is now competing in the VLDB (Very Large Database) space with Oracle and IBM. The market share for the product continues to grow, based on total cost of ownership and ease of use. This white paper outlines some of the important fundamentals of Microsoft SQL Server 2008 that every DBA should know.
Global Knowledge subject matter experts predict the top trends for 2020 in IT training, Microsoft, Cisco, AWS, cybersecurity and more.
Managers are in dire need of cybersecurity professionals with specific skills. If you’re looking to advance your career, or transfer into the cyber field, now is the time to get certified.
The Cyber Risk landscape is rapidly evolving leaving Cybersecurity professionals dazzled and lost in prioritizing their cybersecurity needs. Limited budget and low cyber resilience lead organizations in adopting re-active defensive measures. In this webinar, we will go through a methodological approach for assessing top cyber-risks a typical enterprise might encounter. And will address different scenarios for mitigating, transferring, or avoiding encountered risks.
These technology job roles are proven to be essential during a crisis as enterprises scramble to change strategies and meet goals. The skills demonstrated by IT professionals in these 10 positions can make the difference between business success and failure, especially during a recession.
Rather than looking back over the past year, organizations and individuals need to start assessing cybersecurity threats that lie ahead in the New Year. While there is always the chance for a new threat or risk to be unearthed this year, often the risks of the New Year are predicable from the trends of attacks from the previous year. However, other factors need to be considered as well, including new technologies, new software and applications, mobility, etc. Here are my predictions of the areas to watch for new security threats. When it comes to cybersecurity, we have a lot to look out for, take precautions against and be paranoid about.
Amazon Web Services (AWS) offers increased agility, developer productivity, pay-as-you-go pricing and overall cost savings. But you might wonder where to start, what pitfalls exist and how can you avoid them? How can you best save time and money? Learn what you need to know and where to start before launching an AWS-hosted service.
A major challenge of problem determination is dealing with unanticipated problems. It is much like detective work: finding clues, making educated guesses, verifying suspicions, and other considerations. An ideal strategy for problem prevention is to monitor the system regularly. Use the strategies outlined in this paper to minimize downtime and detective work so you can maximize performance.
National Cybersecurity Awareness Month has grown into a global effort, with both individuals and organizations taking part — and for good reason.
Attackers use a method called scanning before they attack a network. Often attackers use automated tools such as network/host scanners and war dialers to locate systems and attempt to discover vulnerabilities.
Once an attacker gains access to the target system, the attacker can choose to use both the system and its resources and further use the system as a launch pad to scan and exploit other systems, or he can keep a low profile and continue exploiting the system.
An attacker needs to destroy evidence of his presence and activities for several reasons like being able to maintain access and evade detection (and the resulting punishment). Erasing evidence of a compromise is a requirement for any attacker who wants to remain obscure and evade trace back. This usually starts with erasing the contaminated logins and any possible error messages that may have been generated from the attack process.
Use cases are an effective and widely used technique for eliciting software requirements. In this hour-long webinar, software development and process improvement expert Karl E. Wiegers will introduce you to a practical and straightforward use cases approach to requirements elicitation. You will learn how to focus on the goals that users have with a system, rather than emphasize system functionality.
From the largest to the smallest company, the inescapable truth is that with the click of a few keys or even a simple phone call, intruders can bypass all of your carefully constructed security. According to the Ponemon Institute's 2015 Cost of Data Breach Study, the average total cost of a data breach increased from $3.52 million to $3.79 million in 2014. While a number of major data breaches have made the news, often overlooked are the events and decisions that set the stage for the breach to occur. In this hour-long webinar, Global Knowledge instructor Phill Shade will walk through a number of key areas in which today's decisions set the stage for tomorrow's breach.
There’s a lot of pressure on IT decision-makers to fill the cybersecurity holes in their organization. The cyber skills shortage is palpable and growing. Cybersecurity is the most challenging IT hiring area in the world. Those of you expecting to hire your way out of your cyber skills gaps, we have some bad news for you—it’s not viable.
Change is the order of the day, and if anything, the pace of business and technology change is accelerating. The business and customers are looking to IT service providers to be more responsive, delivering more frequent service changes with higher quality-resulting in services that deliver more value to the business. In order to continue to be relevant and of high value, ITIL must continue to benefit from other complementary best-practices for IT. DevOps, an approach that encourages improved communication, collaboration, and teamwork across development and operations, can have a positive influence in improving ITIL processes across the service life-cycle.
Like it or not, Internet of Things (IoT) is upon us. There are a number of factors that will impact its adoption rate, and the inevitable privacy (or lack of) discussions will likely happen sooner than later. This is going to change the world as we know it, in many cases for the better. But we will need to keep an eye on the extent to which it invades our personal lives if it is going to be the positive force it has the potential to be.
The Information Technology (IT) profession is a pretty exciting place to be, right now. We’re seeing an unprecedented influx of new technologies and approaches, including AI, robotics, automation, and next-level networking. More importantly, today’s IT workers have become the guardians of identity and curators of information. Given the increased movement to remote working the IT community must be conscious their teams skillset in the midst of increasing and complex cybersecurity threats designed to hit organizations where it hurts...their people. If you’re curious about what it’s like to be part of the IT profession in quickly changing virtual world, then watch CompTIA’s Chief Technology Evangelist, Dr. James Stanger, to learn more. James discusses the pillars of IT that help create our (post)-modern world, and dispel a few myths about the cybersecurity profession. If you’re interested in learning more about the different cybersecurity pathways available to you, and how you can become a unique contributor to the cybersecurity profession, then we welcome you.
When it comes to developing new, innovative ways and tools for breaching security, the attackers never stay idle – and so shouldn’t we when it comes to counteracting! Through the past few years, their inventiveness caused substantial damage in the area of supply chain attacks. During this webinar, Paula will demonstrate techniques of using the supply chain method and show tactics used today by cyber-criminals that allow them to deliver it and what are the prevention mechanisms to avoid being attacked by the newest innovations! Bring some coffee before attending!
As IT departments struggle with skills gaps and businesses attempt to recovery economically from the COVID-19 pandemic, these 10 IT skills are essential to drive success. Job roles in these areas pay well, but decision-makers are struggling to find qualified candidates. If you’re looking to make an IT skills investment or start a new career path this year, these are the areas to consider.
You are a problem. You are a risk to your employer. The actions you take and the activities you perform at work, online, and even in your personal life put your employer at risk. You need to know how you are a security risk to the organization and what you can do to reduce or eliminate those risks. In this paper, I discuss ten common risky behaviors that typical workers engage in and what you can do to avoid being the weakest link in your company.
Technology is a wonderful thing, but it comes with a price: cybersecurity. Free Web browsers, social media sites and other digital services collect personal information like email addresses, phone numbers, place of employment, buying habits, mortgage data that is shared with advertisers. The availability of this information leaves us vulnerable to hackers. This white paper can help you learn more about what kind of personal data is typically collected, and how to secure your information online.
When we learn a concept for the first time, the newness of it tends to become embedded with the learning process. We remember the new idea's significance and forever after remember it as new. The initial impact of a discovery can prevent the concept from aging. At the same time, we realize how quickly technology advances. Is it time to evolve your expertise?
In the digital age, people and intellectual property have supplanted physical assets as the most important criteria for determining the value of an organization. It is the employees who develop the next big product or improve the practices, processes, services and internal culture that add significant value to an organization.
Learn how Docker makes it easy to update, test and debug software with this white paper and gain foundational knowledge about Dockerfile, Docker images and containers.
This white paper has three main goals. The first is to generate a better understanding of the cloud in both the business and IT communities. The second is to describe the major components of vCloud and the virtual datacenters they provide. The third is help businesses visualize and understand how vClouds could be beneficial in addressing their specific IT needs.
VMware vCloud Director fashions the provisioning of the software-defined datacenter layer to allow for a full virtual datacenter deployment within a short period of time. A vCloud consists of many layers and can quickly become a complex architecture. Before any deployment, requirements should be defined so that the vCloud can be designed to offer those services needed. It is imperative to understand the many components of vCloud, how each vCloud construct fits, which allocation models are available, and what network options can be chosen.
Increased interconnectivity via machine-to-machine (M2M) communications, the IoE, and smart systems holds profound implications for how business trends continue to evolve. In terms of M2M growth, key developments in security will be essential, from the design and manufacture of devices to more robust cloud security and ensuring the integrity of wireless data transmissions. Without these safeguards in place, organizations and industries that rely on M2M will continue to place themselves at risk.
In this webinar, the second of two based on our Cybersecurity Foundations course, you'll build on what you learned in the first of the series, Protecting Your Network with Authentication and Cryptography.
Your Microsoft SQL Server database often contains the most valuable information in your organization. Get tips for securing it properly and effectively in this free, information-packed webinar with Microsoft SQL Server expert Gidget Pryor. In just an hour, Gidget will demonstrate the layered security approach used by SQL Server. She will step you through the process and best practices of setting up logins, users, roles, schemas, and permissions, and she will review the security model changes that have taken place from SQL Server 2005 through SQL Server 2012. She will also review SQL Server 2012 training and certifications.
Risk is something we deal with on a daily basis. Living in New Jersey and having the occasional storm, I’ve recently performed my own risk assessment determining the value of certain assets and activities and made a decision on what I was willing to spend to reduce risk to what I perceived as an acceptable level. My management of risk was a rather simple case. Sure, in my revised business continuity plan for my home, I’ll make sure that I have more D cell batteries, have my garage door adjusted so it opens manually again, more food I can heat on a stove and that doesn’t rely on refrigeration, and finally I’ll consider a whole house gas generator that uses natural gas, which has always been available to power critical systems like the sump pump in my basement. What if, however, I was a really large business? One with lots of components and interdependencies that require a tight integration in order to succeed? How and where can a large volume of information necessary to management, business continuity, and disaster recovery be correlated and communicated to those individuals who, because of their roles and responsibilities, need to make the critical decisions regarding the management of risk?
Red Hat Taste of Training - JB348
Red Hat Taste of Training - JB248
Has your company implemented "reasonable security"? If so, you should be able to avoid lawsuits and fines after a breach. But what is "reasonable security," and is there a definition?
This webinar will discuss our Python offerings and how it is proving to be the language of Data Science, Artificial Intelligence and Deep Learning. View the slide deck>
In this webinar, the first of two based on our Cybersecurity Foundations course, you will examine the following topics: verifying users and what they can access, ways a user can be validated to computer and network resources, how cryptography is used to protect data, symmetric and asymmetric encryption and hashes.
Nowadays, you can read weekly articles about security attacks and stolen data. Even leading companies and organizations are victims of cybercrime. Attacks can include breaches at three levels: the physical level, which includes social engineering, system and network and applications (e.g., web and mobile). In this complimentary webinar, you will discover the benefits of using automated solutions to detect application vulnerabilities, provide steps to remediate them and avoid costly compliance violation.
The utility that many senior VMware administrators rely on to address performance and troubleshooting issues is the built-in utility called ESXTOP. The tool has been built in to the hypervisor, and can be used in both ESXi and the old ESX host. The first tool many VMware Administrators rely upon is esxtop, to check real-time performance on an ESXi host using a command-line tool such as ssh to start the esxtop CLI utility. This paper will introduce and demonstrate how to start and use esxtop, specifically looking at the CPU fields. In addition, we will cover information that can be used to help with performance issues of the CPU. The esxtop utility is an excellent tool to use when you want to observe an individual ESXi host's performance.
Pen testers beware. Whether you believe you know and understand all the potential legal issues, read on. First of all, a penetration test or “pen test” is a method that’s used to evaluate the security and/or vulnerabilities in a network. This test is normally conducted externally wherein the tester is attempting to hack a network or computer. Breaking into computers and networks is illegal under the Computer Fraud and Abuse Act (CFAA), and depending on your activities and other factors, other federal laws and state laws may be broken.