Category: Featured
Jul 13th
7 Steps to Implement & Improve Cybersecurity with NIST
The NIST CSF provides a 7-step approach for the implementation and improvement of their cybersecurity posture utilizing the NIST CSF.
The 7-steps include:
Step 1
Prioritize and Scope. The organization identifies its business/mission objectives and high-level organizational priorities.
Step 2
Orient. The organization identifies related systems and assets, regulatory requirements, and overall risk approach and then identifies threats to, and vulnerabilities of, those systems and assets.
Step 3
Create a Current Profile. The organization develops a Current Profile by indicating which Category and Subcategory outcomes from the Framework Core are currently being achieved.
Step 4
Conduct a Risk Assessment. The organization analyzes the operational environment in order to discern the likelihood of a cybersecurity event and the impact that the event could have on the organization.
Step 5
Create a Target Profile. The organization creates a Target Profile that focuses on the assessment of the Framework Categories and Subcategories describing the organization’s desired cybersecurity outcomes.
Step 6
Determine, Analyze, and Prioritize Gaps. The organization compares the Current Profile and the Target Profile to determine gaps. Next, it creates a prioritized action plan to address those gaps that draw upon mission drivers, a cost/benefit analysis, and understanding of risk to achieve the outcomes in the Target Profile.
Step 7
Implement Action Plan. The organization determines which actions to take in regards to the gaps, if any, identified in the previous step.
Jul 6th
In-Depth Integrations with Jenkins and DevOps Tools
DevOps is the combination of cultural philosophies, practices, and tools that increase an organization’s ability to deliver applications and services at high velocity. Under a DevOps model, a development and operations teams are no longer “siloed”. Quality assurance team also becomes more tightly integrated with development and operations and throughout the application lifecycle. This course covers the DevOps principles and tools required for end-to-end implementation of DevOps.
This course will also provide students with an understanding of the Apache Maven build process, the principles of continuous integration, and the knowledge of how to implement continuous integration with automated test execution using Jenkins, Maven, and the Sonatype Nexus OSS repository manager. Students will use a local copy of Jenkins and create and run Maven jobs, link to a version control system, run automated testing and generate development reports, and configure the system to log build reports and generated artifacts to a Nexus repository.
Jenkins is an award-winning application that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Among those things, current Jenkins focuses on the following two jobs:
• Building/testing software projects continuously. Jenkins provides an easy-to-use so-called continuous integration system, making it easier for developers to integrate changes to the project, and making it easier for users to obtain a fresh build. The automated, continuous build increases development productivity.
• Monitoring executions of externally-run jobs, such as cron jobs and procmail jobs, even those that are run on a remote machine. For example, with cron, all you receive is regular e-mails that capture the output, and it is up to you to look at them diligently and notice when it broke. Jenkins keeps those outputs and makes it easy for you to notice when something is wrong.
Finally, this training course introduces the core DevOps concepts and principles as well as the ways to stand up the DevOps practice in your organization. Upon completion of this training course, students will have a fundamental understanding of DevOps’ value proposition; they will also gain practical experience working with select DevOps tools, including Puppet, Jenkins, and others. This training course is supplemented by hands-on labs that help attendees reinforce their theoretical knowledge of the learned material.
To learn more about this training click HERE
To register for this training click HERE
Jun 29th
Getting ready to use SCCM? We can help
Learn how to use Configuration Manager and its associated site systems to efficiently manage network resources. In this five-day course, you will learn day-to-day management tasks, including how to manage applications, client health, hardware and software inventory, operating system deployment, and software updates by using Configuration Manager. You also will learn how to optimize System Center Endpoint Protection, manage compliance, and create management queries and reports. Additionally, this course, in conjunction with Microsoft Official Course M-20703-2: Integrating MDM and Cloud Services with System Center Configuration Manager, helps certification candidates prepare for Exam 70-703: Administering System Center Configuration Manager and Cloud Services Integration.
After completing this course, students will be able to:
- Describe the features Configuration Manager and Intune include, and explain how you can use these features to manage PCs and mobile devices in an enterprise environment.
- Analyze data by using queries and reports.
- Prepare a management infrastructure, including configuring boundaries, boundary groups, and resource discovery, and integrating mobile-device management with Microsoft Exchange Server.
- Deploy and manage the Configuration Manager client.
- Configure, manage, and monitor hardware and software inventory, and use Asset Intelligence and software metering.
- Identify and configure the most appropriate method to distribute and manage content used for deployments.
- Distribute, deploy, and monitor applications for managed users and systems.
- Maintain software updates for PCs that Configuration Manager manages.
- Implement Endpoint Protection for managed PCs.
- Manage configuration items, baselines, and profiles to assess and configure compliance settings and data access for users and devices.
- Configure an operating-system deployment strategy by using Configuration Manager.
- Manage and maintain a Configuration Manager site.
Join us for this training starting on Monday, August 6, 2018.
To learn more about this class click HERE.
To sign up for class click HERE.
Jun 25th
Learn Automating Administration with PowerShell
Learn Automating Administration With PowerShell
This course provides students with the fundamental knowledge and skills to use Windows PowerShell for administering and automating administration of Windows servers. This course provides students the skills to identify and build the command they require to perform a specific task. In addition, students learn how to build scripts to accomplish advanced tasks such as automating repetitive tasks and generating reports. This course provides prerequisite skills supporting a broad range of Microsoft products, including Windows Server, Windows Client, Microsoft Exchange Server, Microsoft SharePoint Server, Microsoft SQL Server, System Center, and more. In keeping with that goal, this course will not focus on any one of those products, although Windows Server, which is the common platform for all of those products, will serve as the example for the techniques this course teaches.
After completing this course, students will be able to:
- Describe the functionality of Windows PowerShell and use it to run and find basic commands.
- Identify and run cmdlets for server administration.
- Work with Windows PowerShell pipeline.
- Describe the techniques Windows PowerShell pipeline uses.
- Use PSProviders and PSDrives to work with other forms of storage.
- Query system information by using WMI and CIM.
- Work with variables, arrays, and hash tables.
- Write basic scripts in Windows PowerShell.
- Write advanced scripts in Windows PowerShell.
- Administer remote computers.
- Use background jobs and scheduled jobs.
- Use advanced Windows PowerShell techniques.
Join us for PowerShell training starting on Monday, July 23, 2018.
Learn more about class HERE
Register for class HERE
Jun 20th
DevOps Vocabulary
DevOps Vocabulary
DevOps
(development and operations) – a software development phrase used to describe a type of agile relationship between Development and IT Operations. The goal of DevOps is to improve communication, collaboration, and processes between the various roles in the software development cycle, in order to improve and speed up software delivery.
Silo
The antithesis of DevOps: these are artificial barriers created that have the potential to hamper collaboration within your business.
Release
What does this term mean to different teams and how do you come to one definition across the organization?
Transparency
Requires cross-team communication
Automation
Any task that could be done more than once should be automated
Measurement
Anything worth doing needs to be measured, monitored, and analyzed for success or failure.
Notification
Tell people when it goes right and tells even more people if it goes wrong.
Leadership
DevOps line any organizational initiative needs buy-in from the top and grass-roots support.
Microservices
An architectural style characterized by product focus, automated release, intelligent endpoints, and distributed governance and control.
Want to learn more about DevOps? Train with us:
BSP-2464: In-Depth: Integration with Jenkins and DevOps Tools
Jun 15th
Why DevOps?
Why DevOps?
To answer this question, we must first identify WHAT is DevOps?
So, what is DevOps?
DevOps is a combination of people, process, tools, vendors, and partners.
DevOps is AGILITY, RELIABILITY, SCALABILITY, SUSTAINABILITY, and REPRODUCIBILITY.
It focuses on the following:
- Knowledge sharing
- Automation
- Collaborative culture
- Time to market & value
DevOps is also an organizational culture for application development and maintenance success. It encompasses technology and process. It encourages transparency and candid communication between software developers and IT operations and administration to increase the agility with which applications are delivered.
By automating, monitoring, and measuring the production of code through develop, release, test, and maintenance, the process becomes more sustainable, scalable, and repeatable.
Optimally, all manual tasks are eliminated reducing the potential for human error and making delivery and roll-back less error prone.
Why DevOps?
Rapidly deliver reliable, scalable micro and macro services that are critical for the business time to market and value.
Brings teams together
Technical benefits include:
- Continuous delivery
- Reduction in component complexity
- Agility in problem resolution
Business benefits include:
- Agility in the delivery of business benefit
- Increased stability
- More focus on competitive advantage, rather than “keeping the lights on”.
Want to learn more about DevOps? Train with us:
BSP-2464: In-Depth: Integration with Jenkins and DevOps Tools
May 11th
Select Upcoming Courses – by date
Below you will find a number of courses scheduled between now and the end of June 2018. If you don’t see a course you are looking for please let us know info@babsim.com. (614) 481-4345
Week of 5/28 |
| Introduction to SQL Databases M-10985 |
If you don’t see a course you are looking for please let us know info@babsim.com. (614) 481-4345
May 7th
Select Upcoming Courses
Below you will find a number of courses scheduled between now and the end of June 2018. If you don’t see a course you are looking for please let us know info@babsim.com. (614) 481-4345
If you don’t see a course you are looking for please let us know info@babsim.com. (614) 481-4345
Apr 26th
NIST Cybersecurity Framework Training
Executives, managers, and IT staff all have a stake in Cybersecurity
In May of 2017, a Presidential Executive Order was signed that requires all Federal agencies to use the Framework that was created by the National Institute for Standards and Technology (NIST) to improve cybersecurity for critical infrastructure throughout the United States. It is a guide to analyze risk and to create, implement, monitor and continually improve a plan of action to increase cybersecurity.
The NIST Cyber Security Framework (NCSF) contains best practices and standards from both the private sector and government. It is applicable to organizations in any industry to address and manage cybersecurity risks in a cost-effective way based on business needs without placing additional regulatory requirements on businesses.
NIST CSF FOUNDATION COURSE
The NIST Cybersecurity Framework (NCSF) Foundation Certification Course outlines current cybersecurity challenges and explains how organizations that implement an NCSF program can mitigate these risks. This program is focused on candidates who need a basic understanding of the NCSF to perform their daily jobs as executives, accountants, lawyers or information technology professionals.
This course is a great fit for anyone with an interest in or responsibility for the survival of the business. This includes IT, C level personnel, compliance, legal, auditing, human resources, etc.
- One-day, high-level overview of threats and common risks.
- Introduces the concepts of the NIST Framework and the Controls Factory Model.
- Outlines how the NIST CSF can be used to plan, implement, monitor and improve protection of critical assets.
NIST CSF PRACTITIONER COURSE
The NIST Cybersecurity Framework (NCSF) Practitioner Certification Course details the current cybersecurity challenges plus teaches in depth the UMass Lowell NCSF Control Factory Methodology on how to design, build, test and manage an NCSF cybersecurity program. This program is focused on candidates who need a detailed understanding of the NCSF to perform their daily roles as cybersecurity engineers, testers or operations professionals.
This course is suited for individuals working with and overseeing the technology, including CIOs, IT Directors and Managers, IT Security personnel and IT staff.
- Four-day deep dive into Foundation concepts.
- Focuses on designing and implementing (or improving) a cybersecurity program based on the NIST CSF.
Provides a detailed analysis of the technical controls based on the Internet Security 20 Critical Security Controls
Apr 21st
VMware vSphere 6.5 Training
This powerful 5-day class is an intensive introduction to VMware vSphere™ including VMware ESX™ 6.5 and vCenter™. This course has been completely rewritten to reflect the most recent changes and improvements introduced in vSphere 6.5. The courseware and labs have been fully updated and now use Host Client and Web Client rather than legacy vSphere Client for both presentation material and lab procedures.
Assuming no prior virtualization experience, this class starts with the basics and rapidly progresses to advanced topics. With 40+% of class time is devoted to labs, students learn the skills they need to become effective vSphere administrators.
Labs start with installation and configuration of stand-alone ESXi servers and progress to shared storage, networking, and centralized management. The class continues to advanced topics including resource balancing, high availability, power management, back up and recovery, performance, vCenter redundancy, VM redundancy. Disaster recovery, rapid deployment and VM cold, hot and storage migration.
This class is unique in its approach; which is to identify and eliminate common IT pain points using vSphere. Students learn how to deliver business value; not just the technical or mechanical aspects of the software.
By the end of the class, attendees will have learned the skills and best practices of virtualization. Attendees will be able to design, implement, deploy, configure, monitor, manage and troubleshoot vSphere 6.5.