Jul 13th

7 Steps to Implement & Improve Cybersecurity with NIST

The NIST CSF provides a 7-step approach for the implementation and improvement of their cybersecurity posture utilizing the NIST CSF.

The 7-steps include:

Step 1

Prioritize and Scope. The organization identifies its business/mission objectives and high-level organizational priorities.

Step 2

Orient. The organization identifies related systems and assets, regulatory requirements, and overall risk approach and then identifies threats to, and vulnerabilities of, those systems and assets.

Step 3

Create a Current Profile. The organization develops a Current Profile by indicating which Category and Subcategory outcomes from the Framework Core are currently being achieved.

Step 4

Conduct a Risk Assessment. The organization analyzes the operational environment in order to discern the likelihood of a cybersecurity event and the impact that the event could have on the organization.

Step 5

Create a Target Profile. The organization creates a Target Profile that focuses on the assessment of the Framework Categories and Subcategories describing the organization’s desired cybersecurity outcomes.

Step 6

Determine, Analyze, and Prioritize Gaps. The organization compares the Current Profile and the Target Profile to determine gaps. Next, it creates a prioritized action plan to address those gaps that draw upon mission drivers, a cost/benefit analysis, and understanding of risk to achieve the outcomes in the Target Profile.

Step 7

Implement Action Plan. The organization determines which actions to take in regards to the gaps, if any, identified in the previous step.

NIST Cybersecurity Framework Training

Jul 6th

In-Depth Integrations with Jenkins and DevOps Tools

DevOps is the combination of cultural philosophies, practices, and tools that increase an organization’s ability to deliver applications and services at high velocity. Under a DevOps model, a development and operations teams are no longer “siloed”. Quality assurance team also becomes more tightly integrated with development and operations and throughout the application lifecycle. This course covers the DevOps principles and tools required for end-to-end implementation of DevOps.

This course will also provide students with an understanding of the Apache Maven build process, the principles of continuous integration, and the knowledge of how to implement continuous integration with automated test execution using Jenkins, Maven, and the Sonatype Nexus OSS repository manager. Students will use a local copy of Jenkins and create and run Maven jobs, link to a version control system, run automated testing and generate development reports, and configure the system to log build reports and generated artifacts to a Nexus repository.

Jenkins is an award-winning application that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Among those things, current Jenkins focuses on the following two jobs:

• Building/testing software projects continuously.  Jenkins provides an easy-to-use so-called continuous integration system, making it easier for developers to integrate changes to the project, and making it easier for users to obtain a fresh build. The automated, continuous build increases development productivity.

• Monitoring executions of externally-run jobs, such as cron jobs and procmail jobs, even those that are run on a remote machine. For example, with cron, all you receive is regular e-mails that capture the output, and it is up to you to look at them diligently and notice when it broke. Jenkins keeps those outputs and makes it easy for you to notice when something is wrong.

Finally, this training course introduces the core DevOps concepts and principles as well as the ways to stand up the DevOps practice in your organization. Upon completion of this training course, students will have a fundamental understanding of DevOps’ value proposition; they will also gain practical experience working with select DevOps tools, including Puppet, Jenkins, and others. This training course is supplemented by hands-on labs that help attendees reinforce their theoretical knowledge of the learned material.

To learn more about this training click HERE

To register for this training click HERE

Jun 29th

Getting ready to use SCCM? We can help

Learn how to use Configuration Manager and its associated site systems to efficiently manage network resources. In this five-day course, you will learn day-to-day management tasks, including how to manage applications, client health, hardware and software inventory, operating system deployment, and software updates by using Configuration Manager. You also will learn how to optimize System Center Endpoint Protection, manage compliance, and create management queries and reports. Additionally, this course, in conjunction with Microsoft Official Course M-20703-2: Integrating MDM and Cloud Services with System Center Configuration Manager, helps certification candidates prepare for Exam 70-703: Administering System Center Configuration Manager and Cloud Services Integration.

After completing this course, students will be able to:

• Describe the features Configuration Manager and Intune include, and explain how you can use these features to manage PCs and mobile devices in an enterprise environment.
• Analyze data by using queries and reports.
• Prepare a management infrastructure, including configuring boundaries, boundary groups, and resource discovery, and integrating mobile-device management with Microsoft Exchange Server.
• Deploy and manage the Configuration Manager client.
• Configure, manage, and monitor hardware and software inventory, and use Asset Intelligence and software metering.
• Identify and configure the most appropriate method to distribute and manage content used for deployments.
• Distribute, deploy, and monitor applications for managed users and systems.
• Maintain software updates for PCs that Configuration Manager manages.
• Implement Endpoint Protection for managed PCs.
• Manage configuration items, baselines, and profiles to assess and configure compliance settings and data access for users and devices.
• Configure an operating-system deployment strategy by using Configuration Manager.
• Manage and maintain a Configuration Manager site.

Join us for this training starting on Monday, August 6, 2018.

To learn more about this class click HERE.

To sign up for class click HERE.

Jun 25th

Learn Automating Administration with PowerShell

Learn Automating Administration With PowerShell

This course provides students with the fundamental knowledge and skills to use Windows PowerShell for administering and automating administration of Windows servers. This course provides students the skills to identify and build the command they require to perform a specific task. In addition, students learn how to build scripts to accomplish advanced tasks such as automating repetitive tasks and generating reports. This course provides prerequisite skills supporting a broad range of Microsoft products, including Windows Server, Windows Client, Microsoft Exchange Server, Microsoft SharePoint Server, Microsoft SQL Server, System Center, and more. In keeping with that goal, this course will not focus on any one of those products, although Windows Server, which is the common platform for all of those products, will serve as the example for the techniques this course teaches.

After completing this course, students will be able to:

• Describe the functionality of Windows PowerShell and use it to run and find basic commands.
• Identify and run cmdlets for server administration.
• Work with Windows PowerShell pipeline.
• Describe the techniques Windows PowerShell pipeline uses.
• Use PSProviders and PSDrives to work with other forms of storage.
• Query system information by using WMI and CIM.
• Work with variables, arrays, and hash tables.
• Write basic scripts in Windows PowerShell.
• Write advanced scripts in Windows PowerShell.
• Administer remote computers.
• Use background jobs and scheduled jobs.
• Use advanced Windows PowerShell techniques.

Join us for PowerShell training starting on Monday, July 23, 2018.

Learn more about class HERE

Register for class HERE

Jun 20th

DevOps Vocabulary

DevOps Vocabulary

DevOps

(development and operations) – a software development phrase used to describe a type of agile relationship between Development and IT Operations. The goal of DevOps is to improve communication, collaboration, and processes between the various roles in the software development cycle, in order to improve and speed up software delivery.

Silo

The antithesis of DevOps: these are artificial barriers created that have the potential to hamper collaboration within your business.

Release

What does this term mean to different teams and how do you come to one definition across the organization?

Transparency

Requires cross-team communication

Automation

Any task that could be done more than once should be automated

Measurement

Anything worth doing needs to be measured, monitored, and analyzed for success or failure.

Notification

Tell people when it goes right and tells even more people if it goes wrong.

Leadership

DevOps line any organizational initiative needs buy-in from the top and grass-roots support.

Microservices

An architectural style characterized by product focus, automated release, intelligent endpoints, and distributed governance and control.

Want to learn more about DevOps? Train with us:

BSP-2451: DevOps Fundamentals

BSP-2593: DevOps for Leaders

BSP-2464: In-Depth: Integration with Jenkins and DevOps Tools