The latest version of CompTIA Security+ covers the skill sets needed to proactively address security risk control and mitigation. As part of the ISO/ANSI accreditation for CompTIA Security+, CompTIA updates the exam every three years.
Archive for the ‘Security’ Category
CompTIA Security+ certification addresses operational risk
Posted by Rubel Khan on June 6, 2011
Posted in Certification, CompTIA, Exam, Security | Tagged: CompTIA, Security+ | Leave a Comment »
Microsoft Learning Product Releases for July 18-31
Posted by Rubel Khan on July 28, 2010
1. Microsoft Official Courses (MOC) are instructor-led training courses offered by our Certified Partners. Not all classes will be offered by all partners. Find a training center through Class Locator and see if they will be offering the course you need.
2. Community Courses (CC) are instructor-led training courses offered by our Certified Partners wherein the content is authored by our learning community.
3. General Availability for MOC and CC is dependent on our Certified Partners, but the earliest is Orderable Date + 7 days.
4. Products with no link currently don’t have a URL – search for the course in the training catalog
Microsoft Exchange Server 2010
| Title | Type | RTM (MCT Availability) | Orderable Date (MPN Availability) | General Availability |
| Deploying Exchange Server 2010 | E-Learning | 7/23 | ||
| Configuring Mailbox Servers in Exchange Server 2010 | E-Learning | 7/23 | ||
| Managing Recipient Objects in Exchange Server 2010 | E-Learning | 7/23 | ||
| Managing Client Access in Exchange Server 2010 | E-Learning | 7/23 | ||
| Configuring Message Transport in Exchange Server 2010 | E-Learning | 7/23 | ||
| Implementing Messaging Security in Exchange Server 2010 | E-Learning | 7/23 | ||
| Implementing High Availability in Exchange Server 2010 | E-Learning | 7/23 | ||
| Implementing Backup and Recovery in Exchange Server 2010 | E-Learning | 7/23 | ||
| Configuring Messaging Policy and Compliance for Exchange Server 2010 | E-Learning | 7/23 | ||
| Maintaining Exchange Server 2010 | E-Learning | 7/23 | ||
| Deploying Exchange Server 2010 | E-Learning | 7/23 | ||
| Managing Mailbox Servers and Recipients in Exchange Server 2010 | E-Learning | 7/23 | ||
| Managing Client Access in Exchange Server 2010 | E-Learning | 7/23 | ||
| Managing Message Transport and Security in Exchange Server 2010 | E-Learning | 7/23 | ||
| Implementing High Availability and Disaster Recovery in Exchange Server 2010 | E-Learning | 7/23 | ||
| Configuring Messaging Policy and Compliance in Exchange Server 2010 | E-Learning | 7/23 | ||
| Introduction to Planning an Exchange Server 2010 Deployment | E-Learning | 7/23 | ||
| Planning the Exchange Server 2010 Infrastructure Environment | E-Learning | 7/23 | ||
| Planning and Deploying Client Access Services in Exchange Server 2010 | E-Learning | 7/23 | ||
| Planning and Deploying Message Transport in Exchange Server 2010 | E-Learning | 7/23 | ||
| Planning and Deploying Mailbox Services in Exchange Server 2010 | E-Learning | 7/23 | ||
| Planning and Deploying Messaging Security in Exchange Server 2010 | E-Learning | 7/23 | ||
| Planning and Deploying Messaging Compliance in Exchange Server 2010 | E-Learning | 7/23 | ||
| Planning and Deploying High Availability in Exchange Server 2010 | E-Learning | 7/23 | ||
| Planning and Implementing Disaster Recovery in Exchange Server 2010 | E-Learning | 7/23 | ||
| Transitioning to Exchange Server 2010 | E-Learning | 7/23 | ||
| Configuring, Managing and Troubleshooting Microsoft® Exchange Server 2010 (German, Japanese, French) | MOC | 7/30 | 8/16 (Japanese, French), 8/30 (German) | 8/23 (Japanese, French), 9/6 (German) |
Microsoft SharePoint Server 2010
| Title | Type | RTM (MCT Availability) | Orderable Date (MPN Availability) | General Availability |
| What’s New in Microsoft® SharePoint® 2010 for IT Professionals | E-Learning | 7/21 | ||
| TS: Microsoft SharePoint 2010, Configuring (German, French, Japanese, Portuguese (Brazil)) | Exam | 7/27, 9/30 (Portuguese(Brazil)) |
Microsoft Office 2010
| Title | Type | RTM (MCT Availability) | Orderable Date (MPN Availability) | General Availability |
| Beginner Skills in Microsoft® Outlook® 2010 (Italian, French) | MOC | 7/19 | 8/2 | 8/9 |
| What’s New in Microsoft® Office® 2010 | MOC | 7/28 | 8/11 | 8/18 |
| Beginner Skills in Microsoft® PowerPoint® 2010 (Spanish, Japanese) | MOC | 7/28 | 8/11 | 8/18 |
| Beginner Skills in Microsoft® Outlook® 2010 (German) | MOC | 7/28 | 8/11 | 8/18 |
| Beginner Skills in Microsoft® PowerPoint® 2010 (German) | MOC | 7/28 | 8/11 | 8/18 |
| Skills Training in Microsoft® SharePoint® Designer 2010 | MOC | 7/29 | 8/12 | 8/19 |
| Beginner Skills Training in Microsoft® Visio® 2010 | MOC | 7/29 | 8/12 | 8/19 |
| Microsoft® SharePoint® Designer 2010 Part 1 – Setting up a New Site | MOC | 7/29 | 8/12 | 8/19 |
| Microsoft® SharePoint® Designer 2010 Part 2 – Workflows | MOC | 7/29 | 8/12 | 8/19 |
| Microsoft® SharePoint® Designer 2010 Part 3 – Content Types | MOC | 7/29 | 8/12 | 8/19 |
| Microsoft® SharePoint® Designer 2010 Part 4 – Integrating Business Data | MOC | 7/29 | 8/12 | 8/19 |
| What’s New in Microsoft® Access® 2010 (German, Spanish, Japanese) | E-Learning | Now | ||
| What’s New in Microsoft® Publisher 2010 (German, Spanish, Japanese) | E-Learning | Now | ||
| What’s New in Microsoft® Visio® 2010 (German, Spanish, Japanese) | E-Learning | Now | ||
| Skills Training in Microsoft® Outlook® 2010 (German, Spanish, Japanese) | E-Learning | 7/28 | ||
| Skills Training in Microsoft® Word 2010 (German, Spanish, Japanese) | E-Learning | 7/28 | ||
| Skills Training in Microsoft® Excel® 2010 (Spanish) | E-Learning | 7/28 |
Microsoft Essential Business Server
| Title | Type | RTM (MCT Availability) | Orderable Date (MPN Availability) | General Availability |
| Configuring, Implementing, and Managing Windows® Essential Business Server 2008 | E-Learning | 7/28 |
Microsoft Windows Server 2008
| Title | Type | RTM (MCT Availability) | Orderable Date (MPN Availability) | General Availability |
| Implementing and Managing Microsoft® Server Virtualization | MOC | 7/20 | 8/3 | 8/10 |
| Fundamentals of Windows Server® 2008 Network and Applications Infrastructure (Spanish) | MOC | 7/30 | 8/13 | 8/20 |
| Configuring and Troubleshooting Windows Server® 2008 Active Directory® Domain Services (Spanish) | MOC | 7/30 | 8/13 | 8/20 |
| Configuring and Troubleshooting Internet Information Services in Windows Server® 2008 (Spanish) | MOC | 7/30 | 8/13 | 8/20 |
Source: Born to Learn
Posted in E-Learning, E-Book, Microsoft, Exam, Certification, MCTS, MCITP, Exchange Server, SQL Server, Windows 7, Dynamics AX, Dynamics GP, Dynamics CRM, Visual Studio (.NET), Windows Server, Silverlight, Virtualization, Windows Vista, Security, MCM, SharePoint, SCCM, Bing, Expression, BizTalk Server, Windows XP, MCPD, MOC, MCT, Office 2010, PerformancePoint Server, Visual C++, ASP .NET, Visual Basic, C#, Windows, SSIS, MCSE, MCSA, PowerShell, Windows Live, Microsoft Press, Project Server, EPM, Business Intelligence, Novell, Server 2008, System Center, MCAD, Dynamics NAV, Azure, Cloud Computing, Forefront, MOS, Windows Phone, MTA, Operations Framework (MOF), Microsoft Certifications | Leave a Comment »
Government: Cybersecurity IT Skills Scarce — Cybersecurity — InformationWeek
Posted by Rubel Khan on March 5, 2010
There is a big demand for cybersecurity skills in the government sector
Government IT leaders aiming to shore up cybersecurity troops are having a hard time finding qualified tech professionals, according to a survey. That’s not good news given nearly 60% polled aim to hire new full-time and contractors this year. Government: Cybersecurity IT Skills Scarce — Cybersecurity — InformationWeek.
Posted in Security | Tagged: Cybersecurity | Leave a Comment »
Forefront TMG 2010 Administrator’s Companion Sample Chapters
Posted by Rubel Khan on January 14, 2010
As announced this week Forefront TMG 2010 book went to the printer and it will be available for you next month. We are really excited with this great milestone and to celebrate that with you we are making available two chapters (5 and 33) for you. Chapter 5 covers some important points on the pre-deployment phase while Chapter 33 dives into some TMG 2010 troubleshooting techniques using Network Monitor 3.
Have a taste of what it will be in this book by downloading these chapters from http://mstmgbook.org/Chapters/SampleChapters.pdf and if you did not pre-order yet, make sure to reserve yours at Amazon.com.
Source: MS Press
Posted in Forefront, Microsoft Press, Security | Leave a Comment »
HOW TO: Secure Applications That Are Built on the .NET Framework
Posted by Rubel Khan on January 13, 2010
This step-by-step article describes important considerations for securing applications that are built on the .NET Framework. This article is one of a series of articles that provide detailed information for applications that are built on the .NET Framework.
The articles in this series include the following:
- HOW TO: Deploy Applications That Are Built on the .NET Framework
- HOW TO: Support Applications That Are Built on the .NET Framework
- HOW TO: Tune and Scale Performance of Applications That Are Built on the .NET Framework
- HOW TO: Secure Applications That Are Built on the .NET Framework
Read full article: http://support.microsoft.com/kb/818014
Posted in ASP .NET, Security, Visual Studio (.NET) | Leave a Comment »
Security Best Practices for C++
Posted by Rubel Khan on January 13, 2010
This topic contains information about recommended security tools and practices. Using these resources and tools does not make applications immune from attack, but it makes successful attacks less likely.
Read full content: http://msdn.microsoft.com/en-us/library/k3a3hzw7.aspx
Posted in Security | Tagged: C# | Leave a Comment »
Secure Coding Guidelines for the .NET Framework
Posted by Rubel Khan on January 13, 2010
Evidence-based security policy and code access security provide very powerful, explicit mechanisms to implement security. Most application code can simply use the infrastructure implemented by the .NET Framework. In some cases, additional application-specific security is required, built either by extending the security system or by using new ad hoc methods.
Using the .NET Framework-enforced permissions, and other enforcement in your code, you should erect barriers to prevent malicious code from obtaining information that you do not want it to have or performing other undesirable actions. Additionally, you must strike a balance between security and usability in all the expected scenarios using trusted code.
Read full content: http://msdn.microsoft.com/en-us/library/d55zzx87.aspx
Posted in ASP .NET, Security, Visual Studio (.NET) | Leave a Comment »
Securing ADO.NET Applications
Posted by Rubel Khan on January 13, 2010
Writing a secure ADO.NET application involves more than avoiding common coding pitfalls such as not validating user input. An application that accesses data has many potential points of failure that an attacker can exploit to retrieve, manipulate, or destroy sensitive data. It is therefore important to understand all aspects of security, from the process of threat modeling during the design phase of your application, to its eventual deployment and ongoing maintenance.
The .NET Framework provides many useful classes, services, and tools for securing and administering database applications. The common language runtime (CLR) provides a type-safe environment for code to run in, with code access security (CAS) to restrict further the permissions of managed code. Following secure data access coding practices limits the damage that can be inflicted by a potential attacker.
Writing secure code does not guard against self-inflicted security holes when working with unmanaged resources such as databases. Most server databases, such as SQL Server, have their own security systems, which enhance security when implemented correctly. However, even a data source with a robust security system can be victimized in an attack if it is not configured appropriately.
Read full content: http://msdn.microsoft.com/en-us/library/ecb3hak0.aspx
Posted in ASP .NET, Security | Tagged: ADO.NET | Leave a Comment »
RTM’d today: Microsoft Forefront Threat Management Gateway (TMG) Administrator’s Companion
Posted by Rubel Khan on January 12, 2010
Greetings! We’re pleased to announce that Microsoft Forefront Threat Management Gateway (TMG) Administrator’s Companion was released to the printer today. The authors are Yuri Diogenes, Jim Harrison, Mohit Saxena from the Microsoft TMG Server Team, with Dr. Tom Shinder, and the book’s ISBN is 9780735626386.
The book will be available the second week of February, and we’ll post more book excerpts then. In the meantime, here is the book’s Foreword, by David B. Cross:
Foreword
As the Product Unit Manager for the Forefront Threat Management Gateway
(TMG) 2010 release, I was able to take advantage of a unique opportunity to
change the industry regarding how we protect small business users and enterprise
customers when connecting to the Internet in a world of ever-evolving threats,
malicious software, and dynamic criminal activities. It was a challenge I could not
pass up and I jumped at the opportunity to see how we could simplify the secure
Web gateway (SWG) experience for customers and still provide the flexibility and
security that hardcore security professionals have grown to love with the existing
Internet Security and Acceleration (ISA) Server platform.
TMG has introduced a new era not only for Microsoft but also for the industry
in how we create a comprehensive network protection solution for both small and
large enterprise customers. Customers have told us that they love the Microsoft
infrastructure integrated firewall and proxy that allows configuration and
management using the tools and management infrastructure they are familiar
with, such as Active Directory. But as we saw the threats and the workforce evolve,
we realized that our customers needed something more to protect their users
when accessing the Internet.
I wish I could summarize the full set of capabilities and potential in a short
foreword for this book, but it proved to be impossible. The simple answer comes
in the product name itself: Threat Management Gateway. The name deservedly
implies the dynamic and integrated nature of the product and its extensible
capability as it integrates with the Forefront Protection Suite. When you put it all
together, the product really has six unique value propositions that emphasize our
comprehensive approach to network protection:
- Enforce network policy access at the edge (Firewall)
- Protect users from Web browsing threats (Web Client Protection)
- Protect users from e-mail threats (E-mail Protection)
- Protect desktops and servers from intrusion attempts
(Network Intrusion System) - Enable users to remotely access corporate resources
(VPN, Secure Web Publishing) - Simplify management (Deployment)
In the end, the quality and the value proposition of the product speak for
themselves. Throughout the beta program, we have had more downloads and
production deployments than all the other betas of the ISA platform combined.
The breadth of the new features has driven new customers and new deployments
never possible with the ISA product line. On the firewall side, we have added key
components such as VoIP traversal (SIP), Enhanced NAT, and ISP Link Redundancy.
Combined with our NAP (Network Access Protection) integration with the VPN
functionality, the firewall and remote access capabilities are richer than ever.
On the Web client protection area, we now have integrated URL filtering, HTTP
anti-virus/spyware scanning, and HTTPS forward inspection. The new secure
e-mail relay deployment option enables a hardened edge–based anti-virus
and anti-spam solution not previously available. And last but not least, the fully
integrated and new Forefront Network Inspection System (NIS) has changed
the game of network intrusion prevention and detection. Not only does the NIS
provide the capability for administrators to provide threat management in the
face of zero-day attacks, but it also enables security assessment and responses
when deployed in conjunction with the Forefront Protection Suite.
What’s next for the future of secure Web gateways and the threat landscape?
If I were to be an oracle and predict the future, I would expect first that the trend
of more complex malware and malicious attacks will continue to grow in volume
and in criminal intent. I would also suspect that we will see a demand from the
marketplace for further integration of information protection and control (IPC) with
access and protection. We will see consolidation not only of solutions, but we’ll also
see the management and policy capabilities being integrated and unified across
solution verticals. I believe TMG 2010 will be a product foreshadowing the future
when it comes to network and virtualized datacenter protection.
In summary, this book is a must-have for the Forefront Threat Management
Gateway administrator—it embodies the core of the product team development
knowledge, the best practices from the Microsoft consultants around the world,
and the learning from our customer deployments to date, and it distills this all
into a one-stop resource kit of knowledge. Jim Harrison is known throughout
Microsoft and the broader industry as the foremost ISA—and now TMG—expert.
His in-depth understanding of the product internals combined with real-world
deployment and operational experience provide a perspective unlike any other
expert in the community. Yuri Diogenes and Mohit Saxena have not only been on
the front lines of the top ISA deployments around the world, but have also been
on the forefront (no pun intended) of the TMG beta program. Their firsthand
guidance and best practices will help you ensure a smooth and easy deployment
by avoiding mistakes in advance and suggesting the most secure configuration
from the start. Tom Shinder, a recognized Microsoft security professional and
widely known ISA expert, brings his extended ISA experience to bear as a valued
technical reviewer for this book.
The availability of this book helps to achieve the goal that we set with the
original inception of the TMG project: to enable customers to deploy protection
easily in a cost-effective and manageable way to achieve their security and
application-protection requirements in an ever-changing threat landscape.
I believe we have achieved that goal with our upcoming release and with
security experts such as Jim, Yuri, and Mohit evangelizing the knowledge.
David B. Cross
Product Unit Manager
Microsoft Corporation
Posted in Microsoft, Microsoft Press, Security | Leave a Comment »
MCSA Recertification Meets Growing Requirements for Security Specialization
Posted by Rubel Khan on December 20, 2009
Stay current with exam 70-699: Windows Server 2003, Microsoft Certified Systems Administrator (MCSA) Security Specialization Skills Update. MCSA Security Specialization plus recertification demonstrates current status on the latest security-related functions and tasks on Windows Server 2003 and Windows Vista or Windows 7. In 2010, the Department of Defense, among other organizations, will require employees to meet credential requirements accredited by the American National Standards Institute (ANSI) or an equivalent authorization body.
Posted in MCSA, Security, Windows Server | Tagged: 70-699 | 1 Comment »
