New products of the month Dec 2015

New products of the week
Our roundup of intriguing new products. Read how to submit an entry to Network World’s products of the week slideshow.

GigaVUE-FM appliance
Key features: The GigaVUE-FM appliance simplifies the management and orchestration of visibility infrastructure and enables enterprises to increase the scale and reach of Gigamon’s Visibility Fabric with additional, dedicated compute capacity.

ImageCenter ADS-3000N
Key features: High-Speed desktop scanner with Gigabit Ethernet and SuperSpeed USB 3.0 connectivity offering powerful features for mid-to-large size workgroups that simplify the way documents are captured, managed, processed, and delivered.

SafeBeyond iOS App
Key features: SafeBeyond launches video capture app on iOS allowing users to more spontaneously record, capture, save and store their invaluable memories and moments.

Couchbase Server 4.1
Pricing: Community Edition is free with support available through the community. Enterprise Edition provides professional support and starts at $5,600 per node.

Key features: A distributed NoSQL database engineered for performance, scalability and availability. Added features include full CRUD support for SQL-based query language N1QL, prepared statements and covering indexes for faster queries.

Modular Data Line Fallback Switch
Key features: Automatic or on-demand A-B fallback switching for RJ45 Ethernet 10/100/1000, T1/E1 and RS-232/422/485 data lines. Accommodates up to 16 modules, allowing switching capacity to be expanded as needed.

StealthAUDIT 7.1
Key features: Enterprise-scale, flexible unstructured data access management to track who owns, manages or accesses sensitive unstructured data. Delivers new support for Microsoft Azure cloud-based directory service, NAS and UNIX support, etc.

Thunder TPS 3.2
Key features: A10 Networks announced enhancements to its multi-vector DDoS protection solution, Thunder TPS (Threat Protection System)—including the ability to send alerts to Verisign’s cloud-based DDoS Protection Service using the OpenHybrid API. Thunder TPS 3.2 now enables more organizations to intelligently provide an always-on application experience.

Attunity CloudBeam for Google Cloud SQL
Key features: Attunity CloudBeam accelerates transfer between on-premises enterprise data sources and Google Cloud SQL. Customers can leverage this solution to enable cloud-based Business Intelligence and Big Data analytics applications.

Click here to view complete Q&A of MB2-706 exam

Certkingdom 20% Discount Promotion Coupon Code: 45K2D47FW4

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MB2-706 Training at certkingdom.com

16 must-have Android productivity apps

From basic business tasks to advanced automation, these 16 apps will make your Android device more useful than ever

16 must-have Android productivity apps

Gone are the days of a phone revolving around voice communication. These days, a mobile device is a powerful personal computer, and with the right set of tools, it can be an invaluable productivity machine.

How do you transform your Android device from interesting gadget to indispensable assistant? We have you covered. These 16 apps are among the best functionality-expanding productivity tools available for Android today. Put them on your Android smartphone or tablet, and get ready to watch your productivity soar.

(Note that this list does not include Google apps that come preloaded by default with Android, such as Gmail and Google Drive.)

OfficeSuite 8
OfficeSuite 8 has won our last three Android office suite shoot-outs, and for good reason: It’s hands-down the best fully featured office suite available for Android users.

OfficeSuite Pro costs $14.99 plus another $10 for an essential font compatibility add-on (or $19.99 a year via an in-app purchase for the Premium version, if you’d rather go the subscription route) — but you get what you pay for: The program boasts an elegant design on both smartphones and tablets and is jam-packed with advanced desktoplike functionality for documents, spreadsheets, and presentations. It integrates with numerous cloud storage services and offers native PDF-markup commands.

Even with Microsoft’s own Office apps now available on Android, OfficeSuite 8 remains the most robust and user-friendly option the platform has to offer.

App: OfficeSuite 8
Price: $14.99 for Pro; $19.99 per year for Premium

Cabinet BETA
One of Android’s greatest assets for power users is its unrestricted file system access: You can browse your Android device as you would a computer, navigating through folders and moving, deleting, or sharing files as you wish.

Plenty of apps can help you do that, but Cabinet BETA stands out for its clean and modern Material Design-based user interface. Cabinet makes it easy to manipulate folders and files, zip and unzip archives, and share files directly to any service you have on your device (email, social media, cloud storage, and so on). Best of all, it’s free.

AirDroid
When you’re at your desk, it can get annoying to keep grabbing your smartphone to send texts or see whose call you missed. Why not do it all from your PC instead?

AirDroid makes it possible: Once you’ve installed the app on your phone or tablet, you simply pull up web.airdroid.com on your computer’s Web browser. From there, you can read and send texts, view call logs, browse through your device’s storage, and wirelessly transfer files between your Android device and computer. With certain devices, AirDroid can even fully mirror your home screen on your desktop and allow you to control your phone completely from your computer.

AirDroid works over both Wi-Fi and mobile data connections. The app itself is free to use, though some features require a $20-per-year premium subscription.

Chrome Remote Desktop
Want full remote access to your PC from your Android phone or tablet? Google’s free Chrome Remote Desktop is all you need. Simply install the companion app for the Chrome desktop browser — compatible with any operating system where the browser is supported — and within minutes, you’ll be securely connecting to your computer from your mobile device.

Once connected, you can use your Android device to open folders, manipulate files, and run programs on your desktop system as if you were sitting right in front of it. You can connect multiple computers to the service, too; all you have to do is install and configure the Chrome app on each additional system, and it’ll show up as an option in the app.

Google Now Launcher
Android device makers love to muddy the OS’s interface with their attempts at visual design, but more often than not, those changes are a step in the wrong direction. Why not take matters into your own hands? The Google Now Launcher — loaded by default on Google’s own Nexus devices — gives you a clean and simple “stock” home screen setup that’ll improve your mobile experience and make you more productive.

Aside from eliminating the clashing colors and excessive clutter many manufacturers add into the environment, the Google Now Launcher puts the powerful Google Now service right at your fingertips as a permanent panel at the leftmost side of your home screen. That makes the service feel more like a native part of the system and allows easier access to useful contextual info that’s tailored to your needs.

Microsoft Outlook
Wish you could have the familiar Outlook email interface on your Android phone or tablet? Until recently, you were out of luck — but no more.

Microsoft officially released its Outlook app for Android earlier this year. The free app works with Microsoft Exchange accounts, as you’d expect, and it supports Office 365 and Outlook.com, along with third-party services like Gmail, Yahoo Mail, and iCloud. It has integrated Outlook calendar support as well, including a nifty native scheduling feature.

If you already live in Microsoft’s world, the Outlook app for Android may be the missing piece you’ve been waiting for.

Today Calendar
Regardless of how you manage your appointments, being able to see them at a glance on your home screen goes a long way. The native Android calendar widget leaves something to be desired (as do most native widgets added by phone manufacturers), but fear not: Plenty of excellent alternatives are available.

One of the best and most versatile options belongs to Today Calendar, a top-notch calendar app that works seamlessly with the Google Calendar service. The app — which is available both in a free ad-supported form and a $6 Pro version — includes an attractive scrollable agenda widget as well as a separate month-view widget. Both widgets are completely customizable, so you can make them look exactly how you like.

Today’s full app interface is also a meaningful step above the default calendar apps provided on many devices in terms of both features and design (though you don’t have to use it in order to get the widgets).

Google Keep
Need a simple way to keep track of thoughts, tasks, and lists? (Who doesn’t?) Google’s Keep app gives you a dead-simple interface for recording, managing, and sharing all the little things in your life.

Keep allows you to jot down notes or leave yourself memos via voice and have them transcribed automatically into text. You can snap photos to include with notes, too, and even search later to find any text visible in those images.

Keep has a bunch of other useful bells and whistles, including a checklist function, the ability to tag and color-code items (then sort by those variables for easy access), and the ability to set location-based reminders for specific notes or lists. The app also makes it possible to share notes or lists, then collaborate on them with others in real time.

Perhaps most important, Keep works on any platform — and everything you do is always synced across all of your devices.

Evernote
For hardcore note-taking junkies, Evernote is a tough app to beat. The service allows you to create multiple notebooks into which you can save text notes, complex lists, images, and voice reminders. You can even send content into an Evernote notebook by emailing it to a special address connected to your account.

Evernote keeps your stuff synced with its own cloud-based service. It’s accessible on the Web and on most major platforms, so that setup tends to work well enough.

Evernote is free, though certain functions — including offline access, advanced searching, and increased transfer allotments — require a $25- or $50-per-year premium subscription.

Expensify
As any road warrior knows, keeping track of expenses can be a pain. Expensify can ease the burden. The app provides an easy-to-follow interface for tracking time, miles, receipts, and invoices on the go, then generating on-demand reports as needed.

Expensify lets you scan receipts as you get them, after which it automatically pulls out the pertinent info from the images and puts it into your records. It can tap into your phone’s GPS to log miles as you drive, and it offers offline functionality for the times when you can’t get a signal.

Expensify is free, though optional premium plans will lift certain usage restrictions and unlock additional features.

TripIt
Travelers, meet your new best friend. TripIt takes all the heavy lifting out of travel, giving you a simple centralized place for storing and tracking all your travel info.

Once you sign up for TripIt, all you do is forward every travel-related email — flight reservations, hotel bookings, even car rental or restaurant confirmations — to plans@tripit.com. TripIt then extracts the important details and puts them into comprehensive and user-friendly itineraries that are accessible from any phone or tablet (as well as from the Web). It can also sync the data automatically into your Google Calendar, if you want.

TripIt is free; an optional $50-per-year Pro subscription gets you a variety of advanced premium features, including real-time flight alerts and a virtual assistant for finding alternate flights along the way.

Google Translate
Going abroad? Google Translate is the companion you need. Translate makes it easy to convert text from one language to another in ways that actually make sense.

Sure, you can type in a phrase in your native tongue and have Translate move it into another language. But you can also take a snapshot of a sign, menu, or document with your phone and have Translate decipher the text. You can speak into your phone in one language and have Translate speak back in another. And you can do it all offline, provided you download the necessary language packs in advance.

Google Translate is free. ¿Cómo te gustan las manzanas?

SwiftKey
Depending on your device, your default keyboard may be decent, but there’s a strong chance SwiftKey is better.

SwiftKey — free, with optional in-app purchases for extra themes — provides outstanding next-word prediction that’s personalized based on your typing habits. The app also has an excellent swipe-to-type option that lets you input text by sliding your finger from one letter to the next without lifting.

All combined, it’s a stellar keyboard that can boost productivity and transform your smartphone- or tablet-using experience.

Link Bubble
Let’s face it: Opening links from your phone isn’t always the best experience. Anytime you tap a link within an app — a news-reading tool, for instance, or a social media browser — you have to stop what you’re doing and wait for the page to take over your display and load.

Link Bubble brings a much-needed intelligent upgrade to the process. The app — which is completely free as of this month — opens all of your links in a floating and movable bubble that sits on the side of your screen. You can keep doing whatever you’re doing and continue to open more links as you encounter them.

Whenever you’re ready to read the content you’ve opened, you simply tap the bubble — and the pages appear in an overlay window on your screen. With another tap or swipe, you can move between them, share them to another app or service, or shrink them back down for later perusing.

It makes so much sense, you’ll wonder how you ever lived without it.

Hooks
Android notifications are powerful — but what if you could connect them to the Web and make them even more robust?

With the help of a free app called Hooks, you can. Hooks lets you set up custom notifications based on events that happen online — and in the real world. You could have the app notify you on your phone anytime your website or server goes down, for instance, or anytime new information is released about a software vulnerability you’re tracking. You could configure alerts for package deliveries, stocks of interest, or mentions of your company in Google search and social media.

And all of that is only the start.

Tasker
Our last must-have Android productivity app is perhaps the most powerful and versatile of all. It’s called Tasker, and it’s an Android power-user’s dream.

In short, Tasker — which costs $2.99 — lets you create intelligent automation on your device. You could have your phone automatically connect to a certain Wi-Fi network or Bluetooth device whenever you’re in a particular location or change its ring behavior and volume settings based on location, time of day, or currently occurring calendar events.

Tasker isn’t for the faint of heart — if you want something simpler but less versatile, the more user-friendly (and free) Agent might be the app for you — but if you’re up for a little geek-targeted tinkering, Tasker will open your Android device up to a practically limitless range of new and exciting possibilities.

App: Tasker
Price: $2.99
Developer: Crafty Apps EU

Click here to view complete Q&A of MB2-706 exam

Certkingdom 20% Discount Promotion Coupon Code: 45K2D47FW4

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MB2-706 Training at certkingdom.com

2015: Microsoft’s biggest year ever?

Windows 10, new devices and a new outlook made for an exciting year

With major product announcements and a number of big bets on the future, 2015 is in the running to be one of Microsoft’s most important years on record.

Topping it was the launch of Windows 10. First previewed a year earlier, 2015 was the year we finally got to see the new operating system in full. Microsoft unveiled key features, including its virtual assistant Cortana reaching beyond Windows Phone and onto the desktop, and its new Edge Web browser.

Windows 10 also brought a new Windows Universal App Platform that lets developers build one app that works across Windows 10 Phones, tablets and computers. It’s part of Microsoft’s play to try and raise the number of apps available for Windows 10 tablets and smartphones by tempting developers with a build once, deploy everywhere strategy.

Since it launched in July, Windows 10 has seen massive adoption. Not everybody likes everything about it and Microsoft has made its share of missteps, like keeping details about what personal information was sent from the OS to its servers under wraps until well after users raised privacy concerns about it. But overall, it has been very positively received.
surface book

One of the most unexpected moves of the year was Microsoft’s entry into the laptop computer business with the Surface Book. For years, Microsoft has relied on partners like HP, Dell and Toshiba to produce laptops — and they aren’t out of the picture — but with its own machine it’s attempting a bit of Apple’s successful business model, directly selling the computer it thinks customers want.

The machine has a powerful keyboard with some serious computing power that has a detachable touchscreen, which can serve as a tablet. Early reviews are favorable, and the device is definitely cool. But its premium price and somewhat awkward design don’t lead one to believe that it’s a slam-dunk for widespread consumer adoption beyond Microsoft’s die-hard fanbase.

In the smartphone space, the year was one of contraction. Microsoft laid off thousands of people from its phone hardware division and saw its market share decline from 2.7 percent to 2.2 percent, according to IDC estimates.

The Lumia 950 is Microsoft’s flagship Windows 10 smartphone. It’s a snazzy piece of hardware, but still hurt by the mobile operating system’s lack of apps.

During the year, it released the Lumia 950 and 950 XL flagship phones that were supposed to help drive Windows smartphones back towards relevance. Reviews for the phones are good and it packs some cool, whiz-bang features, like the ability to use iris recognition to unlock the device, but the biggest drawback is a familiar one for Windows smartphones: The small selection of apps.

But Microsoft hasn’t given up on building smartphones yet.

One new technology, Continuum, lets users connect their phone to a keyboard, mouse and monitor for use like a PC. It’s awesome, but requires application support that isn’t really existent in Windows 10’s third-party ecosystem yet. Microsoft is betting that the Windows Universal App Platform will prove popular enough among developers to shore up its lack of apps, but that hasn’t happened yet.

There’s a lot more excitement building over another hardware project: HoloLens.

When it was unveiled in January, Microsoft showed off something that largely wasn’t even rumored: A headset crammed with technology that let users overlay digital objects on the physical world around them. It’s futuristic stuff, and while the HoloLens doesn’t quite offer wide-angle augmented reality, it’s still a massively cool piece of kit.

One of the most exciting things about it is that the developer tools handle much of the heavy lifting for accessing the device’s hardware capabilities. Voice recognition, spatial mapping and gesture recognition are easily handled by the HoloLens developer tools, so that app makers can focus on building their software. It bodes well for the future of the device, which will be made available for purchase to select developers early next year.

But new software and new devices were only one part of the strategy Microsoft pushed this year. The company also began working with its competitors in ways that it never would have before. Satya Nadella talked on stage with Salesforce CEO Marc Benioff at Dreamforce, and other high-level Microsoft executives have appeared at major events hosted by the likes of VMware,

The company also went on a major acquisition spree, snapping up a mountain of other companies, including teams behind apps like Wunderlist and Sunrise Calendar.

And there was the one that got away. The rumored deal between Microsoft and Salesforce reportedly didn’t happen because Microsoft declined to pony up as much money as Salesforce was looking for.

Acquisitions are a pretty dry business, but these deals show a Microsoft that’s hungry to augment its capabilities with the help of outside companies that have proven solutions.

Looking ahead to 2016 is when we get to see if all of the big bets Microsoft set up this year pay off. Analysts expect that this coming year will see a bunch of enterprises upgrade to Windows 10. Microsoft is also gearing up to more aggressively push consumers to upgrade, which in turn may incentivize developers to build applications for the new OS.

But the Windows Store could go the way of the Mac App Store rather than the iOS App Store or Google Play Store. The concerns that system administrators have about Windows 10’s mandatory cumulative updates might stunt adoption. The HoloLens might turn out to be a futuristic flop. Clearly, Microsoft has an intended outcome for all of those moves, but the company’s big bets don’t always work out as intended.

And 2016 is also when Microsoft’s new strategies of going cross-platform and collaborating with other tech companies will stop being new again. At this point, it wouldn’t surprise some observers if Nadella showed up alongside Tim Cook at an Apple press event — a vast departure from the Microsoft of 2012, but not from the company’s past year. Stay tuned, folks; Microsoft is in for one heck of a ride.

Click here to view complete Q&A of MB2-706 exam

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MB2-706 Training at certkingdom.com

7 signs you’re doing devops wrong

Misconceptions and flawed implementations may have you missing the true upsides of devops

Devops is a transformative ethos that many companies are putting to their advantage. As with anything that hinges on culture, however, it can be too easy to slap together a few tools, sprinkle in new processes, and call yourself a devops-fueled organization. After all, saying that your company embraces devops and regularly practices devops techniques is popular nowadays, and it can serve as great PR for bringing in great talent to your team. But in truth, many companies — and technical recruiters — that are proclaiming their devotion to devops from the hilltops aren’t really devops organizations.

Here we take a look at some of the most common misconceptions and flawed implementations of devops. Chances are, your company has fallen prey to at least one of them. That doesn’t necessarily mean you aren’t practicing devops. It simply means you have a ways to go before your company can fulfill the promise. Devops isn’t an award or title you can achieve. It’s a philosophy, culture, and way of approaching the task of shipping code.
[ Harness the power of PowerShell: An intro for Windows Server | An intro for Exchange | Essential tips for Windows admins | Don’t get left behind — download the Devops Digital Spotlight, and learn all about the game-changer in app development and deployment. | Get a digest of the day’s top tech stories in the InfoWorld Daily newsletter. ]

Read on, take a step back, and assess your company’s commitment to its devops mission. Candor and honesty are essential to guiding your team in the right direction.

Sign No. 1: You need to buy “the devops”

IT departments need “stuff” to operate. They need hardware: computers, servers, server racks, network switches, routers, and load balancers. They also need software: operating systems, antivirus products, productivity software, project management solutions, various line-of-business applications, and software to monitor the health and performance of hardware and software alike.

IT departments have been buying “stuff” since their inception. When the first company decided to use computers as part of their business practices, purchasing as the lifeblood of IT was born. It’s natural for IT higher-ups to think they can buy the next big thing that will help them help the business succeed. This is why some companies give themselves the false impression that they can buy “the devops.”

But it’s not for the wrong intentions. Many CIOs who attend devops conferences or talk about devops with fellow CIOs begin to see what devops can do for their company. Some decide they want “the devops” — and they want it now! What they don’t understand is that devops is not a product or service to purchase. It is a mind-set or mode of operation.

That’s not to say you can’t purchase a block of hours from highly paid consultants to learn devops principles, but by doing so, ultimately you are purchasing knowledge that requires significant work on your part to implement. Your team must absorb what’s being taught, and only then will devops practices begin to take root.

“Devops” cannot be obtained overnight with a simple check and a little training. It is a transformational approach to core processes, and it takes time, dedication, and especially a team that can implement devops practices, many of which will fly against your company’s previous modes of operation.

If your company has a devops budget, you’re doing devops wrong.

Sign No. 2: You equate software and tools to devops

This misapplication of devops runs in parallel to No. 1 above. IT shops acquire tools to do their jobs more effectively. It’s encoded in the job. IT shops have tools to manage clients and servers, as well as storage, compute, and networking resources. But when it comes to tools and devops, companies often get confused. To be sure, devops greatness cannot be achieved without tools. But when companies ignore other areas of devops and focus solely on the tools themselves, problems arise. Tools may be essential, but they are only part of what makes devops tick.

Various configuration management products associated with devops certainly help you build a devops culture. Without them, you undoubtedly are not practicing devops. You can code together your own tools to automate previously manual processes such as code testing, deployments, and server builds, or you can purchase tools geared to complete these tasks; either way automation is a huge part of devops. Without tools, you’d still be manually building test servers, running through runbooks, and checking off tick boxes on a checklist.

But devops consists of a number of facets that go beyond configuration management; don’t focus in on only one simply because a solution exists and it’s tangible. If you look for something tangible to latch onto in your journey to be a devops ninja, you will fail.

If your company bought Chef or Puppet as a cure-all for its devops needs, you’re doing devops wrong.

Sign No. 3: You use checklists or runbooks to manage code deployments

To hammer the point home, automation is the crux of devops. Automation is of paramount importance in an organizational devops culture. Companies practicing devops have a strong desire to automate everything possible. Automation allows them to remove human error and standardize processes across the entire software development lifecycle.

Businesses know that automation is the seed that grows other devops principles such as establishing consistent, routine code deployments. Without automation, reliable code deployments, in particular, would not be possible. Automation is a crucial philosophy to adopt when driving toward a devops culture.

So if you find yourself having conversations with co-workers that include statements like, “We don’t have time to automate,” or “Let’s just do it manually this time. It’ll be faster,” then you’re not doing devops. When embarking on a new project, if automating everything possible isn’t the first idea that comes to your head you’re probably not at devops mastery yet.

Devops-heavy cultures realize that even though it may take more time to introduce automation up front it will pay off through more reliable and faster code deployments in the future. Your company must understand that everything is on the table for automation. This means deployments, testing, code check-in policies, servers builds — everything.

If your company spends hours poring over checklists to ensure code is ready to be deployed, you’re doing devops wrong.

Sign No. 4: You release code to production every few months (or years)

Now that we’ve addressed automation it’s important to address deployment frequency. The sole purpose of devops is to fix bugs and release new features to production faster. That’s not done by following a traditional waterfall model; that’s done by being agile.

At its heart, the agile methodology consists of releasing small changes as often as possible. Its premise is to not plan every little detail ahead of time before releasing to production. It is about defining what is considered “production ready,” representing that with a set of automated tests, and trusting that the tests written correctly define what it means for code to be “production ready.”

Devops is synonymous with concepts like continuous integration and continuous deployment. Notice the key word in both terms: continuous. Devops is about consistently having developers check code in as often as possible, which kicks off automated tests.

For the true devops rock stars, it’s also about taking that code and sending it directly to production through continuous deployment. If your company allows developers to check in code that goes through automated pre-check-in tests, gets handed over to another set of tests to ensure that the code is ready for production, then goes live on your production servers if deemed ready automatically, then you know you’ve achieved devops greatness.

If your company releases code changes less frequently than the harvest moon, you’re doing devops wrong — no matter how small the changes or how quickly you make them.

Sign No. 5: You consider failure unacceptable

Culture is often considered a “soft” aspect of IT, but it couldn’t be more essential to devops. This is where companies often fail to achieve the promise of devops. They might be automating with the optimal mix of tools. They might be continuously updating their code. But their inability to fully assimilate devops culture gets them every time.

For example, when the code you committed goes on to blow up a production database, what happens to you? Does your boss publicly scold you? Do you get immediately called into a manager’s office for a “closed door” meeting? Is losing your job or your ability to deploy code to production ever again a possible outcome of committing code? If so, then your company is not practicing devops.

Instead, picture this: The meltdown of the production database is treated as a learning opportunity. Your manager brings everyone into a postmortem meeting to provide candid feedback. Everyone exhibits a level of candor that might make you squirm, but it’s never at a level that places blame. The root cause is determined, and new tests are built around your mistake so that it’s caught next time and everyone acts like it’s simply another day. This is when you know your company has adopted an important devops philosophy.

If you are no longer trusted with commit rights to production because you have made or might make a mistake, you’re doing devops wrong.

Sign No. 6: You blame others for system problems

Devops philosophy has borrowed heavily from lean, and not blaming others for systemic errors is a key facet that has influenced the human aspect of devops. As with embracing failure, removing individual blame for problems associated with the system is essential to successful devops practices.

True devops practitioners believe that when something goes wrong the fault doesn’t lie with the individual using the system but the system itself. For developers and systems ops to get along, a blameless culture must be supported. Suppose a developer creates an application, tests the application on his computer, and hands the code over to operations. If a problem occurs when ops puts the code into production, ops can’t blame the developer for writing shoddy code, nor can the developer blame operations for not managing servers correctly.

Devops resolves this issue by first figuring out the difference between the two testing environments. Once discovered, the fix is implemented, and preferably, an automated test is created to ensure that, in the future, any flawed code will fail the newly automated test, which will prevent that change from ever getting into production.

If your company is firing staff simply for bringing down production, you’re doing devops wrong — regardless of any presumed role or responsibilities you attribute to those involved.

Sign No. 7: The developers and operations groups look like two grain silos

Devops weds the word “developer” to the word “operations.” If your developers and operations people still aren’t on speaking terms, you don’t have a chance at doing devops right. Devops is all about collaboration. It’s about coming together as a team to help the company, as a whole, achieve its goal. If your operations people refuse to communicate to developers other than throwing work over the proverbial wall, your devops dreams are toast.

This is the most important part of the devops philosophy. All of the activities I’ve touched on previously move toward this end result. It doesn’t mean developers should be forced to eat lunch with operations people or operations staff must invite developers to their weddings. It’s not about liking one another; it’s about looking past our human emotions to work as a professional team to build a product that propels the business forward.

If your company has developers on one floor and operations on another, with code commit messages as the only means of communication, you’re doing devops wrong.
It’s all about the culture

Devops is not for every company. There are situations that warrant a more meticulous approach to code management. However, even if your company isn’t fully committed to building a devops culture, there are many facets of the devops philosophy that can be applied to your practices successfully.

Above all, devops is a cultural philosophy. It takes patience, lots of hard work, an understanding of people, and a business that will support it to truly thrive.

Click here to view complete Q&A of MB2-706 exam

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MB2-706 Training at certkingdom.com

 

Top security stories of 2015

Not a shocker to have data breaches lead the way as criminals get ever more devious.


More data breaches

Hacking Team, Comcast, Ashley Madison… the list goes on of companies who became just another notch in the belt of cybercriminals. Like in years past, data breaches were top of the list for our year in review story. Here are some stories that made headlines in 2015.

Dell puts privacy at risk with dangerous root certificate
Dell has come under fire for shipping PCs with a pre-installed trusted root certificate that can be used to compromise the security of encrypted HTTPS connections.

“Surely Dell had to have seen what kind of bad press Lenovo got when people discovered what Superfish was up to. Yet, they decided to do the same thing but worse. This isn’t even a third-party application that placed it there; it’s from Dell’s very own bloatware,” commented the Reddit poster under the name “rotorcowboy”.

Comcast Xfinity Wi-Fi discloses customer names and addresses
The Xfinity Wi-Fi service from Comcast disclosed the full name and home address of residential customers, which is something the company says isn’t supposed to happen. The disclosure of such information increases an already exposed attack surface, by allowing anyone with malicious intent to selectively target their marks.

It has been just over two years since Comcast launched the Xfinity Wi-Fi service, which created a separate wireless network in homes and businesses for existing customers and the general public.

Police arrest 15-year-old in TalkTalk hack
UK telecom TalkTalk disclosed a possible breach, which could impact upwards of 4 million customers. Those responsible for the attack likely compromised names, addresses, birthdays, phone numbers, email addresses, TalkTalk account information, credit card data, and banking information. A 15-year-old boy was later arrested.

Soon after the disclosure, TalkTalk reported that someone claiming to be responsible for the attack demanded a ransom, but the company didn’t go into detail on the demand itself.

4.6M customers impacted by Scottrade breach
Brokerage firm Scottrade alerted customers to a data breach, which affected 4.6 million people. Scottrade learned about the problem after being contacted by the FBI. According to the email sent to customers, and a public notice, the authorities learned that Scottrade was compromised while investigating other data-theft cases.

“If your information was contained in the affected database, you will receive a letter or email from Scottrade with additional information and resources. We have secured the known intrusion point and conducted an internal data forensics investigation on this incident with assistance from a leading computer security firm. We have taken appropriate steps to further strengthen our network defenses,” Scottrade told customers.

T-Mobile US says Experian breach exposed 15M customers
T-Mobile US CEO, John Legere, said that the names, addresses, Social Security numbers, birthdays, and ID information on more than 15 million customers had been compromised after a breach at Experian.

“The investigation is ongoing, but what we know right now is that the hacker acquired the records of approximately 15 million people, including new applicants requiring a credit check for service or device financing from September 1, 2013 through September 16, 2015,” a statement from T-Mobile’s head executive added.

Ashley Madison hackers publish compromised records
The group responsible for the Ashley Madison hack published the compromised records on Tuesday, delivering on the promise made when the hack was announced in July. The compromised records include account profile information, personal information, financial records, and more.

In July, a group calling themselves Impact Team leaked a selection of files that they claimed originated form Avid Life Media (ALM), the company behind adult playgrounds of Ashley Madison, Cougar Life, Established Men, and others.

IRS: Breach larger than first reported, 220k additional taxpayers affected
The Internal Revenue Service (IRS) said that the data breach reported in May has now impacted a total to 330,000 taxpayers. In addition, the agency sent 170,000 taxpayers notifications that their personal information was potentially exposed during the incident.

The compromise occurred through the “Get Transcript” application used by the tax agency. Using previously acquired personal information (PII), criminals were able to access the “Get Transcript” application to obtain old tax returns.

OPM says second breach compromised 21 million records
The breach at the Office of Personnel Management impacted 21.5 million people.The incident exposed Social Security Numbers and biometric data for federal employees and in some cases their families. OPM became aware of the second breach while investigating the first one disclosed in June.

At the time, the OPM said that the breach impacted the personal information of 4.2 million current and former federal employees. This second incident began in May of 2014 and went undiscovered for a year, however the OPM has stated that patches applied to systems in January halted the extraction of data.

Hacking Team hacked, attackers claim 400GB in dumped data
Specializing in surveillance technology, Hacking Team is now learning how it feels to have their internal matters exposed to the world, and privacy advocates are enjoying a bit of schadenfreude at their expense.

Hacking Team is an Italian company that sells intrusion and surveillance tools to governments and law enforcement agencies.

The attackers published a Torrent file with 400GB of internal documents, source code, and email communications to the public at large.

CareFirst data breach affects 1.1 million people
CareFirst BlueCross BlueShield (CareFirst) disclosed a data breach that impacts 1.1 million current and former members, who registered to use the insurer’s websites or who did business with them online prior to June 20, 2014.

CareFirst stated that they detected the initial compromise and took action to contain the attack. The assumption made was that their actions helped avoid a crisis.

Anthem: 78.8 million affected, FBI close to naming suspect
Anthem, the nation’s second largest health insurer, said that 8.8 to 18.8 million people who were not customers could be impacted by their recent data breach, which at last count is presumed to affect some 78.8 million people. This latest count now includes customers of independent Blue Cross Blue Shield (BCBS) plans in several states.

Click here to view complete Q&A of MB2-706 exam

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MB2-706 Training at certkingdom.com

Hitch your IT career to a rising star with DevOps certification

Hitch your IT career to a rising star with DevOps certification

Savvy IT industry watchers have probably been noticing something called “DevOps” come gliding into view for a while now, striking regular pings on the scope of anyone scanning for either hot trends or spiking salaries. Even proponents of DevOps, however, sometimes struggle to define it in layman’s terms, a challenge that anyone who has ever tried to explain development methods like Agile or Scrum to someone outside of IT will understand. Beneath the jargon, however, there’s an important development model that is quickly gaining in popularity. If you’re involved in IT, then this is something that’s probably worth taking the time to understand.

What is DevOps?

DevOps is a compound of “development” and “operations.” It’s a software development method that stresses communication, collaboration, integration, automation, and measurement of cooperation between software developers and other information technology professionals. DevOps is often shown graphically as three overlapping circles consisting of Development, Quality Assurance, and Information Technology Operations, with DevOps being the area of overlap that ties all three circles together.

DevOps is so much more, however, than the intersection of three circles. It’s often the intersection of five or ten circles — it just depends on the company that the DevOps is supporting. DevOps spans the entire delivery pipeline. This includes improved deployment frequency, which can lead to faster time to market, lower failure rate of new releases, shortened lead time between fixes, and faster mean time to recovery in the event of a new release crashing or otherwise disabling the current system. Simple processes become increasingly programmable and dynamic when using a DevOps approach, which aims to maximize the predictability, efficiency, security, and maintainability of operational processes. Automation often supports this objective.

DevOps integration targets product delivery, quality testing, feature development, and maintenance releases in order to improve reliability and security and provide faster development and deployment cycles. Many of the ideas (and people) involved in DevOps come from the enterprise systems management and agile software development movements.

DevOps aids in software application release management for an organization by standardizing development environments. Events can be more easily tracked as well as resolving documented process control and granular reporting issues. Companies with release/deployment automation problems usually have existing automation but want to more flexibly manage and drive this automation without needing to enter everything manually at the command-line.

Ideally, this automation can be invoked by non-operations employees in specific non-production environments. The DevOps approach grants developers more control of the environment, giving infrastructure more application-centric understanding.

The adoption of DevOps is being driven by factors such as:

● Use of agile and other development processes and methodologies
● Demand for an increased rate of production releases from application and business unit stakeholders
● Wide availability of virtualized and cloud infrastructure from internal and external providers
● Increased usage of data center automation and configuration management tools
● Increased focus on test automation and continuous integration methods

According to David Geer, 42 percent of IT pros surveyed had adopted or planned to adopt DevOps development approaches (Information Week, 2014 DevOps Survey). That number ballooned to 66 percent of U.S. companies using DevOps approaches by the time of a Rackspace survey only 10 months later. With DevOps clearly taking over the coder’s realm, most programmers will eventually have to yield to and master this mindset.

What does DevOps mean for a programmer’s profession?
There’s a lot of interest in DevOps in the IT world right now.DevOps introduces developers to operational requirements and the tools and methods necessary to ensure that the code they create is immediately functional, of high quality, and fit for the production environment. With solid training in these tools and methods, developers should find their talents highly sellable in a career world that is increasingly favorable to DevOps practitioners.

Adam Gordon, CTO of New Horizon Computer Learning Centers of south Florida, sats that important developer skills for DevOps environments include automating configuration management (infrastructure lifecycle management) using vendor-neutral tools such as Puppet, Chef, Ansible, SaltStack, and Docker. These tools integrate with a host of popular platforms and software including Amazon EC2, Amazon Web Services, CFEngine, Cisco, Eucalyptus, Google Cloud Platform, IBM Bluemix, Jelastic, Jenkins, Linux (various distributions), Microsoft Azure, OpenStack, OpenSVC, Rackspace, Rightscale, Salt, SoftLayer, Vagrant, VMware, and a rapidly expanding number of examples.

Some of the most popular vendor-specific DevOps platforms include those from Microsoft and VMware, says Gordon. Microsoft’s DevOps-related products include System Center with its System Center Configuration Manager (SCCM) and System Center Operations Manager (SCOM). These Microsoft developer tools enable functions such as automated configuration management, monitoring, and custom management pack development. VMware tools such as vCloud Air (vCloud Hybrid Service) bridge the VMware development platform to tools such as Puppet and Chef, according to Gordon, while the vRealize cloud management platform automates infrastructure and application delivery, monitoring, analytics, and management.

Finally, Red Hat Linux developers will find that learning to deploy this distribution can be useful for work in Red Hat-related DevOps environments.

Does everyone love DevOps?
No, not everyone. Take Jeff Knupp, for instance. In an April 2014 blog, Knupp claims that DevOps is “killing the developer.” Allow me to quote directly from Mr. Knupp’s post:

“There are two recent trends I really hate: DevOps and the notion of the ‘full-stack’ developer. The DevOps movement is so popular that I may as well say I hate the x86 architecture or monolithic kernels. But it’s true: I can’t stand it. The underlying cause of my pain? This fact: not every company is a start-up, though it appears that every company must act as though they were.

“DevOps is meant to denote a close collaboration and cross-pollination between what were previously purely development roles, purely operations roles, and purely QA roles. Because software needs to be released at an ever-increasing rate, the old ‘waterfall’ develop-test-release cycle is seen as broken. Developers must also take responsibility for the quality of the testing and release environments.

“The increasing scope of responsibility of the ‘developer’ (whether or not that term is even appropriate anymore is debatable) has given rise to a chimera-like job candidate: the ‘full-stack’ developer. Such a developer is capable of doing the job of developer, QA team member, operations analyst, sysadmin, and DBA. Before you accuse me of hyperbole, go back and read that list again. Is there any role in the list whose duties you wouldn’t expect a ‘full-stack’ developer to be well versed in?

“Where did these concepts come from? Start-ups, of course (and the Agile methodology). Start-ups are a peculiar beast and need to function in a very lean way to survive their first few years. I don’t deny this. Unfortunately, we’ve taken the multiple technical roles that engineers at start-ups were forced to play due to lack of resources into a set of minimum qualifications for the role of ‘developer.’ ”

“Imagine you’re at a start-up with a development team of seven. You’re one year into development of a web application that Xs all the Ys, and things are going well, though it’s always a frantic scramble to keep everything going. If there’s a particularly nasty issue that seems to require deep database knowledge, you don’t have the liberty of saying, ‘That’s not my specialty,’ and handing it off to a DBA team to investigate. Due to constrained resources, you’re forced to take on the role of DBA and fix the issue yourself.

“Now expand that scenario across all the roles listed earlier. At any one time, a developer at a start-up may be acting as a developer, QA tester, deployment/operations analyst, sysadmin, or DBA. That’s just the nature of the business, and some people thrive in that type of environment. Somewhere along the way, however, we tricked ourselves into thinking that because, at any one time, a start-up developer had to take on different roles, he or she should actually be all those things at once.

“If such people even exist, ‘full-stack’ developers still wouldn’t be used as they should. Rather than temporarily taking on a single role for a short period of time, then transitioning into the next role, they are meant to be performing all the roles, all the time. Most good developers can almost pull this off.”

Certifications in DevOps
The DevOps certification realm is taking root quickly. One organization that is out in front of the pack, however, is Amazon Web Services. If you want to make a strong move into DevOps, then consider any of the following credentials.

AWS Certified DevOps Engineer – Professional

Description
The AWS Certified DevOps Engineer – Professional exam validates technical expertise in provisioning, operating, and managing distributed application systems on the AWS platform. Exam concepts you should understand for this exam include the ability to:

● Implement and manage continuous delivery systems and methodologies on AWS
● Understand, implement, and automate security controls, governance processes, and compliance validation
● Define and deploy monitoring, metrics, and logging systems on AWS
● Implement systems that are highly available, scalable, and self-healing on the AWS platform
● Design, manage, and maintain tools to automate operational processes

Prerequisites
Required Prerequisite: status as AWS Certified Developer – Associate or AWS Certified SysOps Administrator – Associate

Eligibility
● Two or more years’ experience in provisioning, operating, and managing AWS environments
● Experience in developing code in at least one high-level programming language
● Experience in automation and testing via scripting/programming
● Understanding of agile and other development processes and methodologies

Exam
Multiple choice and multiple answer questions
170 minutes to complete the exam
Exam available in English
Exam registration fee is $300

DevOps is a hot trend in software development right now.AWS Certified SysOps Administrator – Associate
Description

The AWS Certified SysOps Administrator – Associate exam validates technical expertise in deployment, management, and operations on the AWS platform. Exam concepts you should understand for this exam include:

● Deploying, managing, and operating scalable, highly available, and fault tolerant systems on AWS
● Migrating an existing on-premises application to AWS
● Implementing and controlling the flow of data to and from AWS
● Selecting the appropriate AWS service based on compute, data, or security requirements
● Identifying appropriate use of AWS operational best practices
● Estimating AWS usage costs and identifying operational cost control mechanisms

Prerequisites

No prerequisites; recommend taking System Operations on AWS
Eligibility

● One or more years of hands-on experience in operating AWS-based applications
● Experience in provisioning, operating, and maintaining systems running on AWS
● Ability to identify and gather requirements to define a solution to be built and operated on AWS
● Capabilities to provide AWS operations and deployment guidance and best practices throughout the lifecycle of a project

Exam
Multiple choice and multiple answer questions
80 minutes to complete the exam
Available in English, Japanese, Simplified Chinese, and Brazilian Portuguese
Practice Exam Registration fee is $20
Exam Registration fee is $150

AWS Certified Developer – Associate
Description

The AWS Certified Developer – Associate exam validates technical expertise in developing and maintaining applications on the AWS platform. Exam concepts you should understand for this exam include:

● Picking the right AWS services for the application
● Leveraging AWS SDKs to interact with AWS services from your application
● Writing code that optimizes performance of AWS services used by your application
● Code-level application security (IAM roles, credentials, encryption, etc.)

Prerequisites
No prerequisites; recommend taking Developing on AWS
Eligibility

● One or more years of hands-on experience in designing and maintaining an AWS-based application
● In-depth knowledge of at least one high-level programming language
● Understanding of core AWS services, uses, and basic architecture best practices
● Proficiency in designing, developing, and deploying cloud-based solutions using AWS
● Experience with developing and maintaining applications written for Amazon Simple Storage Service, Amazon DynamoDB, Amazon Simple Queue Service, Amazon Simple Notification Service, Amazon Simple Workflow Service, AWS Elastic Beanstalk, and AWS Cloud Formation.

Exam
Multiple choice and multiple answer questions
80 minutes to complete the exam
Available in English, Simplified Chinese, and Japanese
Practice Exam Registration fee is $20
Exam Registration fee is $150

AWS Certified Solutions Architect – Professional
Description

The AWS Certified Solutions Architect – Professional exam validates advanced technical skills and experience in designing distributed applications and systems on the AWS platform. Example concepts you should understand for this exam include:

● Designing and deploying dynamically scalable, highly available, fault tolerant, and reliable applications on AWS
● Selecting appropriate AWS services to design and deploy an application based on given requirements
● Migrating complex, multi-tier applications on AWS
● Designing and deploying enterprise-wide scalable operations on AWS
● Implementing cost control strategies

Prerequisites
Status as AWS Certified Solutions Architect – Associate
Eligibility
● Achieved AWS Certified Solutions Architect – Associate
● Two or more years’ hands-on experience in designing and deploying cloud architecture on AWS
● Abilities to evaluate cloud application requirements and make architectural recommendations for implementation, deployment, and provisioning applications on AWS
● Capabilities to provide best practices guidance on the architectural design across multiple applications, projects, or the enterprise

Exam
Multiple choice and multiple answer questions
170 minutes to complete the exam
Exam available in English and Japanese
Practice Exam Registration fee is $40
Exam Registration fee is $300

AWS Certified Solutions Architect – Associate
Description

Intended for individuals with experience in designing distributed applications and systems on the AWS platform. Exam concepts you should understand for this exam include:
● Designing and deploying scalable, highly available, and fault tolerant systems on AWS
● Lift and shift of an existing on-premises application to AWS
● Ingress and egress of data to and from AWS
● Selecting the appropriate AWS service based on data, compute, database, or security requirements
● Identifying appropriate use of AWS architectural best practices
● Estimating AWS costs and identifying cost control mechanisms

Prerequisites
None, but it is recommended that candidates take the Architecting on AWS and AWS Certification Exam Readiness Workshop
Eligibility

● One or more years of hands-on experience in designing available, cost efficient, fault tolerant, and scalable distributed systems on AWS
● In-depth knowledge of at least one high-level programming language
● Ability to identify and define requirements for an AWS-based application
● Experience with deploying hybrid systems with on-premises and AWS components
● Capability to provide best practices for building secure and reliable applications on the AWS platform

Exam
Multiple choice and multiple answer questions
80 minutes to complete the exam
Available in English, Japanese, Simplified Chinese, Korean, French, German, Spanish, and Brazilian Portuguese
Practice Exam Registration fee is $20
Exam Registration fee is $150

There’s a lot of interest in DevOps in the IT world right now.AWS Certified DevOps Engineer – Professional
Description

The AWS Certified DevOps Engineer – Professional exam validates technical expertise in provisioning, operating, and managing distributed application systems on the AWS platform. Exam concepts you should understand for this exam include the ability to:
● Implement and manage continuous delivery systems and methodologies on AWS
● Understand, implement, and automate security controls, governance processes, and compliance validation
● Define and deploy monitoring, metrics, and logging systems on AWS
● Implement systems that are highly available, scalable, and self-healing on the AWS platform
● Design, manage, and maintain tools to automate operational processes

Prerequisites
AWS Certified Developer – Associate
AWS Certified SysOps Administrator – Associate
Eligibility

● Two or more years’ experience in provisioning, operating, and managing AWS environments
● Experience in developing code in at least one high-level programming language
● Experience in automation and testing via scripting/programming
● Understanding of agile and other development processes and methodologies

Exam
Multiple choice and multiple answer questions
170 minutes to complete the exam
Exam available in English
Exam registration fee is $300

Click here to view complete Q&A of 70-697 exam

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft 70-697 Training at certkingdom.com

One-woman whirlwind: IT training expert is a do-it-all ‘worker bee’

Jay McElroy is a friendly, busy and highly productive woman. It’s an understatement to call her a “ball of fire” — she’s more like a “Supernova!” A supernova of ideas and actions, that is. Jay herself describes it this way: “I’m, like, on speed from the minute I wake up, and I just go all day.”

In 2004 she founded McElroy Enterprises (ME), a corporate training company specializing in hands-on training for careers in the corporate IT, healthcare, retail and construction fields. “We put together a Job Candidate Certification (JCC) professionalization learning management system to give job seekers a complete education in preparing for, finding and succeeding in employment,” she said.

ME has had phenomenal success. At one point, with a barely believable staff of just 10, they were helping between 800 and 1,000 people per month get back to work in IT, healthcare, retail and construction. Beginning in 2008, JCC’s scope expanded to include additional markets and embraced the increasing utilization of video, electronic media and related technologies.

A lifelong work ethic

Jay is definitely the driving force behind ME. She praises her parents for teaching her to “work hard and never quit.” She was raised in a large family of “about 13 children,” she said. “My parents were always taking in other children who needed some help and guidance.”

Her father was a postal worker who did construction on the side, while her mom laid the ground rules for life at home. “We always helped around the house with chores. As each kid graduated from high school we were given the same option: If you weren’t planning on continuing on to college, then you had to pay rent to live at home, and have a plan to put enough money aside to get your own place,” she said.

Jay’s original career interest was to be an undertaker. “I figured it had lots of job opportunities and I’d always be employed,” she said. “Mom never told us what type of jobs we should work, ‘Just work hard and be honest.’ But this was the one time she told me to ‘pick another career,’ so I chose computers.”

Jay worked full-time while attending the University of Pittsburgh and graduated with a degree in Information Systems, as well as a minor in Computer Science and Industrial Engineering.

Get her for our department!

“I always wanted to work for IBM in Tampa, Florida, but there were no job offers. So instead I went to work for the Westinghouse Corporation in Pittsburgh, where I was assigned to a number of different divisions and learned a lot of great things,” she said. At Westinghouse her work ethic and positive attitude landed her in “special programs,” an elite group of employees that traveled around the country working on various projects.

IBM eventually called and asked her to come to Raleigh, N.C., to interview for a positon. Like a good high achiever, Jay didn’t just interview for one position: “I met with eight different managers and got eight job offers,” she said. Speaking later with HR, Jay mentioned that she really wanted to live and work in Tampa, so they sent her down there for an interview and, of course, she got that job offer too.

To top things off, IBM asked if, on her way home, she could stop in Maryland to meet a couple of executives. “In Maryland I interviewed with nine managers and received seven offers. I felt really good,” she said with a laugh. “HR told me that they didn’t bother returning calls from the other two managers, and that my only decision should be whether I wanted to live in Florida or Maryland. I had an aunt in Maryland, so that’s where I went.”

Real estate and home improvement

Most people move to a new city and slowly start learning the area. Jay is not most people: “I wanted to get to know the area quickly, so I earned my real estate license.” High energy and a sunny disposition enabled her to be a successful agent. “I would show houses in the evenings and on weekends, and even on my lunch breaks,” she said.

Jay McElroy is an IT training expert who’s succeeded at everything she’s ever tried.She sold houses to and for IBM employees, even going the extra mile to help flip their properties. She enjoys telling how she used construction skills learned from her father: “Working for IBM often means, ‘I been moved.’ When an employee would be transferred, I would agree to move into their empty house and renovate it. I’d do sheetrock, floors, painting and electrical. Then they could sell the house quickly.”

Jay loves to garden and is an accomplished landscaper. “A neighbor saw how I landscaped my yard and asked me to do his,” she said. “Before I knew it, others were asking and I ended up landscaping almost all the yards on my street.” In her spare time she has also built two houses.

Jay’s first IBM job was in database management. “I worked really hard,” she said. “When I moved on to another positon, they replaced me with five full-time people.”

“I just wanted to be a worker bee.”

Hard work and a can-do attitude led to career opportunities with other well-known companies such as Concert, a joint venture between British telecom, AT&T and MCI, Computer Sciences Corporation and the Applied Physics Laboratory at Johns Hopkins University. Although Jay has often worked in management she said she never wanted to: “I just wanted to be a worker bee. My skills lie in understanding how all facets of a system work — at the nitty-gritty level, and I credit my career experiences with helping me recognize trending developments in IT training.”

Between 2005 and 2011 Jay recognized the need for workforce skills training, particularly among young people. “I saw they were lacking in basic skills that would help them find employment,” she said. “So I created Reaching Higher, a program to teach youth soft skills, created a six-week curriculum to help them find employment, and they started finding jobs. Then some of their parents started asking if we could teach them the same skills. So we did by creating Reaching Hire, which focused more intensely on employment.”

McElroy Enterprises has always included strong elements of IT training in each course. Recognizing the importance of IT certifications, Jay began teaching how search engines work, and how job candidates could get their resumes to the top of the stack. “Anyone can put a resume together,” she said, “but if you don’t know how things work once you put it online, it will not be seen.”

Government contract

In 2012, the U.S. Department of Labor selected Prince George’s Community College to receive a grant of $2.5 million through the department’s Trade Adjustment Assistance program. The College used the grant to develop the Hybrid Technology Training (HTT) program.

HTT partners with employers to create accelerated training in computer technology, networking and cybersecurity for unemployed workers, veterans, displaced and disadvantaged citizens, and victims of foreign outsourcing. Jay and McElroy Enterprises were a natural fit.

When HTT contacted ME’s Board, they suggested Jay help out, calling it a “vacation” of sorts for her. “I’ve never been one to take regular vacations — haven’t been on one in 10 years,” she said with a laugh. “But I liked what HTT was doing and I knew I could help.”

With Jay, HTT is focused on IT certifications and is able to incorporate virtual instruction, interactive simulations, online and real-world problem-solving challenges, and collaborations between learners and instructors.

In September of 2014, HTT began an eight-week pilot program focused on earning certifications for CompTIA: A+, Network+ and Security+. They have had great success, and Jay is understandably proud. “Our first cohort started with 18 students — three had to drop out, but the other 15 earned all three certifications,” she said. “Even better, several of them found employment in IT during the most difficult time of the year, December and January.”

One student, Roderick DeBrew, told how HTT helped him earn his certs and land an IT position: “Since December 12, 2014, I’ve been a contractor for the Department of Defense, in a cleared position as a NOC engineer. Every day I’m learning new techniques, processes and operational methods as it applies to Information Security and Data Centers.”

Success for students

Jay McElroy is an IT training expert who’s succeeded at everything she’s ever tried.A second cohort began in January and is showing great promise as well. In just five weeks, 20 of 25 students earned CompTIA’s A+ certification, and two earned Network+. Two other students earned Certkingdom.com PC Pro and one earned Certkingdom.com Network Pro.

Jay attributes HTT’s success to assessments that help students identify skill sets and interests. She also channels her mom by firmly telling students that, “No is not an option!” Jay said some students struggle and want to quit, but she does her level best to keep them engaged. “I know this program works,” she said. “If they put their time in, and sacrifice for a very short period of their lives, they will be successful and the sky is the limit.”

One of the components HTT uses to help students prepare for certification exams is Certkingdom.com Certification Training. “We use the trouble-shooting component scenarios for students to give them real-life on-the-job experience: Say they are moving an office and need to set up computers. Students just log in and do the lab; it shows what they can do,” Jay said. “LabSim is a phenomenal experience for students.”

HTT will continue its program through September and is hoping to market it more widely to students and the community. As DeBrew says, “The IT field is huge! I’m a product of the Hybrid Training classes. It’s a birthplace for a new opportunity to build a rewarding career in the IT industry.”

Surprisingly, for a woman who pushes IT cert training, Jay doesn’t have any certifications. “I kind of designed my own job candidate certification,” she said. “It took years to perfect it.”

Jay is a deeply religious woman who credits all her successes to her best friend, Emmanuel (God with us), and she feels an obligation to do as much good as she can. Her motivation in utilizing IT training is to make a difference in people’s lives. “I really get excited when I put something IT-based out there,” she said with a wide smile, “and it helps turn someone’s life around.”

Click here to view complete Q&A of 70-697 exam

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft 70-697 Training at certkingdom.com

70-697 Practice Test – Windows 10 Devices in 2016

Welcome to the free practice test for 70-697 – Configuring Windows Devices. This simulated multiple-choice test was handwritten for the benefit of other IT professionals including engineers, helpdesk and managers. It contains 15 random questions selected from a wide range of Windows 10 topics – all relevant to the 70-697 subject material.

The questions will help to compliment your study material, providing the opportunity to test what you’ve learnt and improve your chance of passing the exam first time. Remember, if you enjoy the questions and answers then please share this page with friends and work colleagues.

Background
The 70-697 Specialist exam was introduced in 2015 for the Windows 10 MCSE certification path. Unlike exams from the Windows 8 series which tended to focus on a core principle the 70-697 exam covers a wider range of topics.

Candidates should bear this in mind when studying for the exam as it will test your experience across a wider spectrum of subjects including cloud based Intune management, virtualization and apps.

Topics you need to know
The exam is an even split between each of the following high level topics:
Windows Store and cloud apps
Desktop and device deployment
Intune device management
Networking
Storage
Data access and protection
Remote access
Updates and Recovery

● Exam 70-697 Configuring Windows Devices is near completion, and should soon be available. Passing this exam will confer a Microsoft Specialist certification, and it serves as the “recommended prerequisite” for the MCSE: Enterprise Devices and Apps certification (in lieu of exams 70-687 Configuring Windows 8.1 and 70-688 Supporting Windows 8.1). – See more at: http://www.certkingdom.com/Exam-70-697.php

You should be comfortable answering questions around the Windows Store and cloud apps, with an understanding of Microsoft Office 365 and the inner workings of Intune for sideloading apps to devices.

Several authentication mechanisms are available in Windows 10; certificates, Microsoft Passport, virtual smartcards, picture password, biometrics etc. You should be comfortable answering questions for each of these authentication types and any corresponding authorisation processes.

Many of the classic Windows configuration questions reappear, such as profiles and roaming with a focus on virtualization (Hyper-V) and mobile options such as Windows To Go and Wi-Fi Direct.

Networking and storage have their own subject areas which focus on classic networking principles such as name resolution and network adapters. On the storage side expect BitLocker to make an appearance in addition to classic questions on NTFS and data recovery.

Buzz Topics
Intune – provides mobile device management, mobile application management, and PC management capabilities from the cloud.
Hyper-V – software infrastructure and basic management tools that you can use to create and manage a virtualized computing environment.
BitLocker – a full disk encryption feature designed to protect data by providing encryption for entire volumes.
Windows To Go – boot and run from USB mass storage devices such as USB flash drives and external hard disk drives

Azure RemoteApp – brings the functionality of the on-premises Microsoft RemoteApp program, backed by Remote Desktop Services, to Azure. Azure RemoteApp helps you provide secure, remote access to applications from many different user devices.

Important
After reading this article, if your preparing for career change and looking for MCITP Online Training Certkingdom.com is the best online training provider that provide the all the and complete MCITP certification exams training in just one package, certkingdom self study training kits, save your money on bootcamps, training institutes, It’s also save your traveling and time. All training materials are “Guaranteed” to pass your exams and get you certified on the fist attempt, due to best training CertKingdom become no1 site.

Click here to view complete Q&A of 70-697 exam

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft 70-697 Training at certkingdom.com

10 dumb security mistakes sys admins make

Do as I say, not as I do: Admin mistakes often surpass the severity of those made by users. Here are 10 of the most common — and their remedies

Security isn’t merely a technical problem — it’s a people problem. There’s only so much technology you can throw at a network before dumb human mistakes trip you up.
windows 10 improved

9 ways Windows 10 just got better
We rank the new features and tweaks to Windows 10 that were included in last week’s update.
Read Now

But guess what? Those mistakes are often committed by the very people who should know better: system administrators and other IT staff.

Intermedia’s 2015 Insider Risk Report found that IT professionals were the most likely group to engage in “dangerous” security practices, such as sharing passwords/logins, reusing personal passwords for business applications, or giving personal account credentials to others.

Such lapses tend to be far riskier than those of ordinary users, due to the godlike powers sys admins have over the network. IT pros can be as susceptible as users to phishing, malware, and other attacks — and stolen, privileged sys admin credentials almost always result in far more serious security breaches.

Blunder No. 1: Using sudo for everything
When you log in as root, you have full control over the box. This can be extremely dangerous because if your credentials get stolen, an attacker can do whatever he or she wants.

In Windows parlance, there’s no need to log in as Administrator if there are no administrator-level tasks to perform. Instead of directly logging into systems as root, log in through your personal account and use sudo for specific commands as needed.

It’s easy to backslide if you’re not careful. A script fails because one of the commands needed sudo — and now everything must be restarted. If you fail to keep track of which commands require elevated privileges and which don’t, you may go back to running everything as sudo.
Blunder 2: Running scripts of unknown origin

Installing third-party Linux applications is another area where sudo can be abused. All you have to do is copy and paste the command — which is already set up to use sudo — directly into the terminal to kick off the install script. Every single command in that script will be executed with elevated privileges.

Here’s an example, copied right off the Web (with the URL hidden):

sudo -v && wget -nv -O- https://xxx/xxx/linux-installer.py | sudo python -c “import sys; main=lambda:sys.stderr.write(‘Download failed\n’); exec(sys.stdin.read()); main()”

This gives sudo privileges to an item hosted elsewhere on the Web, as well as running Python locally. Not recommended! Windows admins face similar potential catastrophes running downloaded PowerShell scripts.

Even if you trust the source, never assume a script downloaded from the Internet is safe. Always vet the contents of the script first and verify that executing the commands will not result in nefarious actions.

Applications should never run as root. Create unique service accounts with very specific privileges for each application and service running on the machine.

Service accounts typically lack home directories and are restricted in what they can do on the file system if someone tries to log in using the account. If an attacker compromises a service account, he or she still has to get a local exploit working to get more privileges to execute code.

Each application should use a customized account to access the database instead of root or the administrator’s personal account. Web applications should be owned by the appropriate group and user. When assigning domain privileges to Windows applications, don’t give the application administrator-level access.

Major Linux distributions handle service accounts by default, but if the administrator manually configures third-party packages, it’s easy to make a mistake. Remember to switch permissions after all the installation and configuration is complete to make sure root or the administrator’s personal account is no longer the owner of the application.
Blunder 4: Reusing passwords

Go ahead, roll your eyes. We’ve all heard about the evils of reusing passwords across sites, systems, and applications. But the fact remains that it’s a big problem, and sys admins are not immune.

Recently, Mozilla said an unknown attacker broke into a privileged user’s account for its Bugzilla bug tracking database and stole information about 53 critical vulnerabilities. It turned out the “privileged user” had reused the Bugzilla password on another website, and the password had been exposed in that site’s breach.

Many times, servers are set up with weak administrator passwords or with the same password as other machines on the network. Brute-force attacks using common passwords and dictionary words work because enough people still make this elementary mistake. When multiple machines have the same password, the problem is compounded.

Instead of setting up the same root password on all machines, sys admins should opt to use a key file. Each server should have a public key file and the sys admin’s workstation would have the private key associated with the public key. This way, the sys admin can access all the machines that have been deployed on the network, but an attacker moving laterally through the network will not be able to log in without a valid key. And there is no password to intercept.
Blunder 5: Sharing admin accounts

Administrator accounts — such as access to the database and administrator portals — are often shared around the network. Instead of setting up the environment so that administrators request elevated privileges when needed, these admin accounts are shared willy-nilly. That’s asking for trouble.

Ideally, there should be separate accounts: one for root and one for each administrator. The administrator accounts shouldn’t start off with the highest levels of access — the administrator can ask for special access rights when working on specialized tasks. The Intermedia report found that 32 percent of IT professionals have given out their login and password credentials to other employees.

It’s bad enough not knowing exactly who is using the administrator accounts, but even worse, the passwords are rarely reset when an administrator leaves the company. Because the passwords aren’t regularly cycled, ex-colleagues can come right back in and cause damage with impunity. The Intermedia survey found that one in five IT professionals said they would access company information after they leave their current job. Password change policies aren’t for end-users only. Periodically change passwords, particularly administrator and service accounts. And whenever an administrator leaves, reset the passwords.
Blunder 6: Leaving troubleshooting tasks in place

When troubleshooting, you perform various tricks and experiments to find and fix the problem. As you make these attempts, you tend to bypass the usual processes. The problem comes when you fix the problem and move on to the next fire. Admins in a hurry may forget and leave things in disarray — and open to potential abuse.

You may have opened up ports in the firewall, for example, as you tried to figure out why an application wasn’t responding. Once the fix is in place, you need to go back and close those ports before they can be used by attackers. By the same token, if you turned off SELinux because it was interfering with troubleshooting, remember to turn it back on again after you are done.

When troubleshooting, keep track of what you do as you go, so that afterward you can restore configurations to their original settings — except for the changes you really needed to make.
Blunder 7: Failing to keep track of log files

Log files are handy, especially when troubleshooting, because they let you see what’s happening at the most granular possible level. When you don’t need those files anymore, turn off the process generating them. The last thing you want to do is leave debugging on and generate log files containing information that may be useful to attackers.

As a best practice, always keep track of what logs are created and know what kind of information is in them.
Blunder 8: Storing passwords in plain-text files

When there are so many passwords to track, it’s tempting to write them down in a text file. That’s a gift for attackers snooping around as they get access to various systems. It sounds obvious, but everyone knows of at least one instance where someone saved all important passwords in a text file.

If the passwords must be saved in plain text in a file — such as database credentials for an application — set up file permissions to restrict who can view the contents of the file. Also, make sure the database account is a service account stripped to the bare privileges.
Blunder 9: Leaving unused accounts lying around

Old, unused accounts are liabilities. Perhaps software was installed for evaluation, then removed — and the accounts that were added as part of the installation are still on the system. Don’t leave them there. Attackers can exploit forgotten accounts like these, especially if they retain their default passwords.

For accounts that need to remain on the system but will not being used going forward, disable the account by editing the password file and replacing the account password with a string of characters. Obviously, when employees leave your organization, a process should be in place to deprovision their accounts immediately.
Blunder 10: Being lax about patches

The golden rule: Install security updates as soon as they are available (backing up the affected systems first, of course). Too many servers are compromised not because of a zero-day exploit, but because a year-old patch was never installed.

Even if it’s a critical server, a little downtime as part of a scheduled maintenance window is far better than losing hours and days because attackers successfully compromised the box. Promptly test patches as they are released and create a schedule for rolling out updates.

Unfortunately, you may be thwarted in your efforts to patch right away — usually because the patch will break a legacy app. In that case, don’t simply shrug and say “too bad.” Highlight the problem to the appropriate stakeholders. Escalate the issue. Maybe there are ways to quarantine the servers to minimize risk or to adopt new technologies and reduce dependencies on legacy products.

In real life, patching can be a political quagmire. If a manager who outranks you prevents a system from being patched, make sure everyone understands the risks of failing to do so.
Don’t skimp on security tech

As a general rule, security technology helps keep known bad actors out and can help surface problems when things go wonky. There may be good reasons for not running antivirus or firewall on a particular workstation or server, for example, but those situations are rare.

Consider that several types of DDoS malware are currently making the rounds, infecting Linux Web servers because they don’t have tools to keep the badness out. Security tech should be deployed on every endpoint to keep all users — senior management, workers in the trenches, sys admins, and other individuals with special privileges — safe from attack.

Keep machines as clean as possible. Remove applications you are not using so that you don’t have forgotten accounts or tools on the machine. The goal is to run as clean a system as possible to minimize the attack surface. It takes only one mistake, one moment of inattentiveness, for it all to go south.

Security tools help you see what’s going on in the network. Use Nmap to scan for open ports that may have been opened during a troubleshooting session. Check which machines are missing which patches and come up with a plan.

The tools are there to tell you what’s wrong and give you the opportunity to fix them before the attackers swoop in. But all the security tech in the world won’t do any good if the sys admins don’t lead by example — and follow the rules they set for everyone else.

Click here to view complete Q&A of 70-246 exam

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft 70-246 Training at certkingdom.com

10 signs it’s time to look for a new job

In the high-stakes world of high tech, a subtle look can be enough to know it’s time to jump ship to a new gig

10 signs layoffs are coming for your job next
The signs are usually hiding in plain sight. Your boss doesn’t give you the time of day anymore. Large groups of people go out for lunch — then never come back. The company stock takes a nosedive.

When these things start to happen, it may be time to grab a life jacket and head for the nearest escape raft. Yes, the boat is sinking and about to take you with it.

Don’t go down with the ship. Downsizing and layoffs aren’t a laughing matter for those who suddenly find themselves without a paycheck. But many companies have become a parody of themselves in how they handle such monumental changes. That’s why we decided to have a little fun at their expense. Hopefully if you’ve experienced a layoff yourself, this will give you a laugh, too.

Here’s our take on the signs you should watch out for. If nothing else, you may know what the problem is if your email suddenly doesn’t work.

Co-workers simply … disappear
Weren’t Devin and Susie simply making a run for the nearby food truck? That’s what you thought — but that was Tuesday. Today is Friday. Yes, right before the layoffs begin, you might notice a slow drip of people who peace out for good. Usually it means that something is up, and for some reason others are privy to the details. Time to ask around and find out if you should be the next one to check out one of the mysterious taco trucks.

Big company meeting, little advance notice
The dreaded all-hands meeting — as you might have guessed, a lot of things that aren’t all that good come from it. It could be a new product rollout. Or it could be the word you haven’t been waiting for: you and your colleagues don’t work there anymore. If you get an invite to an “all hands on deck” meeting, maybe you want to have one foot out the door just in case.

The company bus careers right by
You show up to work as normal, coffee in hand and ready to get some work done on the company bus. You see it coming. You make sure your bag is adjusted, laptop in hand.

Then, there it goes. Yes, the company bus has blown by you. Sure, this scenario may be a little far- fetched, but with the way that some companies treat those whom they unceremoniously dump, is it really so unlikely? It might be worth taking the train or walking to the office the next few days if there are any signs of this unsavory behavior.

You start getting strange looks
Maybe you’ve noticed something different about the way your boss looks at you. Their eyes tend to glance off into another direction. You approach him or her with a question, and instead of answering, they suddenly have a phone call or a meeting to run off to. You’re getting the cold shoulder. Was it something you said? A reflection on your performance? Nope, it’s the look of someone who knows too much.

That (dreaded) meeting is cancelled
You likely aren’t thrilled by the weekly calendar invite to the team planning meeting. Before you rejoice that you’ve avoided the most boring part of your week, consider another scenario: It’s cancelled because there’s no one to attend. Companies tend to slack off right before a major cull, so be wary if your schedule suddenly frees up because all those riveting meetings are canceled.

The mood swings low, low, low
Company morale often ebbs and flows. But you may want to pay particular attention to things if there’s a longer, widespread depression spell. You know the feeling — everyone looks around like they’re an extra in “The Walking Dead.” No one chats around their desks or the time-honored water cooler. If you see such symptoms, ask around and see if there’s more to it. This way you don’t have to show up one day to an empty office.

Suspicious training assignment
It may sound innocent enough. A fresh face arrives in the office, and you’re assigned to show them how things work. All goes well until you realize they have the same title and responsibilities as you. Yep, you’re training your replacement. It happens, so be a bit wary about that next eager hire who gets a little too comfy at your desk.

Merger talk
It’s often best to avoid rumors, but sometimes you have to pay attention so that you aren’t left out of the loop when it comes to a potential merger. Yes, usually before a company is acquired by another there is some type of scuttlebut that leaks out. Listen to those who engage in such nefarious talk or implore you to keep information on the down low. This may be your tip that it’s time to dust off the résumé and hit the pavement for a new gig.

Your company’s stock price upends
If you work at a publicly traded company, keeping investors happy is a major part of success. Investors are like your mama: If she’s not happy, ain’t nobody happy. Just like what happened with Twitter, when the stock tanks and numbers (in this case user growth) aren’t good, then get ready to see fewer co-workers around. If things are heading south, perhaps you should be heading out.

The box of shame
Most businesses love Dropbox. It holds onto what you want and is easy to use. Unfortunately, there’s another beloved storage tool that fits the bill: a cardboard box. If you see such a contraption on your desk, you’re probably about to be sent packing. Gathering your stuff and heading out the door is the office equivalent of the walk of shame. The best you can do is to get through it. But at least you’ll have a new toy for your cat.

More InfoWorld slideshows
• 10 users IT hates to support
• The 12 most dreaded help desk requests
• EvilCo! 8 sinister sci-fi corporations (you could be working for soon)
• 9 movies that get IT (almost) right

Click here to view complete Q&A of 70-246 exam

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft 70-246 Training at certkingdom.com