RunningHeader:PORTFOLIO

Page1

KentOlson
Portfolio
UniversityofAdvancingTechnology

Portfolio

Page2

KentOlsonisadynamicnewvoiceinfavorofnewmethodsthataddress
contemporarysetbacksplaguingtheinternet.HestudiedattheUniversityofAdvancingTechnology
oneofthebestschoolsofitskind.HisstudiesfocusedonCiscosystemsadministration,Information
Governance,EmergencyResponse,andDisasterRecovery.HisstrengthsinadditiontoDRP/BCP,are
staticanalysis,andsandboxtriage.Thesepagesarededicated
towardmakingtheaimsandambitionsof
myportfolioclear.Thereareafewrelevantitemsmentionedbelow.

InfrastructureDesign
Itisimportanttocreateanetworkinfrastructurewithasenseofdesign,andtohaveadocument
thatincludesidentifiablecomponents,connectionstooutsideworld,identifiedphysicallayer
connectivity(media),andaddressing.Visiowasusedforinfrastructuredesign.Ciscopacket
tracerwasusedaswellasIOSCCNARSforconfiguration.Also,therewasIEEEcertification.
Thefollowingscreenshotsshowmyabilitytousethesesoftwaresuites.Therearesomebelow:

Visionetworkdesignsoftwareinuse.

Portfolio

Page3

ConfigurationwithIOSsystemconfigurationsoftwarewasundertaken.

PinginganetworkcontainingcroutersandhostsisanimportantstepintheuseofCiscoPacketsoftware.


Portfolio

Page4

ConfigurationofportIPaddressesondeviceandtheenablesecretfunctionsarebothimportant.

DetectionSystems
Therearealsootherfacetsofnetworksecuritythatareworthyofmention.Theseinclude:detection
systems,intrusiondetectionsystems,firewalls,systemhardening,auditingandassessment.The
particularshereareworthyofnote.TheuseofRedlinehelpedinfindingmalwareproblems,andother
Mandiantsoftwarewasalsousedinatriagesettingtohelpwithsystemhardening.Inadditiontothis,
Wiresharkpacketanalysiswasundertaken.Thefollowingshowmyabilitiesasatriageanalystaswellas
myabilitiesasastaticanalysisexpert.

AMandiantRedlineSystemAuditinsession.


Portfolio

Page5

AsnapshotofMandiantRedlineSystemTriagesoftware.

AnalysisandAssessment
AlthoughprogramslikeRedlinecanbeusedtoautomatesecurityrelatedprocessesandperformother
taskssuchasinstallation,administration,management,mappingresources,logonscripts,patch
management,updates,andauditing.(UAT,2015)Othertaskssuchasanalysisandassessmentcanbe
furtherundertakenmanuallybythenetworksecurityanalyst.Also,inaddition,staticanalysesofsystem
binarieswereundertakeninordertodiscoverTrojanviruses,andwormswiththeuseofBintextsoftware.
Theseshowmyperusalthroughsystembinariestofindviruses.

TheaboveisaBleedingEdgeTrojanvirus.


Portfolio

Page6

TheaboveisaSnortSyslog.

Errorsandotheritemsofinterestcanbediscernedbyanetworksecurityanalyst.


Portfolio

Part7

Bintextwasusedtodiscerntheexistenceofmalwareinsystembinaries.

DocumentationandPolicy
Thereareotherimportantitemsthatapartofthenetworksecurityanalystslistofimportantthingsto
consider.ThefollowingformsarethingsIwasdevelopingforcompanysecuritypolicies.Theseinclude
thecreationofapoliciesandproceduresthataddresseventssuchas:adisasterrecoveryplans,abusiness
continuityplans,incidentresponsepolicies,acceptableusagedocuments,informationsecuritypolicies,
physicalsecuritypolicies,assessmentsortroubleshootingprocedures.(UAT,2015)Thefollowing
snapshotsincludesomeofmyhighlights:

DisasterRecoveryplansareimportant,andinadditioncontactinformationisvital.


Portfolio

Page8

EmergencyResponseplansareindepthplansthatcanbeaimedtowardriskmanagement,descriptionsof
emergencies,andsoforth.

BusinessRiskAssessmentsareimportantaswell,andinvolvethefillingoutofformssuchastheoneabove.

Portfolio

Page9

LegalandEthical
Indraftingdocuments,itisimportanttokeepinmindcertainpoliciesthathavebecomeimportantinthe
greaterschemeofthings.Implementationsofplansthatconcernlegalandethicalbestpracticesshouldbe
informedbythemandatedrequirementsthatpertaintoinformationsecurity.Thefollowingitemsare
necessaryintermsoftheimplementationoflegalandethicalpolicies.Thefollowingpoliciesarethings
we
needtotakeintoconsiderationasnetworksecurityanalyst.

TheCyberSecurityAct(CESA)wasfirstenactedbyBillClintonin1999.

Portfolio

Page10

TheHIPAAisoneofthemostwellknowndocumentsintermsofcybersecurity.

Portfolio

Page11

OneoftheimportantfeaturesoftheHIPAAisthatitwardsagainstobtainingPersonallyIdentifiableInformation
(PII)thatcouldbeusedinphishingscams.

ResearchandInformation
Researchofcurrentmalwareandpractices.Currentindustryinformationonsecuritybasedthreats,risks,
maliciousactivities,covertmethodology,encryptiontechnologies,mitigationtechniquesor
unconventionaltacticstopreventlossofsensitiveinformationanddataconfidentiality,integrityand
availabilityshouldbesoughtout.Thereareafewindustrystandardsitesthatoneshouldlookintofor
uptodateinformation.Belowareafewtradejournalsthatanetworksecurityanalystsuchshouldperuse
foruptodateinformation.

Portfolio

Page12

TheSANSinstitutehasalotofuptodateinformationforthosekeepingcurrent.

TheCERTOrganizationisalsoasourceofinformationforthenetworksecurityanalyst.

Portfolio

Page13

TechTargetSecurityNewsisanexcellentsourceofinformation.

Theabovesevenitemsthatmakeforawellroundednetworksecurityanalyst.Theseshould

demonstratemyabilitiesasanetworksecurityanalyst.Thekeyitems.Infrastructuredesign,
detectionsystemsandanalysis,aswellasotherimportantfacetsofnetworksecuritysuchas
systemauditingthatinvolvethesoftwaresuchasCiscoPacketAnalyzer,MandiantRedline,and
Wireshark.Inaddition,RiskAssessmentsandthedraftingofBusinessRecoveryPlansarealso
important.FinallyLegal,ethical,andresearchoughttobeincludedasitemsimportanttoa
networksecurityanalystslistofitems.Downtotheminutestdetail,onecanseethesecomeinto
play.

Portfolio

Page14

Reference

UAT(2015)PortfolioEvaluationRubrics.Retrievedfrom
http://frameset.next.ecollege.com/(NEXT(368ef63aba))/Main/AllMode/FramesetHybrid/Navigat
eView.ed?courseItemType=CourseContentItem&subItemID=680647891&expandUnit=7081711
3
.