Escolar Documentos
Profissional Documentos
Cultura Documentos
Page1
KentOlson
Portfolio
UniversityofAdvancingTechnology
Portfolio
Page2
KentOlsonisadynamicnewvoiceinfavorofnewmethodsthataddress
contemporarysetbacksplaguingtheinternet.HestudiedattheUniversityofAdvancingTechnology
oneofthebestschoolsofitskind.HisstudiesfocusedonCiscosystemsadministration,Information
Governance,EmergencyResponse,andDisasterRecovery.HisstrengthsinadditiontoDRP/BCP,are
staticanalysis,andsandboxtriage.Thesepagesarededicated
towardmakingtheaimsandambitionsof
myportfolioclear.Thereareafewrelevantitemsmentionedbelow.
InfrastructureDesign
Itisimportanttocreateanetworkinfrastructurewithasenseofdesign,andtohaveadocument
thatincludesidentifiablecomponents,connectionstooutsideworld,identifiedphysicallayer
connectivity(media),andaddressing.Visiowasusedforinfrastructuredesign.Ciscopacket
tracerwasusedaswellasIOSCCNARSforconfiguration.Also,therewasIEEEcertification.
Thefollowingscreenshotsshowmyabilitytousethesesoftwaresuites.Therearesomebelow:
Visionetworkdesignsoftwareinuse.
Portfolio
Page3
ConfigurationwithIOSsystemconfigurationsoftwarewasundertaken.
PinginganetworkcontainingcroutersandhostsisanimportantstepintheuseofCiscoPacketsoftware.
Portfolio
Page4
ConfigurationofportIPaddressesondeviceandtheenablesecretfunctionsarebothimportant.
DetectionSystems
Therearealsootherfacetsofnetworksecuritythatareworthyofmention.Theseinclude:detection
systems,intrusiondetectionsystems,firewalls,systemhardening,auditingandassessment.The
particularshereareworthyofnote.TheuseofRedlinehelpedinfindingmalwareproblems,andother
Mandiantsoftwarewasalsousedinatriagesettingtohelpwithsystemhardening.Inadditiontothis,
Wiresharkpacketanalysiswasundertaken.Thefollowingshowmyabilitiesasatriageanalystaswellas
myabilitiesasastaticanalysisexpert.
AMandiantRedlineSystemAuditinsession.
Portfolio
Page5
AsnapshotofMandiantRedlineSystemTriagesoftware.
AnalysisandAssessment
AlthoughprogramslikeRedlinecanbeusedtoautomatesecurityrelatedprocessesandperformother
taskssuchasinstallation,administration,management,mappingresources,logonscripts,patch
management,updates,andauditing.(UAT,2015)Othertaskssuchasanalysisandassessmentcanbe
furtherundertakenmanuallybythenetworksecurityanalyst.Also,inaddition,staticanalysesofsystem
binarieswereundertakeninordertodiscoverTrojanviruses,andwormswiththeuseofBintextsoftware.
Theseshowmyperusalthroughsystembinariestofindviruses.
TheaboveisaBleedingEdgeTrojanvirus.
Portfolio
Page6
TheaboveisaSnortSyslog.
Errorsandotheritemsofinterestcanbediscernedbyanetworksecurityanalyst.
Portfolio
Part7
Bintextwasusedtodiscerntheexistenceofmalwareinsystembinaries.
DocumentationandPolicy
Thereareotherimportantitemsthatapartofthenetworksecurityanalystslistofimportantthingsto
consider.ThefollowingformsarethingsIwasdevelopingforcompanysecuritypolicies.Theseinclude
thecreationofapoliciesandproceduresthataddresseventssuchas:adisasterrecoveryplans,abusiness
continuityplans,incidentresponsepolicies,acceptableusagedocuments,informationsecuritypolicies,
physicalsecuritypolicies,assessmentsortroubleshootingprocedures.(UAT,2015)Thefollowing
snapshotsincludesomeofmyhighlights:
DisasterRecoveryplansareimportant,andinadditioncontactinformationisvital.
Portfolio
Page8
EmergencyResponseplansareindepthplansthatcanbeaimedtowardriskmanagement,descriptionsof
emergencies,andsoforth.
BusinessRiskAssessmentsareimportantaswell,andinvolvethefillingoutofformssuchastheoneabove.
Portfolio
Page9
LegalandEthical
Indraftingdocuments,itisimportanttokeepinmindcertainpoliciesthathavebecomeimportantinthe
greaterschemeofthings.Implementationsofplansthatconcernlegalandethicalbestpracticesshouldbe
informedbythemandatedrequirementsthatpertaintoinformationsecurity.Thefollowingitemsare
necessaryintermsoftheimplementationoflegalandethicalpolicies.Thefollowingpoliciesarethings
we
needtotakeintoconsiderationasnetworksecurityanalyst.
TheCyberSecurityAct(CESA)wasfirstenactedbyBillClintonin1999.
Portfolio
Page10
TheHIPAAisoneofthemostwellknowndocumentsintermsofcybersecurity.
Portfolio
Page11
OneoftheimportantfeaturesoftheHIPAAisthatitwardsagainstobtainingPersonallyIdentifiableInformation
(PII)thatcouldbeusedinphishingscams.
ResearchandInformation
Researchofcurrentmalwareandpractices.Currentindustryinformationonsecuritybasedthreats,risks,
maliciousactivities,covertmethodology,encryptiontechnologies,mitigationtechniquesor
unconventionaltacticstopreventlossofsensitiveinformationanddataconfidentiality,integrityand
availabilityshouldbesoughtout.Thereareafewindustrystandardsitesthatoneshouldlookintofor
uptodateinformation.Belowareafewtradejournalsthatanetworksecurityanalystsuchshouldperuse
foruptodateinformation.
Portfolio
Page12
TheSANSinstitutehasalotofuptodateinformationforthosekeepingcurrent.
TheCERTOrganizationisalsoasourceofinformationforthenetworksecurityanalyst.
Portfolio
Page13
TechTargetSecurityNewsisanexcellentsourceofinformation.
Theabovesevenitemsthatmakeforawellroundednetworksecurityanalyst.Theseshould
demonstratemyabilitiesasanetworksecurityanalyst.Thekeyitems.Infrastructuredesign,
detectionsystemsandanalysis,aswellasotherimportantfacetsofnetworksecuritysuchas
systemauditingthatinvolvethesoftwaresuchasCiscoPacketAnalyzer,MandiantRedline,and
Wireshark.Inaddition,RiskAssessmentsandthedraftingofBusinessRecoveryPlansarealso
important.FinallyLegal,ethical,andresearchoughttobeincludedasitemsimportanttoa
networksecurityanalystslistofitems.Downtotheminutestdetail,onecanseethesecomeinto
play.
Portfolio
Page14
Reference
UAT(2015)PortfolioEvaluationRubrics.Retrievedfrom
http://frameset.next.ecollege.com/(NEXT(368ef63aba))/Main/AllMode/FramesetHybrid/Navigat
eView.ed?courseItemType=CourseContentItem&subItemID=680647891&expandUnit=7081711
3
.