Notes from the School Master

  • Enhance Your Cybersecurity Skills with Practical Linux Projects
    Introduction: Welcome to our latest blog post, dedicated to all aspiring cybersecurity enthusiasts! In the dynamic world of cyber security, practical skills are just as crucial as theoretical knowledge. This post is designed to guide you through a series of hands-on Linux projects that will not only elevate your understanding of cybersecurity systems but also integrate them into your everyday digital routine. Why Practical Experience Matters in Cybersecurity: Before diving into the projects, let’s discuss why hands-on experience is indispensable in the field of cybersecurity. Theoretical knowledge provides a foundation, but it’s the application of this knowledge in real-world… Read more: Enhance Your Cybersecurity Skills with Practical Linux Projects
  • Cyber Security Practice Test – All things PKI – Nov 2023
    Welcome to this practice test on Public Key Infrastructure (PKI), a critical component of modern security architectures that underpins the trust and integrity of digital communications. Before diving into the questions, let us reflect on the story of Alice and Bob, two individuals who needed to communicate securely over an insecure medium: the Internet. Alice and Bob worked in separate branches of an international organization, and they needed to exchange sensitive information. To ensure confidentiality, they relied on PKI, a system designed to secure communications through a blend of encryption, digital signatures, and certificate authorities (CAs). Their PKI allowed… Read more: Cyber Security Practice Test – All things PKI – Nov 2023
  • The Three email security Amigos – SPF DKIM and DMARC
    There are three critical protections when it comes to Email security. SPF, DKIM, and DMARC. Some people get tripped up on these three and what their role is. So here is an anecdotal tale of the three email security amigos. SPF (Sender Policy Framework): The Nightclub Bouncer Imagine you’re at a popular nightclub called “Email Inbox.” Outside, there’s a bouncer checking IDs. Some people are on the guest list; they get in quickly. Others, who aren’t on the list, get turned away. SPF acts like this bouncer. It checks whether the server trying to send an email on behalf… Read more: The Three email security Amigos – SPF DKIM and DMARC
  • Harnessing AI in Cybersecurity – Annex Slides
    These additional slides were created as part of one of our classes to complement the class slides I’ll cover the story below a little bit in class. The Rise and Rapid Fall of Microsoft’s Tay In the early months of 2016, the digital corridors of Twitter were abuzz with conversations spanning every conceivable topic. Sensing an opportunity to both tap into this discourse and push the boundaries of artificial intelligence, Microsoft introduced Tay, a chatbot developed to mimic and converse like a teenage girl. Tay wasn’t your ordinary chatbot. Microsoft’s design allowed her to evolve based on her interactions.… Read more: Harnessing AI in Cybersecurity – Annex Slides
  • SIEM Logic Unveiled: How SOC Analysts Detect and Respond to Security Incidents
    Many imagine Security Operations Center (SOC) analysts as modern-day ‘Neo’ from ‘The Matrix,’ deciphering cascades of streaming data on glowing screens. However, the reality is quite different. SOC analysts dedicate their days to a meticulous task—sorting through alerts, triaging them, and launching investigations into potential security threats. These alerts arrive from a myriad of security tools, including email security solutions, endpoint protection systems, firewalls, and, most notably, Security Information and Event Management (SIEM) platforms. In most SOCs, all alerts and logs converge into the SIEM, making it the central nervous system for security monitoring. Here, analysts receive their marching… Read more: SIEM Logic Unveiled: How SOC Analysts Detect and Respond to Security Incidents
  • Mastering Incident Response: A TLDR Guide to Playbooks and Runbooks with NIST Framework
    Welcome to another exciting blog post, students and aspiring cybersecurity professionals! Today, we have a topic that sits at the core of cybersecurity operations—Incident Response. It’s not just about detecting incidents but efficiently managing them to minimize damage and future risks. Whether you’re part of a small IT team or a large Security Operations Center (SOC), knowing how to respond to security incidents is crucial. This post will give you a TLDR understanding of how to create and implement Incident Response Playbooks and Runbooks. We’re not just talking theory; we’re diving deep into the practical aspects by incorporating real-world… Read more: Mastering Incident Response: A TLDR Guide to Playbooks and Runbooks with NIST Framework
  • Vulnerability Categories and Risk Factors
    The topic of software and network vulnerabilities is incredibly vast. Vulnerabilities can range from minor issues that pose little to no risk to the business, to significant risks that can bring an organization to its knees. Understanding the categories of vulnerabilities can help you prioritize them effectively. Here’s an in-depth look at various categories and the conditions that make each vulnerability riskier. By no means is this list exhausitive. Remote Code Execution (RCE) Description Remote Code Execution allows an attacker to execute arbitrary code on a vulnerable machine, usually providing full control of the system. Risk Factors Buffer Overflow… Read more: Vulnerability Categories and Risk Factors
  • Cybersecurity Exercise: Understanding and Applying the MITRE ATT&CK Framework
    Objective: The aim of this exercise is to familiarize students with the MITRE ATT&CK framework by analyzing various cybersecurity scenarios. By dissecting real-world-like attack narratives, you’ll learn how to identify Tactics, Techniques, and Procedures (TTPs) commonly used by attackers, particularly Advanced Persistent Threats (APTs). Duration: This is a 30-minute exercise broken down into four scenarios, each accompanied by a set of discussion prompts. We’ll reserve the final minutes for a comprehensive group discussion. How it Works: What You’ll Gain: Resources:
  • The Anatomy of Logs
    Deciphering Logs: The Keystone Skill for Security Analysts In a conversation I had with a fellow network security expert in the spring of 2023, an observation struck me profoundly. He emphasized that among new job applicants and even experienced Gen X professionals, a deficiency in troubleshooting skills prevails. As an engineer, was trying to locate adept network troubleshooters. This struck a chord with me, as my own challenge lies in identifying capable analysts. Beneath both these proficiencies lies a fundamental skill: the ability to adeptly dissect and interpret diverse log sources. In today’s landscape dominated by search engines, online… Read more: The Anatomy of Logs
Scroll to Top