Showing posts from November, 2017

Job wish list


If I had a wish list for a job it would be:

A position I could research a problem, and work to resolve it, and able to get feedback it was resolved.I have enjoyed sys admin, tech support, and (technical) product management roles.I could work closely, or only minimally removed, from the end user(s). I enjoy the feedback of helping bring a persons server back online, to helping get their POS working again, to calling the end user that the bug they reported in the software is resolved. etc.A position I could document, diagram, and organize.I am queen of google draw and excel The position would not:
Have a high incidence of repetition (that I could not automate away)Have on callHave a high amount of travel The company the position was at would:

Have a generous vacation policy, that employee actually use to refresh themsevelvesAllows employees to have a healthy work life balancePermit for flexible work hoursCore hours are fine, but I am not a morning personPermit for work from home not 10…

Commute Plan - Back to InfoSec!

So, to get back into infosec I am going with the following plan, in loop


Find and read a thing on the topic (Blog, book, etc)Hands on (local gear, VM, cloud, demo web thing)Class, test or cert


PythonPowershellWindows server security optionsWindows desktop security optionsWindows Active Directory managementVLANsFirewall settingsPort controlsWeb-testing basics: SQL injections, XSSServer testing basics: ports, connectionsnetwork scan / port scanautomation of patching, WSUSpatch scanSQLMS-SQLDNS management in windowsDNS settings on registrarWindows IISWindows S/FTPRAID / SAN shenanigansSMTPSSLLoad BalancingDatabase balancingVMware (hyperV)Physical lock down (disable usb etc)Policy GroupsVPNnmapmetasploitsplunkgithubLAMP (apache)Add WMI, AppLocker, Credential Guard, Device Guard, and EMET/Windows Defender Exploit Guard to the list (recent developments or becoming more pertinent)