Random Musings

So, If I had a wish list for a job it would be: A position I could research a problem, and work to resolve it, and able to get feedback it was resolved. I have enjoyed sys admin, tech support, and (technical) product management roles. I could work closely, or only minimally removed, from the end user(s).  I enjoy the feedback of helping bring a persons server back online, to helping get their POS working again, to calling the end user that the bug they reported in the software is resolved. etc. A position I could document, diagram, and organize. I am queen of google draw and excel The position would not: Have a high incidence of repetition (that I could not automate away) Have on call Have a high amount of travel The company the position was at would: Have a generous vacation policy, that employee actually use to refresh themsevelves Allows employees to have a healthy work life balance Permit for flexible work hours Core hours are fine, but I am not a

So, to get back into infosec I am going with the following plan, in loop Do: Find and read a thing on the topic (Blog, book, etc) Hands on (local gear, VM, cloud, demo web thing) Class, test or cert For: Python Powershell Windows server security options Windows desktop security options Windows Active Directory management VLANs Firewall settings Port controls Web-testing basics: SQL injections, XSS Server testing basics: ports, connections network scan / port scan automation of patching, WSUS patch scan SQL MS-SQL DNS management in windows DNS settings on registrar Windows IIS Windows S/FTP RAID / SAN shenanigans SMTP SSL Load Balancing Database balancing VMware (hyperV) Physical lock down (disable usb etc) Policy Groups VPN nmap metasploit splunk github LAMP (apache) Add WMI, AppLocker, Credential Guard, Device Guard, and EMET/Windows Defender Exploit Guard to the list (recent developments or becoming more pertinent)