_Attendance Questions - TheBackBrain

SMB - 445, 139 (older) # 6/26/2023 1) vault -> a secure room with walls and gateway hardened against physical assault 2) stress test -> software testing method that evaluates how software performs under extreme loads 3) SED (self-encrypting drive) -> a disk drive where the controller can automatically encrypt data that is written to it 4) P7B -> file format for transmitting a chain for digital certificates 5) NMAP -> port scanner used for topology, host, service, and OS discovery and enumeration # 6/29/2023 1) DBA - Database Administrator 2) HIPS - Host-based Intrusion Prevention System 3) FIM - File Integrity Monitoring 4) KEK - Key Encryption Key 5) MDM - Mobile Device Management 6) IdP - Identity Provider 7) RA - Registration Authority 8) PoC - Proof of Concept 9) ROI - Return on Investment 10) SDK - Software Development Kit # 6/30/2023 Terms 1) VDE - Virtual Desktop Environment 2) OTG - On the Go 3) PTZ - Pan Tilt Zoom 4) RFI - Remote File Inclusion 5) MSP - Managed Service Provider Ports 1) 587 - SMTP 2) 3389 - RDP 3) 53 - DNS 4) 179 - BGP 5) 88 - Kerberos # 7/3/2023 1) BIA - Business Impact Analysis 2) CP - Contingency Planning 3) CTM - Counter-Mode 4) IR - Incident Response 5) ECB - Electronic Code Book 6) DNAT - Destination Network Address Translation 7) HA - High Availability Ports 1) 993 - IMAP SSL 2) 21 - FTP 3) 3306 - MySQL 4) 2095 - Webmail 5) 45 - WHOIS Protocol 6) 49 - TACACS 7) 66 - sql-net # 7/5/2023 1) 80 - HTTP - Insecure 2) 443 - HTTPS - SECURE 3) 22 - SSH - SECURE 4) 25 - SMTP - INSECURE 5) 22 - SFTP - SECURE 6) 3389 - RDP - INSECURE 7) 1433 - MS SQL - INSECURE # 7/6/2023 1) SWG - Secure Web Gateway 2) SED - Self Encrypting Drives 3) SLE - Single Loss Expectancy 4) SoC - System on Chip 5) TGT - Ticket Granting System 6) TSIG - Transaction Signature 7) OID - Object Identifier 8) RAS - Remote Access Server 9) PCAP - Packet Capture 10) MSP - Managed Service Provider # 7/7/2023 1) QA - Quality Assurance 2) NTFS - Mew Technology file system 3) XOR - Exclusive OR 4) UAT - User acceptance testing 5) ML - Machine Learning 6) PEM - Privacy Enhanced Mail 7) PAP - Password authentication protocol 8) DEP - Data execution prevention 9) CFB - Cipher Feedback 10) ASP - Active Server Pages # 7/10/2023 1) KEK - Key Encryption Key 2) MDM - Mobile Device Management 3) IdP - Identity Provider 4) VDE - Virtual Desktop Environment 5) PoC - Proof of Concept 6) FIM - File Integrity Monitoring 7) CFB - Cipher Feedback 8) DEP - Data execution prevention 9) MSP - Managed Service Provider 10) ROI - Return on Investment Ports 1) 22 - ssh - secure 2) 80 - http - insecure 3) 443 - https - secure 4) 465 - smtps - secure 5) 21 - ftp - insecure # 7/11/2023 # IT CYBERSECURITY SPECIALIST ## Duties **Typical work assignments include:** - Develops intelligence and risk assessments of critical infrastructure information technology (IT) and operational technology (OT) systems to identify threats, vulnerabilities, and consequences. - Provides analysis on information security issues through high-quality, polished written assessments, briefings, and engagements to understand cybersecurity threats, vulnerabilities, consequences to cyber infrastructure. - Tracks, analyzes, reports on, and helps de-conflict critical data and information related to regional cybersecurity service delivery. - Supports regional incident support operations during critical cyber-related events. - Supports assessments of systems and networks and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. I think this is a good fit at the GS-09 Level, as it is only 1 year of related any experience, and it will get my foot in the door to be able to get one of the higher paying and more experience needed jobs. # 7/12/2023 1) DAC - Discretionary access control 2) CAR - Corrective Action Report 3) ASP - Active Server Pages 4) IDEA - International Data Encryption Algorithm 5) GPG - GNU Privacy Guard 6) IoC - Indicators of Compromise 7) RAD - Rapid Application Development PORTS 1) 23 - telnet 2) 25 - SMTP 3) 110 - pop3 4) 3306 - mysql 5) 139 - netbios-ssn 6) 143 - imap 7) 993 - imaps # 7/13/2023 ## Security Engineer Investigator - Influence Operations The Influence Operations team is dedicated to protecting the users of the Facebook family of applications (e.g. Facebook, Instagram, WhatsApp, Oculus) from advanced threat/nation-state actors. Our investigators must possess deep knowledge of advanced threat actors (including their tactics, techniques, and procedures) as well as an understanding of the overall threat landscape and geopolitical climate. Using this knowledge, we leverage a variety of data sources including internal data, open-source intelligence, and other external data sources to detect and track adversary groups both on and off the Facebook platform. In order to be successful, our investigators must be able to extract, assimilate, and correlate a wide variety of data to not only track known activity but also to surface previously unidentified activity and develop novel and effective strategies to disrupt attackers. This cross-disciplinary position will require technical investigative skills; a successful candidate must pass a scripting interview and will be expected to be comfortable with various technical skills relevant in the field. Security Engineer Investigator - Influence Operations Responsibilities: - Proactively hunt for threats and undetected abuse by leveraging internal data, open-source intelligence, and third party private intelligence - Investigate complex cases to understand in granular detail how abuse is occurring and attribute the person(s) responsible. Identify and implement appropriate online and offline enforcement strategies to mitigate harm both in the current case and from similar forward-looking abuse - Identify areas of opportunity for investigative automation. Build and adopt notebooks and other repeatable flows that can be adopted cross-team - Research how threats from state actors show up within the ecosystem and deeply understand how abuse manifests. Discover and clearly explain emerging threats and trends, with an emphasis on geopolitical, cultural or societal-specific differences where appropriate - Analyze and interpret large datasets to advance investigations, quantify trends or support findings - Identify effective strategies to prevent or disrupt abuse at scale. Consult on the design of countermeasures to affect those strategies - Take a leadership role in suggesting, prototyping, and teaching novel investigative techniques - Address sensitive content issues, including but not limited to graphic images, videos and writings, offensive or derogatory language, and other objectionable material Minimum Qualifications: - Experience working with Python, PHP or similar scripting languages - Proven experience conducting large scale data analysis and utilizing big data tools such as Jupyter Notebook, Maltego, Palantir, etc - 3+ years work experience in government, intelligence organization, cyber security, and/or private sector security investigations and intelligence - Adept at queries and presenting findings - Experience investigating and acting on high-impact threats - Experience prioritizing and executing with minimal direction or oversight Preferred Qualifications: - Experience working or managing projects that have enterprise-wide impact and/or multi-organization cross functional stakeholders - Experience working with a team spanning multiple locations/time zones - Familiarity with sophisticated advanced persistent threat actors - Experience with open source investigation techniques and familiarity with a variety of internet research tools - BS/MS or equivalent experience in Computer Science, Information Systems, Intelligence Studies, Cybersecurity or related field [Meta hiring Security Engineer Investigator - Influence Operations in United States | LinkedIn](https://www.linkedin.com/jobs/view/3663104863/?alternateChannel=search&refId=svaRU3ckCy0jPotaQwwNrw%3D%3D&trackingId=yhK7v7OQhdTqMQxWCejexw%3D%3D&trk=d_flagship3_search_srp_jobs) # 7/14/2023 ## Security Engineer About the job Blockchain technology is powering a growing wave of innovation. Businesses and governments around the world are using blockchains to make banking more efficient, connect with their customers, and investigate criminal cases. As adoption of blockchain technology grows, more and more organizations seek access to all this ecosystem has to offer. That’s where Chainalysis comes in. We provide complete knowledge of what’s happening on blockchains through our data, services, and solutions. With Chainalysis, organizations can navigate blockchains safely and with confidence. Chainalysis, organizations can navigate blockchains safely and with confidence. As a Security Engineer at Chainalysis, you'll be at the forefront of blockchain technology security. Your work will ensure the security and integrity of our innovative solutions, paving the way for the future of the blockchain industry. While a background in Software Development, DevOps, or Cloud Infrastructure helps, what truly matters is your understanding of cloud security best practices and application security principles. We value a diverse range of skills and perspectives, and we encourage individuals with a strong passion for security to apply. **What You'll Do** - Lead the charge in identifying and managing security vulnerabilities across our cloud and application environments - Master the use of vulnerability management tools like Tenable, Wiz, or Lacework, to ensure alignment with our security requirements - Conduct crucial security scans for containerized applications and instance operating systems to maintain our robust infrastructure - Develop container image and instance OS scanning policies, promoting proactive vulnerability management - Develop Security Controls and Best Practices to secure our Cloud Infrastructure. - Implement security automation using AWS security services and third-party tools, to expedite the implementation of the Security Controls and Best Practices - Become a security expert on Kubernetes, Blockchain, and AI (LLM) environments, setting the security standard in these areas. - As part of a team, conduct security reviews of our new products, features, and solutions by deep-diving into code, reviewing security architectures, and running advanced security testing to ensure our innovations are secure from the ground up. - Offer internal user support and handle Jira tickets, encouraging effective collaboration and addressing security concerns throughout our organization **A Background Like This Helps** - Familiarity with tools like Tenable, Wiz, or Lacework - Experience with AWS cloud security and Kubernetes - Ability to manage patches and configurations using AWS SSM or Ansible - Comfortable with Bash or Python Scripting for automation of tasks, including patch management and security audits - Proficiency with Linux operating systems and package management systems (apt, yum, etc) This job would be a good entry level cloud security position. The basic qualifications are things we have all picked up during the class with the exception of the first one. # 7/17/2023 1) MFD - Multifunction Device 2) SDLC - Software Development Lifecycle 3) WORM - Write Once Read Many 4) RFID - Radio Frequency Identification 5) SDP - Service Delivery Platform 6) SWG - Secure Web Gateway 7) VTC - Video Teleconferencing 8) TGT - Ticket Granting System 9) SEH - Structured Exception Handling 10) RAD - Rapid Application Development # 7/18/2023 ## Information Security Analyst Description: CFCU Community Credit Union (CFCU) is searching for a talented and ambitious **Information Security Analyst** to join the Compliance Department. Under the direction of the Information Security Officer (ISO), the selected candidate will perform tasks that support the continued maintenance and development of the Credit Union’s information security and cybersecurity practices and programs designed to protect member and Credit Union information assets. In addition, this position will interact with all levels of staff at CFCU especially the Information Security Committee and Information Technology (IT) Department, for purposes of providing or obtaining information and collaboration across Credit Union Departments. Requirements: **& Responsibilities:** - Performs day to day monitoring of various information security and cybersecurity related reports, tools, and systems. Utilizes this data for purposes of analysis and interpretation to identify anomalies, trends, or threats, and to take or recommend appropriate mitigation actions. Examines and evaluates any identified anomalies, trends, or threats to recommend any necessary controls, measures, or improvements and validates implementation of such. Maintains adequate records and provides routine reporting of such reviews to the ISO. - Under the direction of the ISO, develops and conducts staff training programs to increase credit union-wide information security, cybersecurity, and IT security awareness through communication, testing, and training. Maintains adequate records of such training for audit purposes. - Assists in the continued development, maintenance, and periodic testing of the Incident Response Plan (IRP) and related playbooks. Documents all tests and findings to assist in formulating and implementing process improvements. - Under direction of the ISO and as assigned, supports the continued maintenance and development of the Credit Union’s information security and cybersecurity practices and program, and in accordance with industry standards, best practices, and guidance from regulatory agencies, to ensure the confidentiality, integrity, and availability of information owned, controlled, or processed by the Credit Union. - Periodically performs reviews of user privilege administration of various systems to confirm or recommend proper set up and controls and reports the results of such reviews to the ISO. - Assists with the change management program to coordinate and document the change process. Maintains adequate records and provides routine reporting to the ISO. - Assists with the investigation of any information security incidents or breaches as assigned, including conducting analysis, research, and writing reports, as well as assists in response and recovery efforts. Maintains adequate records of such incidents or breaches. Presents findings to the ISO. - Works closely with IT on a routine basis for purposes of obtaining and reviewing relevant data or completing activities or projects as assigned, with emphasis on collaboration. This work may require flexible work hours due to the scheduling needs of IT. - Works closely with vendors as assigned, for periodic review and/or the monitoring of services provided, or review of related reports. - Collaborates with the Information Security Committee as an active member of the team to assist in evaluating and developing actions plans related to information security, and to provide information and recommendations to the team. Attends all Information Security Committee meetings. - Stays current with the latest information security, cybersecurity, and IT security trends and attack vectors in the industry along with guidance from regulatory agencies for translation into operational action items. - As assigned, assists with reviews of the information security controls and practices vendors utilized or proposed by the Credit Union to evaluate the adequacy of their programs and to identify any potential risks. Provides written summaries of these reviews with any recommendations to the VP Risk. - Performs other job related duties as assigned. **Desired Skills and Experience:** - Equivalent to a two-year degree in a related field, such as but not limited to computer science or cybersecurity with the appropriate emphasis in information security preferred. - Both work and educational experiences will be considered in fields such as IT, information security, cybersecurity and/or audit, no specific time period is required. - Desire to obtain a relevant certification as agreed upon with ISO. - Strong problem solving and analytical skills, with a high level of attention to detail and organization. - Very strong oral and written abilities. Seems like a nice entry level position where school is also counted as experience. [Find Cyber Security Analyst jobs with Work-Life Balance | Indeed.com](https://www.indeed.com/jobs?q=cyber+security+analyst&l=&from=searchOnHP&vjk=9e3572a62bba1235&advn=1022316450072515) # 7/19/2023 Ports: 1) 53 - DNS 2) 3389 - RDP 3) 23 - TELNET 4) 3306 - MySQL 5) 25 - SMTP 6) 443 - HTTPS Acronyms 1) ASP - Active Server Pages 2) BASH - Bourne Again Shell 3) CTM - Counter-Mode 4) DHE - Deffie-Hellman Ephemeral 5) MBR - Master Boot Record 6) MDM - Mobile Device Management 7) PSK - Pre shared Key # 7/20/2023 ## IT SPECIALIST (INFOSEC) ## **Duties** - You will serve as an IT Specialist (INFOSEC) in the Countermeasures Division, Operations Department at Navy Cyber Defense Operations Command. - You will serve as a Cyber Security Analyst and perform Defensive Cybersecurity Operations (DCO) actions in support of Detect and Protect functions of the Attack Sensing and Warning mission. - You will determine the best approach for applying proactive mitigations to systemic and application-specific security threats to tactical and administrative systems. - You will develop, deploy, curate and disclose custom user defined signatures (UDS) and access control rules applicant across multiple Intrusion Detection/Prevention Systems (IDS/IPS) sensor platforms to detect and prevent cyber exploits. - You will leverage vendor defined signatures (VDS) when available in order to minimize effort and maximize the protections provided by the Navy Security Grid and Navy Extended Partner Security Grid. - You will provide technical insights to various complex challenges pertaining to both available and emerging information security equipment available. - You will share specific countermeasures, and/or interim guidance, with internal and external cybersecurity personnel and stakeholders. - You will assist countermeasures team with accomplishing long-term, strategic level projects. - You will provide assistance with regular reviews of Standard Operating Procedures (SOP) pertinent to the Countermeasures Division. ## **Requirements** ### **Conditions of Employment** - Must be a US Citizen. - Must be determined suitable for federal employment. - Must participate in the direct deposit pay program. - New employees to the Department of the Navy will be required to successfully pass the E-Verify employment verification check. To learn more about E-Verify, including your rights and responsibilities, visit e-verify.gov - Within the Department of Defense (DoD), the appointment of retired military members within 180 days immediately following retirement date to a civilian position is subject to the provisions of 5 United States Code 3326. - Males born after 12-31-59 must be registered for Selective Service. - You will be required to obtain and maintain an interim and/or final security clearance prior to entrance on duty. Failure to obtain and maintain the required level of clearance may result in the withdrawal of a job offer or removal. - This position is designated as a Cyber IT/Cybersecurity Workforce position. You must obtain and maintain the credentials as described in SECNAV M-5239.2 for specialty area 511 within 12 months of appointment. - Successful completion of a pre-employment drug test (including marijuana) is required. A tentative offer of employment will be rescinded if you fail to report to the drug test appointment or fail the test. You will be subject to random testing. - You must successfully complete a Counterintelligence (CI) polygraph with No Deception Indicated (NDI). ### **Qualifications** Applicants must have directly applicable experience that demonstrates the possession of knowledge, skills, abilities, and competencies necessary for immediate success in the position. Qualifying experience may have been acquired in any public or private sector job, but will clearly demonstrate past experience in the application of the particular competencies or knowledge, skills and abilities necessary to successfully perform the duties of the position. Such experience is typically in or directly relates to the work of the position to be filled. You must have IT-related experience demonstrating each of the four competencies listed below: 1. Attention to Detail - Is thorough when performing work and conscientious about attending to detail. Examples of experience demonstrating this competency include: **Interpreting data, planning the work** **and refining the methods and techniques being used to assist with the development of new standards, methods, and techniques related to defensive countermeasures.** 2. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Experience demonstrating this competency include: **Assisting with establishing, implementing and interpreting requirements for policy directives governing analysis and reporting procedures.** 3. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. Examples of experience demonstrating this competency include: **Assisting preparing briefs for management and stakeholders on complex and controversial issues.** 4. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. Examples of experience demonstrating this competency include: **Identifying current and potential problem areas relating to defensive countermeasure development.** In addition to my experience demonstrating the four competencies above, I have qualifying experience such as: **-Experience identifying cyber threats and vulnerabilities.** **-Experience performing network packet-level analysis.** **-Experience applying intrusion detection methodologies and techniques for detecting host and network-based intrusions.** **-Experience determining the best approach for applying signature based countermeasures to systemic and application-specific threats to tactical and administrative systems.** This position is within the Work Category PROFESSIONAL at Work Level FULL PERFORMANCE, Series and Grade GG-2210-11. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., professional, philanthropic, religious, spiritual, community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. This blue team position seems easy to get as the qualifications are low. It is a government position. I think this would be great for me and my family to get my foot in the door and get the experience.