If you found this, you probably are wondering what "The Darling project" is. To provide some context: I built a webapp called darling, to give me recipes of my favorite menus in case I get asked what I want to eat. Rarely I know what I want to eat because I am pretty low maintenance as it comes to food choices. At the time of writing this, the webapp already is in beta phase and reachable at https://darling.buerge.io

Soon I'll be studying cyber security and want to prepare as much as possible before I start. I downloaded the requirements for passing the exam a while ago and found out that I still got a ton to learn. So here we are writing this info letter.

Idea & Execution

As I read through the topics I try to implement the technical and organizational aspects of the module in order to practically execute what I just learned. In this way I will understand and not just memorize what I have just read. This will help me to improve the ways I think about cyber security and also directly influences the methods I use to effectively manage my environments.

The way I design the course of my implementation is practically given. I decided to keep the exact order as my school. This way I will not have any initial difficulties at least if I can't complete the whole self-study course. Everything I learn will be documented on this website. If I ever need knowledge about specific topics, I know where to search. Yes, I know... As soon as I need to consult the great and wise oracle called docs.buerge.io, the information and techniques I provided will most certainly be deprecated. But guess what! The whole purpose of this site is to constantly document my knowledge and experience. So yes, I will update my posts from time to time.

Preventive system protection
Continuously monitoring threats
Analyse threats and prepare information
Detect vulnerabilities
Patch vulnerabilities
Methods of deception
Advisory of stakeholders
Train stakeholders

Detect security incidents
Analyze and interpret data
Triangulate security incidents
Document security incidents
Monitor the handling of a security incident

Manage security incidents
Implement immediate measures
Save evidence
Define and implement detective measures
Support system recovery

Plan and implement security solutions
Define systems and specify requirements
Check feasibility and effectiveness
Perform evaluation
Complete sub-project
Leading the team

Not all topics are directly applicable to my situation as I am doing this alone. However, I try to do it as realistically as possible. Even if this means I have to train my mom because she's a stakeholder or document my 5 port switch under my desk.
By the way: I will probably host a CTF with a 200.- worth of Ether for the "Detect vulnerabilities" module.

Sooo that's it I guess. Nothing more valuable to add. Thanks for coming to my ted talk.

Last modified: September 19, 2020

Author

Comments

Write a Reply or Comment

Your email address will not be published.