Mentor Assessment #2

Date: 2/18/20

Mentor: Greg Givens

Analysis:

Over the past two months, my mentor has introduced me to various hands-on activities.
For example, he showed me a software called Kali Linux in November. This software is an
excellent tool for learning more about penetration testing and the fundamental ways that hackers
can take over another system. In this application, there are numerous problems that people can
try, but I started out with one of the most basic challenges. This challenge was in fact quite
foreign to me at first, but with the help of my mentor, I was able to gain a better understanding of
Linux commands and port management, which are things that Cybersecurity professionals are
expected to handle on a daily basis. Furthermore, it opened me up to one of the fields within
Cybersecurity: penetration testing/ethical hacking. The primary role of penetration testers is to
try to break into the company’s system and report those security flaws so that they can be fixed.
Penetration testing is known for being a really good entry-level job as well. Although I do not
know yet whether I want to enter into this particular field, doing challenges on Kali Linux with
my mentor has significantly increased my interest and knowledge about it.

Additionally, Mr. Givens has shown me some of the tasks that he does on a regular basis.
This includes using a SIEM (Security Information and Event Management) to receive alerts and
detect possible brute force attacks and insider threats. Furthermore, if any suspicious activity or
attack occurs, he tries to identify what exactly is happening and contacts the network or firewall
administrator to block the attack using preventative measures. Lastly, he makes sure to maintain
strong security policies so that attackers have no chance at entering the organization’s internal
network devices.

Moreover, this year, I am competing in the BPA Computer Security individual event, and
the state competition is coming up in a few weeks. Thus, during our last meeting, my mentor and
I decided to spend some time preparing for this competition. At first, we went over one of the
past regional tests and I clarified some of my doubts regarding a few questions. Additionally, in
the state competition, there is a hands-on component in the finals round (which is new this year),
and as a result, my mentor and I tried to review some of the tasks that may be given. This
includes creating security policies in a Windows system, managing security certificates,
monitoring security infrastructure, and creating router/access control lists. We will continue to
look at some of these possible hands-on tasks in our future meetings leading up to the state
competition. Since I am also in the Cybersecurity class at the CTE center this year, I have done
several hands-on projects using Windows and Linux virtual machines. I have even competed in
the Cyberpatriot competition, for which I had to complete several hands-on challenges; thus, I
feel quite confident that I will be able to do well if I make it to the hands-on round at the state
competition.

Over the past few conversations, my mentor and I were also able to make a plan/agenda
for our next few mentor meetings. For example, we were able to decide that we would focus on
the theoretical component of Cybersecurity next meeting by going through a list of questions,
work on the SIEM/scanning the next week, and work on SIEM/firewall in the week after that.
Additionally, in my Original Work calendar, I mentioned that I will start learning about web
development by the end of this month, so if I need any help with that, my mentor said that he
would more than willing to assist me when we meet. Lastly, something that has been really
interesting to me is the Kali Linux challenge problems. So, after a couple more meetings, I hope
that I can learn more about how to solve difficult problems with the help of my mentor. This is
because Kali Linux has been a really cool tool that not only taught me how people can hack, but
also how people can prevent cyber attacks by taking basic, preventative measures.

To summarize, I feel like my mentor and I are making really great progress. Over the
course of the meetings, we have covered the basics of being a Cybersecurity professional, some
hands-on activities, and the theoretical foundation that is necessary to succeed in the field.
Furthermore, I have learned a good deal about securing a network and I have been able to obtain
great assistance when preparing for my individual and team events for BPA. Lastly, I have also
learned about the importance of professionalism and communication within the field of
Cybersecurity. For instance, my mentor stated that in this field, it is often important to justify
strict security policies to other IT departments and administrators. Thus, I feel like joining ISM
has been very helpful in this particular aspect. Overall, while I have not started my Original
Work yet, I hope to learn about web development soon so that I can create something that my
mentor and I can be proud of by the end of this school year.