Recently I have found myself at a crossroads of where I see myself in 5 years, 10 years, etc. Family-wise I see my family growing, and my children going to school, and learning, but when it comes to my career I have to wonder where I will be, who I will be, and is it worth it. I feel this is normal for most people, whether it’s specializing inside one's career field or changing completely. Does this feeling start from a wrong choice and a recent realization? Does it come from a need for change? Does it come from a mixture of both?
I have always been interested in computers. Whether building them, learning the newest technologies, learning different applications or uses for computers, or just the curiosity of what's next. I remember being in junior high school, around the age of 12, and I really wanted my mom to buy a computer. I had been researching them, figuring out what exactly I wanted. I would buy magazines and read articles of the newest processors, Intel or AMD?, who was going to be the better choice. I never could find prices, and retail stores at that time did not have a huge selection or trained sales staff to answer my questions. Heck, I was 12, no one wanted to listen to a kid who didn't have the money to buy this newer technology. So I decided to call Gateway, which should date this a little bit. I spoke to a salesman on the phone designing all aspects of the computer I wanted. I asked questions, learned new options coming out, and ultimately we developed a good state-of-the-art desktop computer. The salesperson then said, "Well lets get this computer built for you, how do you want to finance this?" I told him I would need to ask my mom before I went further. He was shocked. He asked how old I was, and told me that I knew more information on the computers he sold then most of his current colleagues. We did not end up getting the computer I built, but my mom finally caved and we did buy a computer from Gateway.
This passion has always been there, to use technology. Throughout the years I have had a Nintendo, Super NES, Playstation, Playstation 2, Xbox, and Xbox One. I have built my own desktop from parts to PC, had the opportunity to work as a 2D CAD operator in a production setting, and even dabbled in some animation/graphics applications for game modifications.
I took the route of my childhood dream, and became a Police Officer. I have had wonderful moments working with all types of people, in all types of situations. I have also had sad moments, moments of hardship, grief, and loss. I have achieved several accomplishments as a Police Officer, but sometimes fall short in goals that I would like to achieve.
I have taken education, whether formal or informal, seriously. Learning new ideas, paths, problem solving, etc. to help further yourself. I wanted to figure out a way to combine both serving as a Police Officer and working with computers together, and this led me to start working on my Bachelors of Science for Computer Science. I have started by learning C++ and C# languages. These two alone have made me excited again, and feel as if I have direction and drive, motivating me to push my knowledge and skills.
Although the path is only beginning, I feel that with advice from others in my field, and my eagerness to learn, and absorb information, I will reach my goal. What this means for me, only time can tell. Stay tuned for more....
I have found that so far Java lines up with other languages I have already started learning like Python and C#, or should I say they line up with Java. Either way most of the operands, method calls, even most of the syntax is the same throughout these languages. This has made it easier for me to be able to work through each lesson in ZYBooks rather easily. However, some major differences I have come across that I do not like about Java are the print function [System.out.print(“Written words here.”);]. This in text intensive for today’s languages i.e. Python [print(“Written words here.”)]. I know that each language will have its positives and negatives, but these are the areas I have started seeing where I might struggle.
Today while working on a lab where I had to call a method and use certain variables, I ran across an error message. Now this doesn’t sound unusual being that I am a beginner programmer, but the problem was I could not figure out what exactly it was telling me was wrong. It did not indicate with an arrow to the specific space I had mistyped. I started trouble shooting and thought maybe I had called a method wrong. I have written very similar statements in Python, calling multiple methods inside them, but for the life of me I could not figure out what was going on. The top part of the error stated, “could not find symbol”. The first thing I thought of was, of course, the semi-colon, but it was there. I almost gave up and started to look for answers, post in forums, discussions, etc. when I looked at the variable that had been defined for me, one last time. That’s when it hit me. I had misspelled the variable name, and it was trying to tell me that the variable I was typing had not been defined yet. I can see with time I will start to understand this language, but I don’t feel myself utilizing this language much beyond this class, as I already see it as a dying language.
Today I completed the following Pseudocode and JAVA file for IT145:
I was surprised at how easy both parts of this came to me. I have been creating enough Python code that I knew how I wanted things ordered logically and was able to retain the information from the JAVA lessons to be able to type most of this code. The only thing I did have to look up was how to set up the code...public class….Scanner, etc. The rest was typing it all out. Although I don’t like having to add the comments, I can see how this is a big help, because even when I look back on some of my other projects from Python, I can’t remember what I was thinking at the time I was writing the code.
I need to get NetBeans IDE on my laptop to help speed up my creation of code. I still don’t complete understand how the build project, or any of the full function of how I create a program I can send to someone else to test. However, I do feel confident in writing the code and the script file. So far, these two classes haven’t been overly hard just time taxing. Lots of lessons in both, and assignments make me go back and forth. I’m excited to see where the future leads.
We are working through the course work for Chapter 3 in ZYBooks: If-Statements. IF-Statements are almost written exactly how we talk in the English language. (Ex. If you have 5 apples, then add them to the total number of fruits you have in the store.) This makes it extremely easy to sperate out each line of code and know exactly what to expect. I did learn about he Switch statement, very impressive and a time saver. It was interesting learning about the Java order of operands (operations). I am still a math guy who likes to overdo it with parenthesis to ensure I have entered everything correctly. This isn’t a bad thing but can be very time consuming if you lose which closed parenthesis goes with which open one. Utilizing the operators more will help solidify this section.
So far, no major concerns have come up. I enjoy coding; however, I am still not keen on Java. Java has its usefulness in certain applications. I don’t feel it is a waste of time to learn Java though, because I am coding, which is always a good thing. Due to Java’s nuances it is making me review my code more to ensure it is correct. In my previous education of coding, I have read about commenting sections of code, but never really implemented it. Since being required to comment code, I am enjoying being able to look back quickly and know what I was trying to accomplish, and make quick edits to the code to repair, add, or subtract ideas. When I look at the final project, Option 1, I see a direct correlation to IF-Statements. If the user has three failed attempts at the password, lock the account.
For awhile I have felt that I am just learning the instructions but not fully absorbing the information. Today I saw a post on a Facebook group for Python coding about someone needing help with their code not running a function. Within 5 seconds of observing their code I saw that they were calling a function, and then defining that specific function. I told the guy to move the function definition above the call, and it worked. I felt excited that I was able to see the problem, know the solution, and help fix the problem quickly. So maybe this stuff is taking hold. I truly do love learning new languages and coding, however I do want to focus on one or two specifically and be able to dive deep into those.
This week we learned about while and for loops in Java. I enjoyed see how simple the syntax was in regard to a for loop [ex. for(i=0; i<=j; ++i)]. I have come to realize that the concepts of creating code are the same. Furthermore, that I am understanding how to read them easier, and then ultimately implement them into my code. I was able to do some of the participation activities by writing the code once, and only changing minor syntax errors. This tells me that the ideas and concepts are setting in. I am looking forward to diving deeper into Object-Oriented Programming to utilize in my code and programs.
While and For loops will help in the final project by allowing the continued prompt for the correct password (while loop) and only allowing it to prompt a set number of times (for loop). With each week I feel the logic of the concepts of programming concreting themselves into my brain.
This week we are working on input and output or I/O Streams. From what I can understand these are ways to tell the computer to either read a document (parse a file) and extract specific items, applying them to variables; or to take user input and parse the input for data. This is like lists and arrays, meaning you can go through a String and pick out key words, phrases, or characters and assign them to new variables to easily provide checks (in while and if statements) or create new strings associated to the new variables. I am having a problem truly understand the difference in Input String Stream (inSS) and StringWriter() and PrintWriter().
What I do know is this:
What I don’t know is:
The final project Option 1: requests you have the user enter their username and password. The program then needs to read a text file and compare those user entries to the file entries to see if one matches. If not prompt them again for correct credentials. If creds are in said file. Then close creds file, and open new file with the correct file for the correct user access (three levels of access = three files). Prompt user for entry of logout if true close authorized file and prompt for new login. In the file project I will be using at least inSS and FileStream to check each file for the correct variable.
So, it’s been awhile since I have sat down to write a blog entry. I have had grand gestures to make this a journey of my learning experience with programming and cybersecurity. To catch everyone up on my journey, I am currently in my senior year at SNHU online in the BS of Computer Science. I do not have a concentration but have taken elective courses and participated in two seasons of National Cyber League CTF competition. I am leading my Computer Science degree into the cybersecurity direction. Additionally, if don’t already know, I am the found and co-host of Off The Rails Cybersecurity Podcast. I have made plans to continue my education onto my master’s degree in Cybersecurity, either at SNHU or moving over to Georgia Tech’s Master’s of Cybersecurity online. I haven’t completely decided, and I love SNHU since I started back in 2017.
I am currently taking two courses that I have been waiting to take: Software Reverse Engineering and Network & Telecom Management (utilizing the TestOut Network Pro learning environment). The Network course is equivalent to the Comptia Network+ certification course. During the past two season of NCL I have learned a tremendous amount of information on networking and even disassembling other programs. During the network course I have clearified so much information that I only knew bits and pieces, such as the OSI Model, common protocols and their meaning, and IP addresses. The most exciting part is learning assembly code and disassembly binary files to determine how programs are compiled into machine language. This comes with learning different debuggers, but mainly GDB the GNU decompiler. I have fell in love with reverse engineering. I love the idea of taking someone else’s program and much like code reviews determining how the program works, what the methods are calling, but further into it determining how to either exploit the code to fix it or expose a possible exploit to a program’s organization. This would also lead to malware analysis and even possible penetration testing of organizations. I additionally I am leading a CompTia Sec+ study group and take my certification test in Jan or Feb of 2020. This will assure I have the knowledge to help in my new career field after graduation.
Overall, I’m excited to within half a year away from graduating with my BS in Computer Science, TestOut Network Pro Certification, CompTIA Sec+ cert, and four seasons of NCL CTF ethical hacking competitions under my belt. All of this has opened my eyes to a new area (or unknown to my passion) of technology. It’s the perfect combination of my 10 years of law enforcement knowledge and my technology passion. Through my studies I have learned that I have a great passion for cryptology and encryption systems and have set a goal to create a new highly effective encryption system before I retire. I have been actively seeking new employment in the software development/cyber security development and analyst aspect and hope to be working in the industry before or as I graduate. I have many plans to continue my own education and eventually, after finishing my degree, help teach others in this new arena. I want to gain more certifications and attend or even speak at conferences.
Identify a minimum of two attributes needed to perform the network functions. You must include a summary of each attribute and the reason you chose the attribute. You are highly encouraged to provide examples to better support your reasoning.
In this computer era of the world, networking is the backbone of all businesses and even personal life. Something as simple as pulling up Google on your cell phone to building out a data center, networking completes the links and brings everything together. For this discussion I chose the Financial Sector as I am currently working in this area. For my two attributes I thought about what would cause the bank to fail and disrupt consumers financial needs the most. Would this be something as simple as not being able to login into the Bank App? Would this be that the bank networking routes were not connected? There are several key areas to dive into but I have chosen, availability and quantity of connections, and protection of access to the network.
If a costumer cannot access their money they are going to be less likely to have trust in a bank and therefore no longer be a costumer. Pretty simple, right? When it comes to computer networks a costumer must have access to the system, after verification of their identity, at anytime and by multiple ways. This comes down to either speed, availability, or quantity of connections. Although speed of connection doesn't really factor too much into the financial world because mass amounts of data aren't being transferred by all connections 24/7, it does however, matter when you want your money.
What matters the most is connection availability and the amount, or quantity, of network connections available. This can be accomplished in many ways but mainly the more gates open the more people can access the info. However, a handy device called a load balancer, helps to stream line the flow. A load balancer knows what areas the inbound traffic need to get to but spreads the packets across multiple paths to help keep the system from becoming overwhelmed with too many requests, (this could lead to a Denial of Service [DoS] issue) or as used during an attack a Direct Denial of Service (DDoS). Multiple servers must be available with the data being requested and multiple switches help connect all of the components to the correct location.
Now that we have the connectivity to our new financial network, we need to think of how do we know who can access this network and what areas they can access, that comes to the secure part.
As we should all know at this level, nothing is ever 100% secure. It does not matter how much money you throw at it, how many employees you have monitoring/working on it, or how smart those employed are. Somebody, somewhere can find a way to beat your system. The best way to accomplish the closest thing to perfectly secure is to make it not worth the attackers time. Well, we chose the banking industry, good luck. Nope we can still make sure our data, our customer's data, and our client's data is secure. This part is meant to be a BRIEF overview and does not entail all details of a secure system.
First we need to block all unauthorized connections. These are connections that are not supposed to have access, or may have not authenticated to our network properly. They could range from known blacklisted IP addresses, foreign countries that have been banned from business interests, or possible multiple connections from the same location sent back-to-back (maybe a directed attack). We can achieve most of what we want with a Firewall device (or software). A Firewall is just that a big device we set on fire...oh wait nope that's not it. A Firewall is simply a device were we can set rules to allow only certain connections into the network. This typically sits outward facing at the front of the network entrance. Typically Firewalls, will push bad connections to a IPS/IDS (Intrusion Protection System/Intrusion Detection System) that will analyze the connections information for possible known bad actor connections. Additionally, we can have more than one Firewall, say around a sensitive data-store server.
Ultimately, the goal is to provide the most available and timely secure connections, while stopping the small stuff and derailing the big attacks until the network guys can pull the kill switch, right....? I jest but networking can become complex and with its on nomenclature, it can feel like a foreign language. Once you crack the surface though, networking is the key to cybersecurity and can become a vast connection to anywhere in the system and beyond...no seriously that's why they call it the internet (inter-connected network).
Identify one of the layers within this model and provide a summary of how it functions within a network of that industry. In your main post, explain why that layer is essential to the architecture configuration of the network.
The OSI Model is a series of layers that divide the actions of all network transactions when packets are sent and received. Each layer 1 thru 7 builds on the other to develop a packet of data. Sometimes an industry can maintain all layers and other times some layers are sourced from a third party. You use these layers at home, as well.
In the financial industry, almost every layer down to the physical layer is maintained, depending on the financial institution. For this discussion, I will focus on the network layer (3), as it is the key to connections between all other parts of the system and the pivot area in the OSI Model. The network layer is defined "like the TCP/IP network (Internet) layer, this layer defines logical addressing, routing (forwarding), and the routing protocols used to learn routes." An easy way to remember the network layer is by internet protocol address, most commonly known as IP address. The IP address is a positional address that tells other computers who you are and where you are at when sending data or connecting to other networks.
In the financial industry, there are internal networks (intranet) and external networks (internet). When processing a payment from a client the bank teller receives the money from the external client into the internal network. This payment is then passed to a savings location internally. Maybe a message is sent to another department inside the bank to notify them that the payment has been received and to update the client's account. Additionally, if the bank is used as a payment system for another company, then the bank will then package the data (minus their processing fees) and send the money to the company using the bank. The network layer manages all of this routing both internal and external. The IP address is used to verify that the data is coming from a trusted source (whitelist or blacklist in firewalls, on the Transport layer (4).
Every network will have some form of addressing and will ultimately need the network layer of the OSI Model. There are multiple forms of the protocols in the network layer but the main ones to know are IPv4 and IPv6.
Consider an example of a real-word company, whether it be from your own work experience or even a business you may shop through (e.g., Amazon). Evaluate your knowledge of that company and discuss the following items:
Network architecture is the concept and equipment surrounding a company/institution 's infrastructure. Network architecture can be cloud-based (remote-based equipment) or on-premise (on-prem). The difference is typically tied to cost and/or employment capabilities. The equipment surrounding network architecture include, but are not limited to:
When we discuss the difference between cloud and on-prem, are only referring to the location the physical equipment is located (sometimes we are referring to the ownership of that equipment as well). For this discussion we will be discussing the network architecture of the communication platform Discord.
Discord is a voice, text chat room/message, and video communication company. Discord hosts servers across the globe for clients to utilize in communicating with friends, co-workers, or even fans. Discord is widely used in the game and podcast streaming industries as it allows several people to group together to chat about a topic in real-time. Unfortunately, I was unable to find any documentation on what type of network architecture Discord uses. Since Discord is a type of IRC, internet relay chat, we will discuss briefly how that works in a network.
"IRC follows client-server model. It means that both client and server software is required in order to use it. GeeksForGeeks When you, "the client" connect through software, to the server, you are able to send text messages to the server on a channel. This server then forwards the message to another server or allows another user to access and read the message. That user then replies with text and it is sent back to the server(s) through the channel where you can then read the reply message. This just one type of communication that Discord provides. Others include instant messaging and video communication. Ultimately, the client is issued access a server and connects to the server channel before sending and receiving messages from other clients who have access to the same server.
In this infrastructure the network would consist of (at minimum) a gateway, switch, load balancer and server endpoint all connected via communication cabling. Although, the networking is unknown of Discord we can assume that each of these exist in the network architecture. Each component has its own weaknesses but few would include:
Personally I have used Discord for over a year now with the Off The Rails Cybersecuity Podcast to communicate privately with my team and record shows as well as playing games with other players. Although my experience with Discord has been majorly pleasant, it has also not been great. I have had servers disconnect or go down, low connection issues, and account access issues. Discord has implemented the ability to change servers to a closer server to you, however, it can cause interruptions in streaming or recording of communication. Discord has had a history, being that is freeware (free to use software) with ideological groups, illegal activity groups, and abusive or harmful communication rooms. Discord has tried to mitigate these issues as the arise, but like any other freeware that works and works well, there will be groups that use it for nefarious purposes. Discord and other similar programs (Skype, Zoom, Google Hangouts, etc.) are great for communicating with people you may not ever have the opportunity to normally.
Network architecture makes up a wide area of concentration in the IT (information technology) space. Network operation centers exist as standalone business used by companies or as an integrated solution inside the company. Network operations centers are operated by network engineers and analysts that maintain the system hardware and mitigate problems before, during, and after they arrive. Due the increase of demand and the need for 24/7 global coverage network operations centers are manned around the clock. The need for constant and quick communication is vital to any business' plan and growth.
A local entrepreneur plans to open a retail business. The business owner needs to develop the right network to conduct a number of business functions including implementing email marketing and e-commerce, processing credit card transactions, ordering from and communicating with various supply chain vendors, and providing a variety of telecommunications functions to compete with similar businesses. The business owner is unsure about the network architecture needed to perform these functions and does not have an unlimited budget like the larger retailers do.
For this discussion, assume the role of a network architect and develop three suggestions for building an internal network capable of performing these functions. In your main post, list the suggestions and rationale that supports your recommendations. Be sure you address which network capability or capabilities your recommendation will fulfill.
As a small business owner, tapping into an online audience is essential to expand your footprint and provide an additional revenue stream. Additionally, being about to maintain this network infrastructure can eat up a substantial part of your budget. Although, this can be scary, when you're unfamiliar with the space, with a little knowledge you will be able to easily maintain each system and keep the security of your customer's data and company data secure. The following three suggestions are not all-encompassing and can be expanded as your business grows.
When budgeting is an issue and capacity is limited at first but needs to be expandable as your customer base expands I would highly recommend looking at a cloud-native solution. With the cloud, you will be able to expand and condense sections or the entire network footprint as necessary. We will start with (4) main servers: web server, customer data, inventory data, and transactional data. This will help your team quickly analyze data, as well as market-based on various demographics. This additional keeps all information for any outside (third-party) vendors separate and secure. Will add a consumer graphical user interface with an employee user portal. Each will have its own gateway to prevent cross-traffic with a virtual private cloud (VPC) surrounding your servers. The web server will sit outside this VPC to accept all web traffic and only transfer data to and from the internal network as necessary. We will contract to a third-party to process transactional purchases through a virtual private network (VPN) tunnel from the VPC. This will allow us to store the relevant customer data for internal business purposes, while maintaining the separation of financial information with the customer. We will create an inventory stock dataset to pull from as well as communicate with our vendors for both marketing campaigns and product line enhancements. We will implement a firewall in front of the webserver as well as behind the webserver. This will limit inbound traffic to the webserver that is only necessary and then help us only allow connections from the web server and vendor domains for access to the internal network. A load balancer will be applied on only the external firewall to help spread out the load when necessary. The cloud provider will help with vulnerability management due to having the most up-to-date software for all of the virtual appliances. To assure resiliency on the network we will add pre-built servers (turned off) to ensure back-up with updates or the event of needed extended services. Utilizing Office 365 suite of products and teams, we will be able to provide email services and meeting connectivity for all employees. This last recommendation is not necessary at first but should be implemented as soon as possible, DLP SSL decryption. Data Loss Prevention (DLP) over Secure Socket Layer (SSL) aka HTTPS traffic is key to preventing what data leaves the business and helps add a layer of protection for consumers. DLP can be easily added using a cloud-native solution on all outbound traffic, at any time.
This would be the simplest and most cost-effective way to build the network that is needed, lower employee cost for IT/Network maintenance, and allow for expansion as necessary. All employees will be able to access the network anywhere via a PC and will be able to work from anywhere. This has been proven to be one of the best benefits to employment hiring and retention while limiting the unnecessary need for large offices or floor space, that can add greatly to the budget.