Learning Outcome 2: Risk Consultant
Download the complete set of exercises from the body of knowledge
How did You obtain Body of Knowledge about the involved subjects?
Risk Consultant is the second learning outcome and it is the shortest one both in terms of BoK documents, as well as in terms of length, containg 2 documents that needed to be finished in 3 weeks. Both of them are focused on theory and do not involve practical exercises. I practiced this subject by doing research for my company X, in this case DartsMasters, the imaginary company that I used in the individual project from semester 3. How did you apply your skills in the project?
This learning outcome would come in at a latter stage of phase 1 of the project, phase we did not reach due to the company having completely and suddenly stop any form of communication with us. However, we have demonstrated our capabilities by creating the body of knowledge documents and being prepared to create such a document if and when the penetration test had completely finished. For the Ethical Hacker learning outcome, we were ready to perform several kinds of attacks, and even assigned time slots and people to them. Naturally, the next part of the documentation for the project would be the risk analysis, which all of us had already done individually before we planned to do it for the project. What have you learned considering this Learning Outcome?
I have learned how to properly do risk analysis documentation and what such documents should contain. I have learned the risk level of each threat more into detail and learned what to prioritize in case of an attack. What are you proud of?
I am proud that I have taken each learning outcome very seriously, despite some of them being shorter, as was the case for this one, as well as the fact that this learning outcome is solely focused on documentation. I have treated the Risk Consultant part of this learning outcome as seriously as any other. I have taken my time creating these documents in order to give them the required attention. Which aspects do you want to develop further?
Of course, these documents could be even more complex. I would have liked to use the company from the group project as a main topic, and that would surely have helped me develop this chapter even more. What will you do differently next time?
My work with this learning outcome has been slightly delayed because I wanted the company X inside the documents to be the one me and my project teammates were working on. It was only after the cancellation when I truly started working on the documents and used a different company X, an imaginary one. In the future, I will get started right away with an imaginary company and proceed with the actual one later on, if things materialize. What grade would you give yourself on the corresponding Learning Outcome?
Even though me and my team could not reach this stage of the project, all of us have shown that we have acquired the necessary body of knowledge. This chapter is completed by all of us. Therefore, I would thinkg that S is a fair grade.