Learning Outcome 3: Security Engineer

Download the complete set of exercises from the body of knowledge

How did You obtain Body of Knowledge about the involved subjects?

Security Engineer is the third learning outcome and the first chapter that includes practical exercises from the defending side of the cyber security spectrum. It is focused on creating a complex network throughout multiple BoK documents. In the end, it contains a firewall, intrusion detection systems, and a web server. Phase 2 of the project is also part of this learning outcome. At this point in time, the project is at a very advanced stage and it will be finished very soon. I acquired the necessary knowledge by studying the subjects required to do the BoK documents for this learning outcome. I have put my knowledge into practice by making the BoK documents and doing my tasks for the phase 2 project.

How did you apply your skills in the project?

This learning outcome also consists of phase 2 of the group project, completely unrelated to phases 0 and 1. This gave us the chance to a fresh start after the unfortunate set of incidents. At the moment, the project is at a very advanced stage and things have been going very well. All the team members are heavily involved and we all learned from the previous mistakes. We need to create and monitor a nework consisting of a gateway, a LoRa device, and a UI. I am assigned with working on the monitoring side and the UI creation.

What have you learned considering this Learning Outcome?

I had no previous experience with such advanced ways of system defense. After completing the BoK exercises, I learned to create a network containg a pfSense firewall, the Suricata package for intrusion detection, a virtual private network, and a web server. Everything I did throughout this learning outcome is brand new for me, so I had to take my time and learn the concepts first.

What are you proud of?

I am proud of what I achieved with something I had no experience on in such a short time. This has never happened before at such a quick pace and I am glad that I managed to fulfill the tasks. I dod not have as much time as I had with the Ethical Hacker learning outcome, and it was more difficult this time, but I still managed to finish the BoK exercises and understand the concepts behind what I have been doing. Because it took a relatively long time to finish the firewall BoK, there was little time to finish the rest. As a consequence, I adopted a new tactic, which meant starting and working on multiple documents at once. This resulted in many days without completed documents, but after a period of time, I would finish between 1 and 3 documents in a single day. This way, I was able to finish the BoK in a much shorter time than normal.

Which aspects do you want to develop further?

I want do develop further into the network creation, because almost all the exercise were dependent on the second exercise being complete. That is the exercise I worked most on and it took a lot of time, hence the inability to skip forward to other related documents.

What will you do differently next time?

I will take a closer look at each exercise and list exactly what I need to provide. This way, I would detect a troublesome BoK, such as the firewall one, and fully focus on it in order to finish it quicker. That way, I would have gained access to the rest of the Security Engineer documents much sooner.

What grade would you give yourself on the corresponding Learning Outcome?

This time, the project has been a success, and with the BoK work that I have submitted, along with the contribution to the project, S would be a fair grade.