Professional Development
Information and technology requires continuous learning and improvement. This is because technology is constantly changing. ​
​
This section is to show my recent completed training, courses, attended events, and more. I do these to expand my knowledge, to refresh myself on certain topics, and to network.​
​Qubes OS Summit '25 - Summit
All about Qubes OS its future, updates, online documentation, and much more
TryHackMe's Pre Security Learning Path - Course
In this course the following was covered with labs and a short quiz at the end of each session.
-
​​offensive security
-
defensive security
-
careers in cyber security.
-
​what is networking
-
intro to lan
-
OSI model
-
packets and frames
-
extending your network
-
DNS in detail
-
HTTP in detail
-
How websites work
-
Putting it all together
-
Linux Fundamentals part 1
-
Linux Fundamentals part 2
-
Linux Fundamentals part 3
-
Windows Fundamentals part 1
-
Windows Fundamentals part 2
-
Windows Fundamentals part 3
My Current TryHackMe Stats - Live Updates
The Future of IT Support:
A Guide to Leveraging AI for Success - Webinar
- Growing optimism about AI's ability to enhance IT operations
- Key challenges, including data privacy, staffing, and integration complexity
- How IT teams and MSPs are preparing for the future of AI
Learning Threat Modeling for Security Professionals - Course
This course covers the four-question framework and the stride model.
​
Four-Question Framework:
- Define what you're working on.
- Discover what can go wrong.
- Decide what to do about it.
- Ensure you've done the right things in the right ways.
STRIDE Model:
- Spoofing
- Tampering
- Repudiation
- Information disclosure
- Denial of service
- Elevation of privilege
Cybersecurity Awareness: Cybersecurity Terminology - Course
This course covers basic terminology and concepts needed in cybersecurity. Some of these topics include:
​
- The purpose of red, blue, and purple teams
- Various adversaries in cybersecurity
- Technical controls like multifactor authentication (MFA)
- Network controls
- Types of technical risks and threat
Threat Modeling: Spoofing In Depth - Course
This course teaches about various types of spoofing, including spoofing of people, machines, file systems, and processes. Authentication and how different authentication factors can be attacked. Threat Modeling Framework and how threat modeling helps in identifying and mitigating spoofing threats, which is crucial for building and defending secure systems.
CompTIA A+ Core 2 - Course
This course was a series of videos that covered a wide variety of topics such as ​troubleshooting operating systems, working with the command-line interface, configuring local and wireless networks. Security awareness like understanding threats, malware, anti-malware strategies, and incident response.
CompTIA Network+ - Training
This course was training for the CompTIA Network+ The course consist of practice test, simulated labs, and a instructor led course.
​
This course covered a wide variety of network concepts, infrastructure, security, troubleshooting, and managing of the network.
Cybersecurity In The Age Of Generative AI - Webinar
This webinar was about how criminals are using AI and ways to protect yourself against those threats.
CompTIA A+ Core 1 - Course
This course was a series of videos that went into detail on understanding computer components, networking essentials, mobile devices, professionalism, safety, virtualization and cloud computing.
Professional Networking - Course
This course went over how to effectively network, build a strong network, and maintain your network connections.
Managing Up - Course
This course went over how to decode a direct report's management style, how to master office politics, and how to effectively promote accomplishments.
Coaching Employees Through Difficult Situations -
Course
This course went over foundations of coaching and different ways of coaching like situational, attitudinal, behavioral, and ongoing coaching.
​
These different coaching styles can help employees improve their work, interpersonal skills, and raise morale.
Breaking Free From Micromanagement - Course
This course taught me how to identify a micro management style. How to effectively communicate with one to get them to change their behavior.
This course also explained how to identify micromanagers that are not wiling to change and how to proceed in various situations.
​Securing Your Home Office - Course
I took this course to see if this could be easily shared with our end users and people close to me.
​
This is a good video to share. There are some topics that I wish was covered. However, this is a great start for teaching end users, family, and friends.
​Qubes OS Summit '24 - Summit
As someone that is a new Qubes user (as of September 2024), I had to join this event virtually.
​
They went over a ton like future plans for GUI, security, and conveniences of life.
​Google Cloud Security For Beginners - Course
I took this course to refresh and update my current knowledge on maintaining security for Google Cloud.
​Marketing Yourself To Maximize Career Opportunities - Course
I took this course to see if there are any ways that I may improve my marketing to enhance my career opportunities.
​How To Talk To Anyone - Course
This course covers how to make good first impressions, effective communication, and professionalism to improve confidence and interactions.
​
This is a great share for users that report to you, family, and friends.
​Introduction To Linux - Course
This course covers the following.​
- Understanding the Linux kernel
- Desktop environments and terminal interfaces.
- Standard tools and file system.
- Choosing and planning a Linux distribution.
- User and system security.
- Building skills and finding help to continue developing Linux knowledge.
​Learning Splunk - Course
This course taught me the basics of Splunk like search, reporting, alerting, and navigating the dashboard.
Securing The IoT: Privacy - Course
​This course covers the following:
​
- Understanding IoT Privacy Risks.
- Standards and Regulations like HIPAA and GDPR that protect privacy and the need for further standards and legislation.
- Securing IoT Devices: methods to select and secure IoT devices to ensure privacy and security.
Disregard the Gift Card - Video
​This video was about gift card scams. How the scammers obtain personal identifiable information and why they use gift cards.
They also cover preventative measures like scrutinize urgent request, do not let seemingly personalized emails fool you, and verifying with people in person to ensure no one is impersonating them.
Juice Jacking - Video
This video explains what juice jacking is and how to avoid it like bringing your charger or battery with you when you travel. They also provide a hypothetical story to further explain the dangers of juice jacking.
Smishing - Video
This video explains what smishing is, how to identify it, and how to avoid it.
This can be done by verifying all text by going directly to the website, not clicking any links, and confirming the company's number that is reaching out to you.
Who Are You - Video
This video is about social media account cloning. What it is, why criminals do it, and how to drastically lower the chances of it happening to you.
​​
Key takeaways.​
- Even if you keep your account private, allowing an unknown person, or a duplicate account, to follow you could lead you or your followers getting scammed.
​
- Private your account and review your social media connections to ensure you know the identities of those who follow you.
Hello - Video
This video shows the dangers of responding to unknown numbers.
​
Key Takeaways.
- Never engage with a wrong number, no matter how harmless it may seem.
- Delete any wrong number texts from numbers you do not recognize. Block to prevent further contact.
- Never install an unverified application.
All Bets Are Off - Video
This video explains what vishing attacks are, provides a real world example, and explains ways to protect yourself.
​
Key Takeaways.
- Don't give out sensitive information.
- Always verify by taking additional steps, such as calling the person back on a trusted line, or speaking to them in person.
- Keep current job information on professional networking sites as generic as possible to protect yourself and your organization.
An Ounce of Prevention - Video
This video is about identity theft and how ways to protect yourself.
Medical Meltdown - Video
This video teaches what credential stuffing is, the dangers of recycling passwords, and the importance of using a secure password manager and multi-factor authentication.
I Can't Believe What I'm Seeing - Video
This video informs how criminals are using deepfakes and how to protect yourself and your organization.
100 Percent Protection - Video
This video teaches how criminals are using MFA bypass.
​
Key takeaway is to always check the URL when logging into your account, even when using MFA.
H2OH NO - Video
This video teaches what a watering hole attack is and how to protect yourself.
​
Key Takeaways.
- Be cautious when interacting with advertisements online. Some may be links to malicious websites.
​
- When on a website, take a look at the URL to confirm that you are at the correct destination.
GIGO Garbage In Garbage Out - Video
Key Takeaways.
- The risks associated with public generative artificial intelligence tools fall into two broad categories: input risk and output risk.
- Public G.A.I input risk lies in the fact that information you use to prompt, upload, or have analyzed may not be kept secure and therefore may be exposed to hackers. Never input sensitive information when working with Public G.A.I
- Public G.A.I output risks lies in the fact that G.A.I information is generated by unknown public sources. Use of G.A.I without scrutiny or oversight can therefore lead to misinformation, miscommunication, and even legal issues.
Roxy Proxy - Video
This video gives an example of fake error messages that is often used by hackers.
​
Key takeaways are
​
- Malicious attacks are on the rise with fake, yet highly convincing, error message pop-ups that trick targets into copying and pasting malicious commands.
​
- Before taking sensitive action, such as copying and pasting a set of commands, verify the action by researching it online.
I've Got Your Number - Video
--------
Porsha - Video
--------
No shortcuts in cybersecurity - Video
Key Takeaways.
- Pay close attention to file types when downloading or opening files.
- Bad actirs can hide malwae and in some cases bypass security filters by using Microsoft .ink files.
- - If you receive a .zip file, it could contain hidden files that you can't see. In file explorer, open the view tab ans select show hidden items.
Nothing Personal - Video
Key Takeaways
- Generative Artificial Intelligence (G.A.I) is being used by bad actors to deliver highly automated, personalized, and sophisticated social engineering attacks.​
- Social engineering is a type of attack that uses psychological and emotional manipulation to trick people into giving away sensitive information or compromising security.​
​- Be aware of common social engineering tactics, including phishing emails with personalized details scraped from social media, as well as urgent request and emotional manipulation.