Week 08 Posting - Insight for my Milestone Assignment.

 This week's chapter was exactly what I needed to help me find more information about my chosen topic for my milestone research paper. Many of the resources I found and have been using have been discussing individual settings for user account controls and maintaining security on a personal level. A ton of information has been going in-depth down into individual settings to increase security, but I found nothing about network-wide settings for managing user accounts on the group scale and allowing specified groups of employees to access parts of the network that others shouldn't. This can be done in groups, as opposed to managing each employee one at a time. So much goes into even making sure an upstanding employee won't be able to gain access or accidentally delete crucial system data by entering parts of the network they have no reason to be in. Forgetting that network security means more than trying to prevent malicious hackers, externally or internally, can be fatal. Sometimes, a wrong click on the wrong folder can lead an employee down a rabbit hole of files they have no reason to access, which can lead to devastating consequences depending on the data's sensitivity.

Week 07 Posting - CDP is still confusing.

From what I can understand, the book shows you the commands, how to bring up the CDP information, and the different information you can bring up. The only thing I get confused about is the depth of everything explained in chapter 12. There is so much information regarding how the router, switch, and hosts connect and how to look those up, but I have never set up a network before, and seeing the graphs doesn't explain anything to me. I've also been watching videos explaining the topic, but I keep running into the same problem. I understand it is Cisco, and they assume you have a base level of knowledge coming into this, but I am an absolute beginner learning as I go. So I can understand how the network is laid out, but I don't understand the interface and what they see after entering the sh cdp command. All it does is explain how to bring it up, but I still have trouble reading it as if I wanted to use that information to troubleshoot something. More time and exposure will help me, but going straight into the chapter was rough, unlike the previous chapters. This one is something I'll need to watch many YouTube videos to understand.

Week 06 Posting - HSMs

 Since this degree is my first introduction to the security measures, methods, hardware, and software used for hardening networks, I never heard of Hardware Security Modules before. I had no idea there was a security method where you could store the cryptographic keys on a device totally separated from the network itself. That way, in case the network gets hacked, the hackers would still not be able to get the keys required to decrypt the stolen data. Even if they had scoured the entire network from top to bottom for the keys, they would have had no luck since the keys are stored on a device that is removed and isolated from the network. I wonder if using an HSM and getting hacked means you can change the keys for the entire network again, making the network's security much harder to get into since a new key is now required. Do cryptocurrency wallets work similarly since you can buy a separate currency storage device? HSMs enamor me, and I would love to see them in use in person.

Week 05 Posting - AI assisting in network security.

 Learning about methods to ensure critical software is running at full capacity, I came across AI. AI is used to assist security admins in running long and monotonous tasks. Whenever new software is being used, or an update rolls out for existing software, network admins have a suite of AI-assisted tools and programs that can run complete tests and scans over the entire network to see if any vulnerabilities exist. They can make them brute force attack the network or the selected software to see if they can find some sort of backdoor into the network. Then, once the tests are complete, the data is logged into whatever software they use to examine the results of these tests. I knew about the fear of AI being used to crack into systems, but it was great to learn about AI being used to harden them, too. AI is such a blessing and a curse.