This week, we took our first steps into the world of Security Information and Event Management (SIEMs). To lay a strong foundation, we dove into various concepts in defensive security, including Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), and Data Loss Prevention (DLP). These concepts help organizations monitor, detect, and prevent security breaches, safeguarding sensitive data from malicious activities.
In addition to these theoretical lessons, I also explored a security awareness lab where I learned an interesting (and somewhat concerning) lesson. While using Have I Been Pwned, I discovered that my oldest email has been part of several data breaches. It was a reminder of the importance of maintaining strong, unique passwords (password manager is highly recommended) and regularly checking for breaches.
The day was filled with a mix of theory and hands-on practice regarding network architecture and security principles. I delved into topics like network segmentation (the practice of dividing a network into segments to control traffic flow and improve security) and zone-pair policies (security rules that define how different network zones can interact with each other).
One of the highlights was learning about the DMZ (Demilitarized Zone). A DMZ is a physical or logical subnetwork that separates an internal network from untrusted external networks, often the internet. I also learned about honeypots – a security resource that appears to be a legitimate part of the network but is actually set up to attract and deceive attackers.
In terms of technical skills, I wrapped up the JavaScript Essentials course by the end of the day. Very productive day!
