Author: André Henriques
-
Day 39
So today we had the Threat Intelligence assessment and I was actually surprised to see that I had no wrong answers. After that we were finally introduced to one of the last materials – Python! I tried to learn a bit of python before the bootcamp but I didn’t get very far so even the…
-
Day 38
Today I felt my head was in the right place but I did had to make an effort for it to happen. I focused on the material and I got to do some CTF challenges with the CTF gang. I got to use the Elastic Stack again today and I was surprised because now I…
-
Day 37
We started the day with a quick Kahoot revision session before jumping into new material. I also went over a recap of Threat Intelligence and its classifications to solidify what we’ve covered so far. Later, I completed the Threat Intelligence for SOC lab but to be honest, I wasn’t fully present. It just wasn’t one…
-
Day 36
We started with the risk management assessment and it was my worst assessment yet, with two answers wrong. A bit upsetting but something to work on for next week’s final assessment.This week will be focused on threat intelligence. Threat Intelligence is evidence-based knowledge about adversaries, including their indicators, tactics, motivations, and actionable advice against them.This…
-
Day 35
Today was the best day of the week. We kicked things off with a hands-on phishing simulation, and in the afternoon, I joined the CTF gang for some fun challenges. I learned how to use GoPhish by only filling some forms with: Creating a sending profile Setting up a landing page (including credential capture) Designing…
-
Day 34
Again, not one of my favourite days. This week, we’re diving into security engineering, and the focus today was on governance, compliance, and threat modelling. Not the most thrilling material for me personally, but it’s important for the Security+ exam, and that’s keeping me motivated. I learned to distinguish some terms like: Governance: The overall…
-
Day 33
I’m gonna be honest, today’s materials were not my favourites. Risk management was fine and it actually feels important but using Openvaas just didn’t click. We talked about some few terms like: threat vulnerability, asset, risk, and risk management.Then, about the NIST SP 800-30 and the four steps: Frame RiskSet the context in which all…
-
Day 32
Today was all about security hardening across different systems like Linux, Windows, networks, and Active Directory. I started with Linux by reviewing iptables and learning about nftables.In simple terms, nftables is a modern replacement for iptables that simplifies firewall configuration and improves performance. I also learned about safer ways to manage administrative access. Instead of…
-
Day 31
We kicked off the day with a news segment and a quick Kahoot to review ethical hacking concepts. After that warm-up, we dove into Security Engineering. The first lab was mostly theory and an introduction to the role of a security engineer. We covered core responsibilities, asset inventory, security policies, the “secure by design” principle,…
-
Day 30
Today was really cool. We did the Mr Robot CTF challenge today and by the end of the day Kevin gave us more challenges to do. The lab only asks for three keys and doesn’t provide any info. So, First thing I did was an nmap scan.Since ports 80,443 are opened, I opened a browser…
