Critical Thinking Skill Overview
Critical thinking is the skill of analyzing relevant information and make decision properly guide relevant actions. Having the proper critical thinking skills is necessary to be able to adapt to situations and respond accordingly for relevant cybersecurity tasks which is fundamental to excelling in the field of cybersecurity.
Artifact 1
Artifact 1 is the first reflection paper detailing the various experiences I had during an internship and how I made use of my critical thinking skills to properly respond to the situation at hand to assist the organization.
Parker Fitch
Reflection Paper #1
LifeNet Health Internship Reflection
One of the main and initial objectives for my internship at LifeNet Health is the management and implementation of extended internal endpoint scanning to check the systems for vulnerabilities and utilize that information to improve the systems overall security. This was done by collaborating with the information system team that I am a part of and obtaining the correct information and guidelines for which I started creating scanning schedules for the new assets within their scanning platform. After collaborating with the information system team and obtaining the proper information and guidelines I inserted the information into a spreadsheet, ran some logistics and figured out time periods that would work for the scans based on the pre existing scans as well as topologic information and other variables such as asset count.
I then created the actual scanning schedules on the scanning platform and started them up so they would begin running as intended. As time goes on and I have worked on other tasks such as partaking in meetings and preparing for my other tasks at the organization, I have gathered information from the scans and used this information to advise the team on what would best be secured based on assets affected and criticality. After more information was gathered from the initial scans I came up with an adjusted schedule to accommodate for networks with larger asset counts in order to ensure that they had ample time to complete their scans in its entirety as well as obtain better information to pull from later on. The information analysis typically comes down to analyzing patterns and determining which patches or fixes would be best done first based on the number of assets it affects as well as the level of threat for which they present to the systems.
Pictures:
Tek Tools. (2020). SolarWinds Network Performance Monitor (NPM). Tek Tools. https://www.tek-tools.com/network/network-scanning-tools
Sharp. Network Scanner Tool Lite. Sharp. https://global.sharp/products/copier/products/nst_lite/index.html
Artifact 2
Artifact 2 is the second reflection paper detailing the various experiences I had during an internship and how I made use of my critical thinking skills to properly respond to the situation at hand to assist the organization.
Parker Fitch
Reflection Paper #2
LifeNet Health Internship Reflection
One of the objectives of my internship is to work on and implement an intrusion detection system, the implementation that we decided on at my internship was that of an early warning detection system utilizing specialized assets that notify the organization of potential breaches early on. The first step of this process was meeting with the information systems team members and discussing what the best approach would be as well as my role and responsibilities within the implementation of said intrusion detection system. After various meetings discussing specific details on the topic as well as completing other daily tasks, such as monitoring vulnerabilities and analyzing them, we eventually reached a consensus on what to do with the intrusion detection system.
After the important details were decided, I began working on developing templates and methodologies surrounding the intrusion detection system implementation and tested the specific application method we had decided on. Once the templates were created, we had further meetings discussing the specifics of where and how to deploy the intrusion detection system. Thereafter I went through the process alongside other team members to create and deploy the practical solutions as well as tests to verify that the solutions would in practicality work. After verifying that they did indeed work we could then fine tune the rest of the solutions and continue to monitor activity thereafter. While working on this more specific project, the previous project and other daily tasks were also completed.
Pictures:
Spiceworks. (2022). IDS/IPS on an Enterprise Network. Spiceworks.
https://www.spiceworks.com/it-security/network-security/articles/ids-vs-ips/
Liquid Web. (2022). Host Intrusion Detection System (HIDS). Liquid Web.
https://www.liquidweb.com/blog/host-based-intrusion-detection-system/
Artifact 3
Artifact 3 is the third reflection paper detailing the various experiences I had during an internship and how I made use of my critical thinking skills to properly respond to the situation at hand to assist the organization.
Parker Fitch
Reflection Paper #3
LifeNet Health Internship Reflection
Another one of the objectives of my internship was the continued management of the scanning schedules and intrusion detection systems that were implemented and offering improvements upon the original implementation to improve shortcomings and further advance the security pasture of the organization. As such l participated in meetings daily with members of the information systems team to discuss insights and findings from the implementations as well as the data we gathered from those implementations and the testing of them to find potential improvements for each. After discussing it with the team we would regularly identify potential improvements and work to implement them and further monitor the impact of those improvements.
Upon observing the impact, we could then reconvene and discuss whether they were successful or unsuccessful in improving the security posture of the organization. if the improvement was successful, then we kept it as is and looked for further improvements. If the improvement was unsuccessful or had little tong noticeable changes, we had discussions about whether or not to keep it on revert it back as well as looking into the data we had gathered regarding it and looking for potential improvements that we might have missed from the previous data as well as new potential improvements based on the current data. This set of tasks was done alongside other daily tasks and meetings pertaining to other relevant work responsibilities and events.
Pictures:
Research Gate. (2022). Cyber Security Continuous Improvement Process. Research Gate.
https://www.researchgate.net/figure/Cyber-security-continuous-improvement-process_fig2_355663964
Medium. (2021). Cyber Framework Continuous Improvement. Medium.https://eng.lifion.com/nist-cybersecurity-framework-and-kubernetes-770d3df84d6c