Chronicles of My First Semester

Introduction - 

    Greetings everyone!😇 The conclusion of my inaugural semester pursuing a master's degree in cybersecurity at Saint Louis University marks a significant chapter in my academic journey. The experience was a rollercoaster of emotions, filled with various challenges and triumphs. As an international student hailing from India and with a background in Mechanical Engineering, transitioning to the captivating field of cybersecurity has been nothing short of exhilarating.😍

    In this blog post, I intend to provide a comprehensive overview of the subjects covered during these four and a half months, shedding light on the self-directed projects I undertook to enhance my skills. I recognize the value of sharing my insights, especially considering the myriad uncertainties that accompany the commencement of a cybersecurity venture. Questions such as the content of the courses, strategies for excelling beyond the classroom, and tips for self-improvement were persistent in my mind, and the lack of guidance compounded the confusion.

    Through this post, I aspire to demystify the initial perplexities of embarking on a cybersecurity journey. Whether you are a fellow student grappling with similar uncertainties or someone considering a shift to cybersecurity, my aim is to offer assistance by sharing my experiences. I hope this post serves as a resource for those navigating the labyrinth of questions that once perplexed me. Your journey begins here – let's navigate it together!

Experience:

    In Fall 1 of my cybersecurity master's journey, the workload was relatively light, focusing on a single course—CYBR 5000, Cybersecurity Fundamentals—taught by Jeff Robertson. The primary resource for the course was the CompTIA Security Plus 601 edition book, signaling the beginning of my preparation for the CompTIA Exam scheduled for this January.     This foundational course played a pivotal role in shaping my understanding of cybersecurity. The curriculum encompassed the standard components of discussions, assignments, quizzes, and a notable 100-mark white paper project. The project's objective was to delve into the cyber kill chain by Lockheed Martin, requiring a comprehensive exploration of each step. Additionally, I had the opportunity to choose one step for an in-depth analysis.     The research process not only acquainted me with the intricacies of the cyber kill chain but also introduced me to concepts such as Advanced Persistent Threats (APTs), methodology, and mitigation tactics. A notable aspect was the assimilation of the APA 7 style for formatting the paper, which initially posed a challenge but eventually became a valuable skill.

    While I could elaborate further, I'll spare you the details. If you're interested, I'm more than willing to share my paper. Feel free to reach out through the contact form on this website or drop me an email at hammazahmed40@gmail.com. I'm open to discussions and collaboration!

Fall 2

2 months swiftly passed, and the Fall 2 semester commenced with a duo of intriguing subjects: Data Administration (CYBR-5020) and Incident Response and Mitigation (CYBR-5220). While Data Administration leaned towards theory and didn't captivate me as much, Incident Response held a special fascination, igniting my enthusiasm.

    The highlight of CYBR-5220 was the hands-on experience it offered, allowing me to engage with a plethora of tools and explore diverse topics. Here's a snapshot of the tools and topics that became integral to my learning and project endeavors:

Tools	Topics
Nessus Vulnerability Scanner	Building an Incident Response team and building a security Stack
Wireshark and Pcap Analysis	On-boarding MITRE ATT&CK framework
Linux (hping attack)	Mandiant Report on APTs
Splunk	RACI Matrix
nmap	NIST and SANS Framework
Forensic tools on Linux	MSSP and MDR

    Concluding CYBR-5220, I authored a Blue Team Incident Paper and crafted a video presentation, focusing on the analysis of a DDoS attack. Leveraging my confident Wireshark skills, I dissected a pcap file inundated with TCP SYN packets. This project demonstrated my practical application of cybersecurity knowledge and showcased strategic responses to mitigate the impact of the attack. It encapsulates both technical proficiency and strategic acumen, marking a pivotal milestone in my cybersecurity journey.

Self-Empowerment through Upskilling: I firmly believe that while college provides a foundation, one's responsibility for continuous growth extends beyond the classroom. To enhance my skills, I initiated various self-projects and hands-on labs, delving into practical experiences outside the academic sphere. Among these ventures, I conducted a Nessus vulnerability scan, executed an Hping attack on my personal computer, and implemented a Password Manager. These labs proved immensely beneficial, contributing significantly to my skill set. Presently, my focus is on configuring a pFsense Firewall, further expanding my expertise. In amalgamating the knowledge acquired from both coursework and independent labs, I've gained proficiency in Information Security, Incident Response, Packet Sniffing, Firewall Configuration, Network Security, Vulnerability Assessment and Scanning, and Endpoint Protection. CTF Exploration:😅 A notable highlight in my journey was the introduction to Capture The Flag (CTF) challenges. A friend assembling a CTF Team graciously introduced me to this realm, granting me access to the team. Exploring various aspects like web exploitation, cryptography, and forensics, I found a particular fascination with the latter. For the past month, I've immersed myself in CTFs, culminating in our team's participation in IWCon 2023, where we secured a commendable rank for our inaugural attempt😁. Forensics, with its focus on metadata, autopsy, and more, has become a focal point of my learning. To those uncertain about their path, I wholeheartedly recommend engaging in CTFs. It not only nurtures an ethical hacking mindset but also transforms learning into an enjoyable and dynamic experience.

Please Note - I would be glad to share any projects with my readers. Feel free to mail me.😃

Thank You for reading this post. 💖

Heres a significant photo from my gallery.