Cybersecurity portfolio

Natalia Nuutinen

Natalia Nuutinen

An aspiring, compliance-oriented cybersecurity analyst. Currently, getting knowledge on how to identify and analyze potential risks, threats and vulnerabilities to corporation security and ensuring confidentiality, integrity and availability of gathered information to help safeguard organizational assets and adhere to laws and ethics.

Linkedin: https://www.linkedin.com/in/natalianuutinen/?locale=en_US

Repository to store the documents, labs, and screenshots you complete during each course of the certificate program.

Programme: Google Cybersecurity Specialist – spetember 2023

Cybersecurity portflio folders

Resume

Education

Portfolio documents

Cybersecurity tools

SIEM tools: Splunk Enterprise, Splunk Cloud, Google Chronicle

Threat detection: Suricata

Cybersecurity frameworks

CIA Triad, NIST CSF, NIST RMF, ISO 27000, OWASP

Playbooks: Incident Response Playbook

Programming 

Network & network security devices

The client-server model: DNS servers, file servers, corporate mails servers

Local network LAN and WAN, network architecture diagram

Cloud network

Firewall, hub, switch, router, modem, data packet, IP/ MAC address

Network protocols: the TCP/IP 4 layers model and OSI model

TCP protocol, udp protocol, https prodocol, dns protocol, NAT, DHCP, ARP, Telnet, SSH, POP3, IMAP, and SMTP.

WIFI protocol and WEP, WPA, WPA2, WPA3 encryptions protocols

Network segmentation, Firewalls, DMZ, controlled zones, VPN, subnets, proxy servers

Threat and attacks

Threat and attacks types: DoS, DDos, Syn flood attack, Ping of death, Phising attack and more, malicious packer sniffing, IP spoofing: On-path attack, Smurf attack, Replay attack

Packet sniffing software:

  • Azure Network Watcher
  • Wireshark
  • tcpdump

Malicious packet sniffing avoidance: setup VPN, use only HTTPS domains, avoid public WIFI access

IP Spoofing avoidance: encryption with TLS, configure firewall, defence-in-depth principle

Brute force attack (simple/ dictionary) avoidance methods: virtual machines VMs, sandboxes, vulnerbilitity tests, MFA multifactor authentication, reCaptcha, salting&hashing, password policies

Security hardening

Security hardening practices: software patches, configuration changes, removing unused applications, removes access, penetration testing (pen test)

OS hardening: immediate patch update installation principle, baseline configuration, hardware & software disposal, strong password policy

Network hardening methods: port filtering (firewall configuration) unused ports disabled, old wireless protocols disabled , SIEM, IDS, IPS tools , network segmentation (subnets), confidentials data network separation, encryptions. Defense in depth priniciple, the benefits of layered security, SOC Security Operations Center

Portfolio projects

  • Drafting a professional statement
  • Conducting a security audit
Scroll to Top