September 24, 2019

11:00 P.M. Tuesday

I had 98% iPhone battery life left, but wanted to make sure it hit 100%.  I was on-call for the next 7 days - and it was only Day 1.  Seems ridiculous to think the phone's battery would die completely overnight, but I didn't want to take any chances.  I was primary on-cal...

August 16, 2018


The Situation

You can learn a lot about encryption,  hashing, and DH when configuring a site-to-site VPN. 

I was on a conference call where several other network security engineers, project managers, and networking teams were trying to bring up an existing site-to-site...

August 2, 2018


I was fortunate enough to work in the security industry while studying for the CISSP.  

Dealing with firewalls and creating VPNs was a daily routine, and this made the Cryptography domain of the CISSP VERY easy.  

Others may not have the same opportunity, so I thought I would share with everyone how symmetric encryption is used in real life. 

 For other CIS...

May 12, 2018

When there are network connectivity issues, the first thing to be blamed is the firewall.  

40% of my job is proving that the issue is not with the firewall.  The simplest of tasks is just showing the customer that traffic has ingressed and egressed successfully out of a dual or multi-homed firewall.  

We manage the firewalls of Customer A....

March 6, 2018

Just one word on a CISSP exam question can either provide you the correct answer, or throw you off completely.  Let's go over an example.

VPN tunnels use IKE negotiations and IPSec to create a private line of communication between two peers.  Which of the following below is NOT true about IPsec VPNs?

A.  IPSec consists of two main protocols: Authentica...

August 7, 2017

The OSI Model is used to describe how data moves from your networked computer to an application in another network.  Instead of trying to memorize all the layers, the protocols, and what device belongs in which layer, it is better to just know the concepts.    

Here is an excerpt from the OSI Model video from the members section of the site.  


July 28, 2017


An IDS is a technical detective control.  

An IPS is a technical preventative control. 

An anti-virus program is a technical preventative control.

Associating these three control types to an IDS, IPS, and anti-virus will take you far in remembering the basic concept for the exam. 

Preventative Control: Spans administrative, technical, and physical contr...

October 25, 2016

NAT and PAT was really a difficult topic for me to comprehend for both the CISSP exam and for my job.

The only way I truly understood it was by configuring it, and seeing the packets.

The below video is a real life demonstration of how PAT operates in the real world.

If you would like to view more videos like this, join our member's section of the site...

October 23, 2016

Things I’ve never heard as a network security engineer:

“I see this network uses a star topology.”

“In order better understand your network, can you please let me know if you use a ring, star, bus, or mesh topology?”

Nobody talks about network topologies like it is explained in the books.

It is more common to just look at a network topology diagram.

Network To...

Please reload

© 2013 Study Notes and Theory
Terms and Conditions/Privacy Policy

Proudly created to make you

a better security professional.