BSIT380 - T302 Week 6 Blog

This week’s chapters, 11 & 12, focused on detecting cyber threats through the analysis of system-collected data. The collection of logs and alerts is not good enough because organizations need to establish network baseline data to identify any abnormal activities. Security Information and Event Management (SIEM) and packet sniffers enable system monitoring, but users must conduct thorough analysis to determine important information. 


Chapter 12 shows how threat intelligence enables organizations to anticipate hacker activities. The process of threat identification relies on analyzing unusual files and login patterns to determine the nature of the threat. The approach involves both attack reaction and proactive threat preparation through the analysis of trends and cybercriminals' operational patterns. The main lesson from this week was that data collection becomes effective only when organizations understand how to interpret and defend their systems with the gathered information. 


Thanks for stopping by again!


-Derek-

Comments

Post a Comment

Popular posts from this blog

BSIT380-T302 Week 2 Blog

 This week’s readings really emphasized how foundational agreements and proactive analysis are to a strong cybersecurity posture. One key takeaway for me came from the deep dive into Service Level Agreements (SLAs) . SLAs are more than just technical checklists, they are legal and operational frameworks that define accountability, especially when it comes to security. In an environment where companies outsource critical infrastructure to third-party vendors, clearly defined SLAs are what ensure providers deliver not just uptime, but compliance with security protocols like data encryption, vulnerability patching timelines, and incident response commitments. From Chapter 4, I found the section on threat intelligence particularly compelling. The idea that cybersecurity is not just reactive but also predictive stood out. Gathering, analyzing, and applying threat intelligence helps organizations stay ahead of attackers. Whether it’s understanding threat actor motives or identifying in...
Read more

BSIT380-T302 Week 1 Blog

Hello and welcome to my first entry in what I hope becomes a valuable space for sharing insights, experiences, and lessons learned in the world of cybersecurity, system hardening, and network risk management. My name is Derek Talbott, and I am currently the Site IT Manager at Michelin in Junction City, Kansas. With over a decade of hands-on experience in IT, ranging from systems administration and Active Directory management to executing cybersecurity compliance rules across global infrastructures, I’ve learned just how critical strong security practices are in maintaining operational stability. Before transitioning into the civilian IT world, I served in the U.S. Army as a 15N Avionics Mechanic, 15F Aircraft Electrician, and 25B Information Technology Specialist. Those years taught me how to stay calm under pressure, lead by example, and treat every piece of technology as mission-critical, skills that continue to guide my approach to IT security today. I’m currently wrapping up my ...
Read more

BSIT 220-T301 Week 7 Blog

 Good Evening, Welcome back to my weekly blog where we talk about what is going on in this weeks course work. One thing that stuck out to me this week was SONET and SDH. Lets dig a little deeper on some similarities and differences between the two.  SONET - Synchronous Digital Hierarchy was standardized by the ANSI (American National Standards Institute) defines a hierarchy of interfaces and frame formats for transmitting multiple digital bit steams over optical fiber.  SDH - Synchronous Digital Hierarchy was standardized by the ITU-T (International Telecommunication Union - Telecommunication Standardization Sector). It is largely compatible with SONET but has some technical differences.  SONET uses Optical Carrier (OC) levels to designate different transmission rates. The basic unit is the Synchronous Transport Signal (STS) which is like the European STM-1 (Synchronous Transport Module Level 1) in SDH. SDH uses Synchronous Transport Module (STM) levels to designate ...
Read more