Please enable JavaScript.
Coggle requires JavaScript to display documents.
CAT - DevOps - SCAT - Interview MindMap - Coggle Diagram
CAT - DevOps - SCAT - Interview MindMap
SeeMe
Coordinated zeroday vulnerabilities project with
5 global team members
; updated
7
Internet facing servers. Reduced enterprise-wide security vulnerabilities by
12%
.
Worked with internal and external audit units to resolve
regulatory issues to maintain compliance with regulatory requirements, including SOC 1,2,3 reporting
Lead effective IT Emergency Response team & rolled out step by step well documented incident handling guide for dealing with major incidents
which reduced the severity of the incident & impacted downtime to 55 minutes containing incident and reduction in downtime, as in the case past , which had high severity of the incident an associated impacted downtime of somewhere between 5hours.
As part of the platform stability & license cost savings agenda, Lead & implemented open source linux for all our application components like Apache, sFTP , MySQL, HA-KeepaliveD with
substantial cost savings of 20+Lacks annually.In addition to this platform provided enterprise grade stability & security.
OS
Linux
CentOs 6,7,8
Ubuntu 18,20,22
Redhat - RHEL 6,7,8
Windows
Storage
File/Folder Level
ON-Prem
NFS share
Samba share
Cloud
AWS EFS
Object Level
Onprem
Cloud
AWS S3
Block Level
On-Prem
DAS
Scsi
NAS
NFS
SAN
Storage
EMC
Openfiler
Cloud
AWS EBS
Managing data disk with LVM on server
Core Services
HA
Keepalived
Samba
NFS
Webserver
IIS
Serverless Architecture S3
Apache
Nginx
Reverse proxy
SSH
FTP
vSFTP
SFTPD
DNS
Bind
Route 53
Process
Change Management
Incident Response
Containment
Eradication
Identification
Recovery
Preparation
Lessons Learned
Virtualization/Cloud
Cloud
AWS
Architecting VPC as per clients
/project requirements
Deep Knowledge on
SG,ACL
IAM
Service - Managing users -permissions -
MFA
Segmenting NW - Protecting DB servers with
NAT gateway
Managing
Budgets
- Alerts on AWS
VPC Peering with different regions
Deep Knowledge of Global Networks -
Global Infra AWS
EC2 Pricing Strategy
with RI, Savings plans, Dedicated instance, Dedicated host , Spot instance
Global DR Region planning
Placement group strategy with Cluster-Spread-Partition
EC2
EBS
AMI
ELB
ASG
Automating Snapshot in AWS
Encryption -
KMS
S3
RDS
Route 53
Redshift
Kinesis
AWS Lambda
Dynamo DB
Cloudfront
Cloud formation
SQS
Cloud Trail
SNS
ENI - Elastic IP
EFS
AWS CLI
Virtualization
VMware
iSCSI SAN
VM Concepts
Snapshots-Restore
Oracle virtualization
Backup
VM
Snapshots
Linux
Tar,zip,gzip,Rsync,Cron
Cloud
EBS Snapshots
Concepts
Availability
Non-Repudiation
Integrity
Confidentiality
Due care
Due diligence
Defenses
Encryption
Linux FirewallD
MFA
IP Tables
SELinux
CIS Benchmark Linux base line image
Sudo - Least access priv
Monthly Security Patching
Logs - crawler/spider activity
Search Engine Recon Defense: robots.txt , removal individual page "NOINDEX,NOFOLLOW , NOSNIPPET,NOARCHIEVE"
Remove from google: re-crawl req from google webmaster tools
Wifi-Sec options - WPA2- WPA3
Disabling ICMP echo request messages
Closing all unused ports by shutting off services
Stateful packet filters /proxy firewall
IDS
IDS - hostbased AIDE
Shut off all unneeded services
Applying System Patches in timely manner
Restrict Access to USB Ports
Password protect BIOS & disable USB boot
Use disk encryption
Know what is running on your system: backdoors
Network isolation design
CIS top 18
Have a password policy
Temporarily lockout accounts for bad logins
Mod security for Apache,Nginx
DDOS defenses: Design critical business system with redundancy
Rootkit Defenses: config lockdwns - lockdwn root privilege
Rootkit detection tools: chkrootkit , rootkithunter,OSSEC
Separate server for logging - to avoid log editing
Principle of least privilege access
Tools
DNS - DNS Recon tools
dig
nmap
nslookup
DNSRecon
DNSEnum
Sublist3r
DNS Recon defense tools - hardening - limit zone xfer
Sysinternal tools
autorun64
Process explorer
Process monitor
TCPView
RITA - Network based Threat Hunting
Live Examination with
Unusual files
Unusual accounts
Unusual process
Unusual NW entry
TCP Listener
Jira
OSINT
- SpiderFoot
WHOIS
Certificate transparency search - Entrust
have i been pwned
Website Recon
pipl.com
namechk.com
Press release , white papers, designed docs, open positions, business partners, ISP , suppliers
newspapers,blog,magazines
Hacker sites
Pushpin
Search Engines
Bing , Baidu, Yahoo
ExploitDB
Google & Google hacking DB
Search directive
intitle: searching for vul sys
inurl
link:
related
site:
filetype:
Googles cache & wayback
FOCA
Automated Search engine - SearchDiggity
Recon-Ng
Maltego Recon Suite
Web-based-Recon/Attack tools
tools.dnsstuff.com
network-tools.com
Shodan
securityspace.com
War Dialing
WarVox War Dialing
War Driving
inSSIDer
Kismet
aircrach-ng
Network-Mapping
NMap
ZenMap
Masscan
EyeWitness
Proxying scans: Remux
Vulnerability Scanners
OPenVAS
Qualys
Nessus
BloodHound
Physical Access Attacks:
Lan Turtle Responder
Rubber Ducky
Inception
Kon-boot
Netcat: port scanning
Network Sniffers
TCP Dump
Wireshark
Metasploit
Password Attacks:
Password Cracking: Dictionary / Bruteforce
THC Hydra Password Guessing
John the ripper
Hachcat Hash
OWASP
Googles Rekall
File Integrity checking tools
OSSEC
AIDE
Tripwire
Standards
SOC 1,2,3
NIST - SP800 61r2
CIS Top 18 controls
PCI DSS
ISO 27001/17/18
Maintenance
Migration event
Installation / Upgradation of packages on Linux
Patching Monthly event
Containers
Docker
Kubernets
Programming - Automation
Bash
Python
Enterprise Monitoring
EnterpriseMonitoring-Zabbix-UserManagemt-ServerMonitoring-with-Agent-SNMP
EnterpriseMonitoring-Architecture-Zabbix-Installation