Tag: makeithabitual

Playing a little catchup

A lot has been going on over the last 6 months or so. One of the primary things is that I’ll be doing is taking the ISC(2) Certified Cloud Security Professional exam on 4 NOV.

What does the CCSP cover you might ask?

Domain 1 covers architecture, concepts, and design. Domain 1 also includes cloud computing concepts which covers broad network access, on-demand services, resource pooling, rapid elasticity, multi-tenancy and more. It also includes cloud service models, IaaS, storage types, volume storage, object storage, PaaS, storage types and more.

The cloud service deployment model covers public cloud, private cloud, hybrid cloud, community cloud, management plane, and virtualization.

The things that are covered in the rest of Domain 1 are:
Security aspects of virtualization – Type 1 and Type 2 hypervisors.
Principles of secure cloud computing – covering roles and responsibilities, design principles and Identity and Access Management (IAM).

Design requirements – covering requirements analysis, functional requirements, inventory, valuation and more. Cloud model boundaries were also covered as well as the cloud service models, IaaS, PaaS and SaaS. Protecting sensitive information portion covered hardening, encryption, layer defense, common threats, secure data life cycles and more. And finally, the Threat Modeling portion of Domain 1 includes STRIDE, DREAD, the OWASP Top 10 security threats and the CSA Top 9 risks.

I’ll outline Domain 2 tomorrow along with some other important details.

Ive also been able to make back to CrossFit on a regular basis. Ive also been able to get out on the water a little more often and once I pass this exam in November I’ll take a couple months off and then at the beginning of the year go ALL IN on Heath Adams Practical Network Penetration Testing certification. After that I will take a nice long break from taking certification exams.

Today as a break from studying I took a nice long walk and I found this cool writing spider along the way.

Nice easy two hour stroll through the eastern pinelands
Our old friend the writing spider

And, it’s kind of fitting that I haven’t posted any sort of lifting videos in…forever, and when I finally get back to training that I end up posting a lifetime PR for my deadlift at 517#. Easy day.

lifting is the source

Until next time…

Rep after rep

Don’t no rep me

Training for the day:

7 mins of:

7 Banded Sumos

7 Banded bodyweight squats w/moderate band

7 Calf raises

+

A. Back Squat 10, 10,10,10; rest 2/2:30 – 10 RM-ish

B1. Heels elevated air squats x 10 x 3; rest :10

B2. RDL w/an empty bar, sweep away — lumbar focus x 15 x 3; rest 1

C. SL RDL stability, unloaded x 10 x 3; — 5 per leg; rest 1

+

10min alt EMOM:

20 Step-ups – 10 per

15 push-ups

Martial skill work — 5 x 5 min rounds of Z2-Z4 striking, upper push/pull bodyweight movements in trapping/grappling range, and take down defense/sprawling/working underhook escapes et cetera.

Today in my world of Linux and pentesting I worked on building out an Active Directory Lab and worked on the initial attack vectors when attacking an AD based system. Things like LLMNR Poisoning, Capturing NTLMv2 Hashes with Responder, Password Cracking with Hashcat, LLMNR Poisoning Defense, SMB Relay Attacks, Discovering Hosts with SMB Signing Disabled, Start SMB Relay Attack Defenses, & Gaining Shell Access.

Current affairs:

We Got Him (Again, and Again, and Again): On the Latest ISIS Takedown In a Long Line of American Military Actions by Andrew Bacevich

Virginia Supreme Court throws out challenge to Youngkin mask order

Bombshell Proof The ATTACK On Joe Rogan Is Politically Funded! This Is Deeper Than Spotify!

Boom: Rumble offers Joe Rogan $100M to leave Spotify…

And of course, the twat waffle who is Jonah Goldberg, is returning to his roots.

水滸傳
The Outlaws of the Marsh

Training 1 DEC 2021

Today’s purification ritual

everyone LOVES the Assault Bike!

A1. Strict press 10, 10, 10, 10; rest 0
A2. Ys & Ts 10 & 10 x 4; rest 2
B1. Heavy laterals 15, 15, 15, 15; rest 0
B2. DB Shrugs 15, 15, 15, 15; rest 2
C1. Rear delt flies 15, 15, 15, 15; rest 0
C2. Anterior raises 15, 15, 15, 15; rest 0
C3. Banded upright rows 15 x 4; rest 2
+
E2MOM for 10 mins
:10 second SPRINT
1:50 rest off the bike
covered a mile in :50 seconds – almost yacked. solid work again today.

Just Do Work

Get after it

Find it in you

Today I spent a few hours prepping for the Practical Network Penetration Testing certification.

Today’s course material focused on Reconnaissance. Topics included Passive Reconnaissance, Identifying the Target(s), Discovering Email Addresses, Gathering Breached Credentials with Breach-Parse, Hunting for Breached Credentials with DeHashed, Hunting Subdomains, Identifying Website Technologies, Overall Information Gathering with Burp Suite, Google Fu and everyone’s favorite Utilizing Social Media to find out about all of your friends and neighbors – should be highly informative.

But first! To get my mind right I was able to hit the gym again🤙🏽 — today’s training was:

Upper pressing and scapular stability work

A1. Strict shoulder press – 2 x 10 warm up sets with an empty bar
– then 15, 15, 15; rest 0

A2. Banded upright row 20, 20, 20; rest 0

A3. DB Shrugs 30, 30, 30; rest :90

B1. Strict DB press 15, 15, 15; rest 0

B2. Plate bus drivers 20, 20, 20; rest 0

B3. Front plate raises 20, 20, 20; rest 2

C1. Partial rear delt flies – bottom – 20, 20, 20; rest 0

C2. Full ROM rear delt flies 10, 10, 10; rest 0

C3. Partial laterals – top –5, 5, 5; – perfect controlled reps so you can feel the squeeze at the very top; rest 0

C4. Face pulls 20, 20, 20; rest :90

+

5 sets of:

:20sec AB pedal at 80% effort

15pushups

10 swings

-rest as necessary

Remember, Remember the 5th of November

vicissitudes…

Training 5 NOV 2021

GIANT SET #1:

A1. Reverse Cable Curls

A2. Close Grip Cable Curls

A3. Wide Grip Cable Curls

A4. Wide Grip Drag Curls

  • 4 Total Sets / 20 Reps (Each)

B1. Partial Rope Extensions (Bottom)

B2. Partial Rope Extensions (Top)

B3. Full ROM Rope Extensions

B4. Close Grip Push-ups

  • 4 Total Sets / 30 Reps (Each)…Not close grip push-ups.. more like 4+

C1. EZ Bar Close Grip Curl

C2. EZ Bar Drag Curl

C3. Seated French Press

C4. 45 Degree Skull Crushers

  • 3 Total Sets / 20 Reps (Each)

5 sets NFT:

15 KBS

15 pushups

5 burpees

training Thursday 4 NOV

Just do work.

A1. SA DB row x 20, 20, 20, 20; rest 0

A2. Lat pull down 20, 20, 20, 20; rest 0

A3. DB shrugs, 20, 20, 20 ,20; rest :90

B1. Segmented cable row x 20, 20, 20; rest 0

B2. Sup lat pull-downs x 20, 20, 20; rest 0

B3. Chins x5 x 3; rest 2

C1. Clean DL x 5, 5, 5, 5; rest 0

C2. Clean row/sweep to the hip past knees x 5, 5, 5, 5

C3. Shrugs x 20, 20, 20, 20

+

Atl emom for 12 minutes

:10 sec AB @90% effort

5 power cleans at 185

Google Admin Security Specialist Cert plus brief life update(s)

Amplified IT’s Google Admin Security Specialist Certification

Over the last two weeks Ive been doing my best to balance my undergraduate work, my non-existent weightlifting, Wing Chun, BJJ, Jeet Kuen Do (I refuse to continue cosigning to the universal misspelling of the romanization of fist or style of fighting which in Cantonese is kuen vs kune), Thai boxing, and my actual job as a cybersecurity sys admin. Something else Ive added into the mix over the last two weeks is adding in some google education system admin training. I’m happy to report that over these last two weeks I have been able to earn the Amplified Admin Security Specialist Certification for the of us who, at least in a small part, work in the Education Google Workspace Admin arena. It’s an advanced-level, security-specific training for Google. The training built upon the foundational and advanced Amplified Admin Level 1 and 2 courses. It provides a comprehensive understanding of cybersecurity risk factors facing EDU leaders and how to appropriately mitigate through setting configurations.

Next up is Heath Adams’ Practical Network Penetration Tester certification. The #PNPT cert covers Practical Ethical Hacking, OSINT Fundamentals, the External Pentest Playbook, & Linux + Windows Privilege Escalation for Beginners. Once I can get this and just a few more certs under my belt I’ll be able to relax and maybe even take a vacation soon. But who knows, we’ll see 😉