Mentor Assessment #1

Date: 2/6/20

Mentor: Greg Givens

Analysis:

Before meeting with professionals this year in ISM, I had a very vague idea about what
an actual Cybersecurity profession is like. Additionally, the knowledge that I had prior was
completely theoretical. However, throughout this school year, I have conducted a lot more
research and I have gained a decent understanding of the daily life of a Cybersecurity
professional, mainly because of my mentor. Over the past couple of months, Mr. Givens has
allowed me to experience what it is truly like to be a Cybersecurity professional. For instance, he
has shown me some of the applications that he uses on a daily basis, and he has clarified some of
the fundamental concepts, including various security protocols and security-related hardware.

To begin, Mr. Givens has had a lot of experience in the security world. In fact, he has
worked in Cybersecurity professions for the past 20 years. He currently works for the City of
Frisco, but before that he worked for Verizon. Furthermore, one of the most unique
characteristics of Mr. Givens is that he used to work in the police department. This highlights
that Mr. Givens is not only proficient in securing software applications, but also protecting
people in real-life. This makes him one of the most qualified people in the realm of security. On
top of this, Mr. Givens is always kind, willing to help, and most importantly, passionate about
his job. He always tells me that the main reason that Cybersecurity is such a fascinating
profession is because it keeps on changing. This has been a major motivating factor for me since
I love challenges rather than simply doing the same thing over and over.

During our first few meetings, Mr. Givens explained to me that although Cybersecurity is
all about understanding how to defend an application, it is also necessary to learn how hacking
actually works. This made sense to me because if I can understand how people hack applications,
then I can better defend these applications by implementing secure code or stronger security
practices. For this reason, we started practicing ethical hacking, or “penetration testing” through
a website called Kali Linux. Doing this helped me get better at Cybersecurity in several ways.
First off, I was able to understand that the Linux Operating System (OS) is used instead of
Windows in network administration or Cybersecurity jobs. However, before this year, I have
never used anything other than Windows. Thus, by doing these practice projects, I started getting
much more familiar with the Linux software, and more specifically, Linux commands.
 Another benefit of doing these practice “hacking” projects on Kali Linux is that I am
starting to understand what some of the common vulnerabilities are. Although these projects
were very confusing to me at first, I am starting to get a better understanding now that I have
fully completed one with the help of my mentor. My mentor has also been giving me homework
assignments, which has been really beneficial since I can conduct further research and explore
more about Cybersecurity during my own time.

Currently, one of our goals is to complete another project on Kali Linux regarding SQL
Injection. We are planning on doing this for several reasons. First off, it will help me understand
what some of the other types of vulnerabilities (including SQL Injection) are, which in turn
would help me learn how to implement proper security vulnerabilities. Furthermore, I have
finalized my idea for my original work, which is to create a website that is properly secured
against SQL Injection attacks. If needed, my mentor will be able to help me in this process since
he knows how to code websites and sanitize user input fields. At the same time, my mentor
suggested that I look at the 8 domains of CBK (Common Body of Knowledge). Not only would
this help me obtain the CISSP certification in the future, but it will also help me solidify all the
theoretical concepts that are needed to become a great Cybersecurity professional.

Lastly, my mentor has been constantly helping my team members and I for our BPA team
event, which is network design team. In doing so, we have learned a lot mainly about the security
hardware/software that is involved in the network, such as the firewall, Intrusion Prevention
System, and Intrusion Detection System. This has been a very helpful process for me since it has
made me understand security at the network level, instead of just at the application level.

Overall, my mentor has helped me tremendously throughout this year in ISM. I hope to
keep on learning about essential Cybersecurity topics throughout the year and finally create an
original work that exemplifies the knowledge that I have gained with my mentor.