Reflecting on my 2020 goals. I’m proud of what I accomplished. I would’ve liked to accomplish more. Onward to 2021. Weight training goal. Not my gig. I discovered rucking and fell in love with hiking again. I’ll call that a win. Thanks for the perpetual headlock, David Walzer." CISSP completed in January with some motivation from Brian East." OSCE ended up retired. COVID changed all my plans. Went after the AWS SAA instead. When I most needed it, landed a gig with Amazon Web Services (AWS) " One CSRF bug reported for $200. Not sure I’m cut out for the bug bounty life. At least I got one.
Security by obscurity is not enough by itself. You should always enforce the best practices. However, if you can reduce the risk with zero cost, you should do that. Obscurity is a good layer of security.
https://utkusen.com/blog/security-by-obscurity-is-underrated
I’m wrecked. My dear uncle passed Saturday. He shook my hand when I graduated boot camp and said, “Semper Fi, Marine.” I didn’t know he was a Vietnam vet or Marine.
Labor Day 2005, I returned from basic training and MOS school. I knew exactly where I wanted to be @ Lake Chelan, WA with fam @ his place. As usual, he bought 12+ tickets to a Kingston Trio concert to hand out to anybody. He insisted I go. I’m glad I did.
Knocked out the new Amazon Web Services Solution Architect Associate (SAA-C02) exam this morning. 2nd CoronaCert done this month. Up next: AWS SA Professional"
For folks taking the new test, a little practice, reading some FAQs and whitepapers, and running through these resources is enough:
Course: Ultimate AWS Certified Solutions Architect Associate 2020 Practice Exams: AWS Certified Solutions Architect Associate Practice Exams
I often get asked to weigh in on the value of cert X or training/cert company Y.
IT and InfoSec are broad. Too many folks get siloed or disappoint themselves by not first selecting a reasonable goal and working backwards. We need to be purposeful about our studies and efforts by ensuring they align with our goals. Otherwise, we’re just wasting time.
If you’re interested in cybersecurity, check out this info-graphic. Find that swim-lane you’re after and go get it. https://pauljerimy.com/security-certification-roadmap/
On Tuesday, I’ll be discussing securing internal DNS infrastructure and some tips and tricks to effective monitoring of Windows Server DNS. It can be surprisingly challenging to get right. #conferences http://www.theitsummit.com/event/seattle-fall-2018/
I had a great time in Portland sharing personal and small business security tips and tricks with the Springwater Group at Morgan Stanley. The Multnomah Athletic Club has quite the view. Thanks to Doug Moshofsky and his team for the opportunity.
This is a strong article on learning and deliberate practice with many takeaways. Great book recommendation too: Deep Work: Rules for Focused Success in a Distracted World
Some of my favorite reminders:
The Law of Productivity: High-Quality Work Produced = (Time Spent) x (Intensity of Focus) Don’t make the mistake of confusing productivity with busyness. Doing lots of stuff in a visible manner does not mean you’re being productive. The rule of thumb is that it takes approximately 25 minutes of focus without distraction to reach a state of flow. If you’re checking your Twitter notifications every 20 minutes, which seems harmless, you prevent your brain from reaching that state and therefore prolong the time required to complete your task. Deliberate practice cannot exist alongside distraction. Too often, we assume we are getting better simply because we are gaining experience. In reality, we are merely reinforcing our current habits — not improving them. Our culture loves the story line of the prodigy and the notion that experts possess an inherent talent that separates them from everyone else. But in reality, to master a cognitively demanding task requires this specific form of practice. https://azeria-labs.com/the-importance-of-deep-work-the-30-hour-method-for-learning-a-new-skill/