Certifications

Certifications

Overview

My learning journey as a Cybersecurity & IT Operations Technician is grounded in hands-on, practical application. This page serves as a comprehensive record of my verified certifications and 90+ hands-on labs, showcasing my proficiency in key areas of security operations, system administration, and network security. Each credential represents a practical exercise and a step toward mastering the skills required to build and defend secure systems. My training and certifications align with industry-recognized frameworks such as the NIST NICE Framework, US Military Occupations (MOS), and the Australian Signals Directorate (ASD) Cyber Skills Framework.—

Featured Certifications & Hands-On Labs

Here is a curated selection of my most impactful, job-relevant credentials and hands-on labs. These projects demonstrate my ability to apply practical skills in real-world security scenarios.

  • Harden a Windows Machine with GPO to Restrict Application Installations
    • Demonstrated applied endpoint hardening by configuring Group Policy Objects to prevent unauthorized software installations.
  • Deploy a GPO to Ensure Credentials Are Entered Securely
    • Implemented access control management by using Group Policy to enforce secure login practices and protect sensitive credentials.
  • Use Cisco Packet Tracer to Create a Dynamic Network for a 1,000-User Organization
    • Applied network architecture and design principles to build a secure enterprise-level network, employing cybersecurity best practices.
  • Use PE Studio To Analyze 5 Files On Your Computer
    • Performed static malware analysis by using PE Studio to examine binary files for suspicious traits, building foundational threat hunting skills.
  • Turn on Windows Firewall and Create a Sample Firewall Rule to Prevent SMB Access
    • Applied network security and endpoint hardening by creating a firewall rule to block SMB traffic, a common vector for lateral movement attacks.
  • Lab Setup: OpenVAS
    • Successfully deployed and configured a containerized vulnerability scanning environment, demonstrating proficiency with an industry-standard security tool.
  • Create a Snapshot of a Virtual Machine to Recover the OS to a Safe State
    • Applied security operations principles to ensure system resilience by creating a snapshot for a secure and repeatable recovery baseline.
  • Use Access Permissions and Rights to Prevent Unauthorized Users from Viewing a Folder
    • Demonstrated data protection and access control management by configuring file system permissions to protect sensitive information.
  • Use Procmon to View, Analyze and Monitor Running Processes on a Windows Machine
    • Applied digital forensics and SecOps skills to monitor and analyze system processes for potential malicious activity.
  • Use the Windows Registry to Restrict the Permissions of Untrusted User Accounts
    • Showcased advanced system administration skills by directly modifying the Windows Registry to enforce granular access controls.

Mossé Cyber Security Institute (MCSI)

MICS – Introduction to Cyber Security

Number of training exercises: 40 Current Progress: 39 out of 39 pts (100%)

Lab Setup

  • Lab Setup: Screen Recording
  • Create a template for a professional document

Professional Writing

  • Use Grammarly to improve the spelling and grammar of your writing
  • Use the Hemingway App to make your writing easier to read
  • Use Quillbot to improve the quality of your writing
  • Use AI to polish your writing and make it more professional

Internet Searching

  • Use Elicit.org to search academic papers
  • Use Bing to find cybersecurity feeds in a specific language
  • Analyze changes to a webpage by comparing its current, cached and archived versions
  • Construct complex Google Search queries to identify publicly available sensitive information
  • Create Google search queries to identify webpages and publicly available documents

Technical Concepts

  • Research the top penetration testing tools
  • Research the Cyber Kill Chain Model and the MITRE Matrix
  • Research the major types of enterprise security software
  • Research the most common network protocols

Open Source Intelligence (OSINT)

  • Create covert social media accounts
  • Create Mindmaps of all data points available on social media platforms and communities

Passive Network Reconnaissance

  • Use dnsdumpster.com to passively map an organization’s external facing assets
  • Use shodan.io to passively map an organization’s external facing assets
  • Search for information leaks on code repositories

Discovering Attack Campaigns

  • Detect typo squatting and phishing with dnstwist.py
  • Use urlscan.io to identify phishing and spear-phishing websites
  • Create Google searches to find open malware sandboxes

Security Tools

  • Use sslscan to assess the SSL configuration settings of HTTPS websites
  • Perform a TCP port scan using Nmap
  • Perform a UDP port scan using Nmap

Threat Hunting using YARA

  • Lab Setup: Threat Hunting with YARA
  • Write a YARA rule that can find itself
  • Write a YARA rule that can find small portable executables
  • Write a YARA rule that is professionally documented
  • Write a YARA rule that searches for files with a given set of strings

Security Lab Setup

  • Lab Setup: Deploy Virtual Machines
  • Lab Setup: Software Development
  • Lab Setup: OpenVAS

Penetration Testing with Tools

  • Perform a vulnerability scan with OpenVAS
  • Use Burp Suite’s Spider to crawl a website
  • Use Burp Suite’s Intruder feature to brute force a login page
  • Perform DNS scans using Fierce

Digital Investigations

  • Use Dumpzilla to extract forensics browser logs
  • Use PE Studio to analyze 5 files on your computer

MSAF – System Administration Fundamentals

Number of Training Exercises: 106 Current Progress: 22/84.5 pts (26%)

Practical Scenarios

These modules are comprised of multi-step projects that simulate real-world IT and cybersecurity tasks in a live enterprise environment.

Windows Server 101

  • Description: This scenario involves building a complete Windows enterprise environment from scratch, including a Domain Controller, file server, and web server.
  • Key Skills Demonstrated: Enterprise System Administration, Active Directory Management, GPO Deployment, Network Infrastructure Services.
  • Tasks:
    • Setup a Domain Controller in a cloud ICT environment
    • Install a Squid proxy and force all Internet traffic through it
    • Create and link a GPO to a Domain Controller
    • Create an Active Directory Forest
    • Setup a file server and connect it to a domain
    • Setup a Windows Exchange Server and expose relevant network services
    • Setup a machine that will simulate a Windows workstation and connect it to the domain
    • Setup a machine that will simulate a Print Server and connect it to the domain
    • Set user permissions to allow/deny access to File Shares
    • Deploy and configure an IIS webserver
    • Create and configure 4 different subnets for the AD environment
    • Deploy a GPO that applies security best practices across the fleet of computers

Introduction to Exchange Server Administration

  • Description: This scenario focuses on the installation, configuration, and security of an Exchange server, including digital forensics and SIEM integration.
  • Key Skills Demonstrated: Mail Server Administration, Digital Forensics, SIEM Integration, Email Security.
  • Tasks:
    • Install and configure an Exchange server and connect it to a domain
    • Create 10 exchange mailbox accounts
    • Research and explain Exchange server audit logs for digital forensics
    • Enable Administration Audit logs on your exchange server
    • Delegate a mailbox from one user to another
    • Setup mail forwarding from one mailbox to another
    • Create an Email distribution group
    • Create an Email security group
    • Run a mail trace on a user’s mailbox
    • Install and configure AlienVault OSSIM (SIEM)

Completed Modules

  • Virtualization Fundamentals (9/9)
  • Networking Fundamentals (4/4)
  • Windows System Security and Administration – Part 1 (7/7)
  • Windows System Security and Administration – Part 2 (4/9)
  • Windows System Security and Administration – Part 3 (0/8)
  • Firewall Fundamentals (0/6)
  • System Security and Administration: Linux (0/5)
  • Backups and Recovery and Restoration 101 (0/9)
  • Introduction to Troubleshooting (0/4)
  • Linux Server 101 – General (0/9)
  • Linux Server 101 – Networking (0/5)
  • Linux Server 101 – Hardening (0/8)
  • Procedures (0/1)

View Career Development Milestones

Additional Certifications

  • ISC2 Certified in Cybersecurity (CC): This globally-recognized certification validates my foundational knowledge in key cybersecurity domains, including security principles, business continuity, and risk management.
  • KCCS - Knowledge of Cybersecurity Skills: This certification affirms my theoretical knowledge of essential cybersecurity concepts, including network security, threat analysis, and incident response, providing a strong foundation for professional development.
  • KCIS - Knowledge of Core IT Skills: This certification validates my understanding of fundamental IT principles, encompassing hardware, software, networking, and troubleshooting, serving as a solid stepping stone for further technical learning.
  • Google Cybersecurity: Completed exercises and hands-on labs in cybersecurity fundamentals, threat detection, and IT operations.
  • Google IT Support: Completed practical labs in system administration, troubleshooting, and IT infrastructure management.
  • Windows Server Management and Security: Implemented exercises in server configuration, Active Directory, and Windows security hardening.
  • Automate Cybersecurity Tasks with Python: Implemented scripting exercises to automate security monitoring and remediation tasks.
  • Tools of the Trade: Linux and SQL: Hands-on exercises in Linux administration and SQL-based data management.
  • Foundations of Cybersecurity: Practical exercises covering cybersecurity fundamentals, threat modeling, and mitigation strategies.
  • Detection and Response: Applied exercises in threat detection, incident response, and logging analysis.
  • Security Risk Management: Exercises in identifying assets, threats, vulnerabilities, and implementing mitigation controls.
  • Connect and Protect: Networks and Network Security: Completed labs on network defense, monitoring, and security controls implementation.
  • Decentralized Finance (DeFi) Deep Dive & Infrastructure: Practical exercises exploring blockchain infrastructure, smart contracts, and risk management.
  • Decentralized Finance (DeFi): The Future of Finance: Completed practical exercises in DeFi protocols, blockchain infrastructure, and risk assessment.
  • Cybersecurity Risk Management Framework: Applied concepts of enterprise cybersecurity governance, risk management, and compliance frameworks.
  • Kali Linux: Hands-on exercises with penetration testing, vulnerability scanning, and network security assessment.
  • NIST 800-171 & DoD RMF: Applied cybersecurity standards for federal systems and implemented risk management exercises.
  • Technical Support Fundamentals & System Administration: Completed exercises in IT support, infrastructure services, and system administration best practices.