This section outlines the principles and methods I use to approach technical problems in IT support and system administration.
- Use a consistent troubleshooting framework (Layer → Device → Root Cause → Resolution)
- Apply security baselines aligned with NIST and CIS standards
- Validate fixes through testing, including negative testing
- Prioritize long-term stability over temporary fixes
Core Pillars: Structured Troubleshooting · Security-First Thinking · Root Cause Analysis · Validation Testing
Applied Troubleshooting (Examples)
These scenarios demonstrate how I apply structured troubleshooting and validation to real-world technical problems.
1. AD Disaster Recovery & Identity Restoration
Scenario: Complete loss of a Domain Controller resulting in an identity blackout for 100+ users.
Resolution: Rebuilt the server and performed a system state restore using Directory Services Restore Mode (DSRM).
Validation: Verified environment health using dcdiag and repadmin to ensure full replication and no data loss.
Framework: Business Continuity Planning (BCP).
2. System Hardening: Windows Defender GPO
Scenario: Default AV settings vulnerable to user tampering and ransomware bypass.
Resolution: Implemented an enforced baseline via Group Policy to maintain real-time protection and cloud-based scanning.
Validation: Confirmed settings remained enforced against local administrative changes.
Framework: CIS Microsoft Windows Desktop Benchmark.
3. RDP Troubleshooting (AWS Hybrid Cloud)
Scenario: Persistent RDP connection failures for AWS-hosted virtual machines.
Resolution: Audited AWS Security Groups, Network ACLs, and OS-level Remote Desktop Services.
Validation: Identified and corrected misconfigured ingress rules, restoring connectivity.
Framework: ITIL Incident Management / NIST CSF (RS.AN).
4. Access Control & NIST Alignment (Least Privilege)
Scenario: Data exposure caused by permission creep and lack of access control enforcement.
Resolution: Mapped environment to NIST 800-53 (AC-6) and implemented Role-Based Access Control (RBAC).
Validation: Performed negative testing across user roles to confirm access restrictions.
Framework: Principle of Least Privilege (POLP).
Technical Stack
Virtualization: VMware, VirtualBox, AWS EC2, GCP
Defensive Tools: pfSense, OpenVPN, Windows Defender, GPO Baselines
Diagnostics: Procmon, SAR (Linux), Wireshark, Event Viewer
Documentation: 100+ structured reports using a Layer → Device → Root Cause framework.
Application Across Portfolio
This approach is applied across all technical investigations in my portfolio. For detailed execution and case-based troubleshooting, see the Problem Solving section.