Monday Tre Moore
Monday was my first day of the RFK Solutionz cyber academy, and we learned about software. The topics that we learned included Troubleshooting Theory, Safety and Personal Safety, Windows Installations and operating system features. Troubleshooting Theory has 6 steps, identifying the problem, establish a theory of probable cause using common sense, test your theory, establish a plan of action, verify full system functionality, and document your findings. A good pneumonic for this is IETEVD, or “I eat Twix every Valentine’s Day”. Some practices of personal safety include removing the power before dismantling and/or working on a system, to be wary of weight limitations, to be prepared for electrical fires, et cetera. I also learned that there are two types of operating system installations; clean installations and upgrade installations. A clean installation is an operating system upgrade in which you wipe all of your information, and an upgrade installation is the opposite, an operating system upgrade in which all of your information remains intact. Another thing I learned is that there are many features specific to a certain operating system type, such as Windows Firewall for Windows and Keychain for Mac, but Linux has nothing unique to itself. Finally, I learned that most hackers don’t even know how to properly get into your system, but they rather use phishing links via email or text message to extract information from your computer.
Tuesday
On Tuesday, we learned about hardware, which is the components that make up the computer. An example of these would be the motherboard, keyboard, CPU, et cetera. There are two main types of memory on the motherboard, RAM and ROM. RAM stands for random access memory and ROM stands for read only memory. PSU stands for power supply unit, which supplies power to the motherboard. The motherboard is actually considered the base of operation to the actual brain of the computer, the CPU, which stands for central processing unit. There are two types of CPUs; LGA, land grid array, and PGA, pin grid array. They are named LGA and PGA because the LGA has things called “lands” that are flat, and the PGA has small “pins” on it. Another thing I learned today is that there is a battery, CMOS, which stands for complementary metal oxide semiconductor. There is a misconception in which people think it provides power to the motherboard, but in actuality, it provides power to the BIOS, or basic input and output system, which is what provides instructions to the motherboard. Finally, I learned there are two things that help processes et to the CPU; the north ad south bridge of the motherboard. The north bridge is a memory control module which can be compared to a ticket booth of a cinema, and the south bridge is an input and output control module, which can be compared to purchase a movie ticket. It helps process mouse clicks, your display, and much more.
Wednesday
Wednesday was my third day at the RFK Solutionz cyber academy. I learned a few things about hacking today. One of those things were the different types of hackers; black, grey, and white hat hackers. White hack hackers have full permission to hack by a higher power, grey hat hackers don’t have permission but they have good intentions and do “good” things, and black hat hackers have no permission and have “bad” intentions. There are also three types of penetration testing; white, grey, and black box tests. White box test are when the company gives you all information as if you were an employee, black box tests are when the company provides zero information, making it so that it seems like you’re a hacker outside of the company trying to breach their security, and grey box tests are when the company provides you with partial information, not none, but not all either. Finally, there are four types of “teams; red, blue, white and purple. The white team acts as a referee, standing neutral. Red team attacks and can be describes as “bad guys”, while the blue team defends and can be described as “good guys”. Lastly, the purple team is an amalgamation of both red and blue teams, both attacking and defending. It was, personally, the best subject out of the four, and I hope to learn more about hacking.
Thursday
On Thursday, we learned about security and the dangers of the insider threat. The insider threat is, essentially, when someone who works for the company gets hired, already having malicious intent, to get information out of the company, to embezzle money, and more. There are many forms of social engineering and convincing people to do exactly what you want them to, such as scarcity, urgency, familiarity, and more. Scarcity is a method used to implant viruses or malware into someone else’s computer, for example, there’s an ad for shoes and it says that there’s only two pairs left. The person behind the computer is more inclined to press the link on the ad because it makes them feel like they will be missing out if they don’t get the pair of shoes as there’s only two pairs left. Urgency can be used in many ways, both in person and online. It’s a technique used that makes people feel rushed, so they’re more inclined to do what you want quicker since you’re giving them a small window of time to do it. The last form I’m going to cover is familiarity, which is when they get familiar with fellow employees, whether it be by buying them drinks, going golfing, anything to make them familiar with you so they trust you to get information out of them that they wouldn’t otherwise.
I learned a lot of information in this five-day camp, and I enjoyed my time here. I look forward to possibly going here again next year. It provided a lot of information about cybersecurity that was very interesting to me, and, in the future, I now want to pursue a career in cybersecurity so that I can educate my family members and friends on how they can prevent these things from happening to them.