Welcome to my CyberJourney

Education

Master of Science (Western Governors University)

Cyber Security and Information Assurance

Excellence Award for my "Secure Network Design" project. (View PDF)

Transcript (view here)

Certifications

CompTIA Security+

CompTIA Pentest+

CompTIA CySA+

CompTIA Network+

CompTIA A+

CompTIA Project+

ISC² SSCP (Associate)

Linux Professional Institute - Linux Essentials

View all Verified Certifications

Bachelor of Science (Western Governors University)

Cybersecurity and Information Assurance

Additional CompTIA (stackable) & Misc Certifications

CompTIA Network Security Professional - CNSP

CompTIA Network Vulnerability Assessment Professional - CNVP

CompTIA Secure Infrastructure Specialist – CSIS

CompTIA Security Analytics Professional – CSAP

CompTIA IT Operations Specialist – CIOS

Fortinet Fortigate 7.4 Operator

IBM QRadar SIEM Foundation

OWASP TOP 10

Tenable.io (Nessus) Vulnerability Management

Qualys Vulnerability Management Detection and Response

Projects (can also be easily viewed from my LinkedIn Profile without needing to download a file)

Active Directory and Group Policy Lab

In the Active Directory and Group Policy lab, I accomplished a variety of tasks that enhanced my understanding and skills in managing a domain. I learned how to use Active Directory Users and Computers, and gained a deep understanding of what Group Policy is, how it works, and how to use it in a domain. I now understand GPO (Group Policy Object) precedence and have written Powershell scripts to automate redundant tasks, saving countless hours of repetitive work.

I learned how to create test OUs (organizational units) to safely test new GPOs and manage domain workstations and servers with Group Policy and Active Directory. I've also configured domain user desktop backgrounds and deployed software to specific users or computers with Group Policy.

Using Group Policy Management, I've secured the domain and learned how to troubleshoot Group Policy issues. I've applied GPOs to target OUs, users, and/or computers, and created & secured Network Share Drives, publishing them to Active Directory Users and Computers. In the Active Directory and Group Policy lab, I accomplished a variety of tasks that enhanced my understanding and skills in managing a domain. I learned how to use Active Directory Users and Computers, and gained a deep understanding of what Group Policy is, how it works, and how to use it in a domain. I now understand GPO (Group Policy Object) precedence and have written Powershell scripts to automate redundant tasks, saving countless hours of repetitive work. I learned how to create test OUs (organizational units) to safely test new GPOs and manage domain workstations and servers with Group Policy and Active Directory. I've also configured domain user desktop backgrounds and deployed software to specific users or computers with Group Policy. Using Group Policy Management, I've secured the domain and learned how to troubleshoot Group Policy issues. I've applied GPOs to target OUs, users, and/or computers, and created & secured Network Share Drives, publishing them to Active Directory Users and Computers.

Skills: Group Policy · Virtualization · Troubleshooting · Network Administration · Digital Authentication · Domain Controller · DLP · Active Directory · Windows Server

Link to Project

BS CSIA Degree Capstone

For my Capstone Project, which was the culmination of my knowledge gained while pursuing my BS in Cybersecurity and Information Assurance, I developed a comprehensive case study. This involved creating a hypothetical scenario where a company, RetailPro Inc., was operating with an entirely outdated network infrastructure and a conspicuous absence of basic security and access controls.

The scenario highlighted the consequences of inadequate controls and user training, which led to a successful data breach following a user’s susceptibility to a phishing attack. This project served as a practical application of my academic knowledge in a professional context.

The project was divided into 3 tasks:

1.) The Topic Proposal: This was an overview of the project, providing a brief description of what the project would entail based on the scenario.

2.) The IT Proposal: This was a comprehensive document that pinpointed the existing problem and proposed an IT solution. It outlined my strategic plan for implementing the project to effectively address the issue, including a well-defined methodology for project development.

3.) The Post-Implementation Report: This was a thorough report on the project I proposed. It detailed how I successfully implemented an IT solution to resolve the identified problem, including a step-by-step account of my project implementation methodologyFor my Capstone Project, which was the culmination of my knowledge gained while pursuing my BS in Cybersecurity and Information Assurance, I developed a comprehensive case study. This involved creating a hypothetical scenario where a company, RetailPro Inc., was operating with an entirely outdated network infrastructure and a conspicuous absence of basic security and access controls. The scenario highlighted the consequences of inadequate controls and user training, which led to a successful data breach following a user’s susceptibility to a phishing attack. This project served as a practical application of my academic knowledge in a professional context. The project was divided into 3 tasks: 1.) The Topic Proposal: This was an overview of the project, providing a brief description of what the project would entail based on the scenario. 2.) The IT Proposal: This was a comprehensive document that pinpointed the existing problem and proposed an IT solution. It outlined my strategic plan for implementing the project to effectively address the issue, including a well-defined methodology for project development. 3.) The Post-Implementation Report: This was a thorough report on the project I proposed. It detailed how I successfully implemented an IT solution to resolve the identified problem, including a step-by-step account of my project implementation methodology

Skills: Project Management · Intrusion Detection · Network Security · VLAN · Cybersecurity · Information Security Management · NIST 800-53 · ISO 27001

Microsoft (Azure) Sentinel SIEM

Developed content for, and performed tasks for Azure Sentinel (SIEM).
Used custom PowerShell script to extract metadata from Windows Event Viewer to be forwarded to third party API for geolocation data.
Configured Log Analytics Workspace in Azure to ingest custom logs containing geographic information (latitude, longitude, state/province, and country).

Configured Custom Fields in Log Analytics Workspace with the intent of mapping geo data in Azure Sentinel.

Configured Azure Sentinel (Microsoft’s cloud SIEM) workbook to display global attack data (RDP brute force) on world map according to physical location and magnitude of attacks.Developed content for, and performed tasks for Azure Sentinel (SIEM). Used custom PowerShell script to extract metadata from Windows Event Viewer to be forwarded to third party API for geolocation data. Configured Log Analytics Workspace in Azure to ingest custom logs containing geographic information (latitude, longitude, state/province, and country). Configured Custom Fields in Log Analytics Workspace with the intent of mapping geo data in Azure Sentinel. Configured Azure Sentinel (Microsoft’s cloud SIEM) workbook to display global attack data (RDP brute force) on world map according to physical location and magnitude of attacks.

Skills: Microsoft Azure · Azure Sentinel · SIEM · Powershell · Remote Desktop Protocol (RDP) · Threat & Vulnerability Management

Penetration Testing Lab

I Created home lab using VirtualBox, using a Kali VM and a vulnerable machine I downloaded from Vulnhub. I used various tools (like Nmap, Searchsploit, Metasploit, enum4Linux) to enumerate the host, find its vulnerabilities (open ports, outdated software, OS, etc.) and gain root access of the machine.

Skills: Penetration Testing · Nmap · Linux · Threat & Vulnerability Management · Ethical Hacking · Problem Solving · Kali Linux

Link to project

-----------------------------------------------

Python & Bash Scripting Projects

I initially delved into Python during my undergraduate studies at WGU, where I took an introductory course. Now, I'm actively enhancing my proficiency through a comprehensive Udemy course. My overarching objective is to master the intricacies of Python programming, particularly with the aim of creating custom scripts relevant to my role as a penetration tester or cyber security analyst.

Below are examples of some Python programs I've developed as part of this journey. I initially delved into Python during my undergraduate studies at WGU, where I took an introductory course. Now, I'm actively enhancing my proficiency through a comprehensive Udemy course. My overarching objective is to master the intricacies of Python programming, particularly with the aim of creating custom scripts relevant to my role as a penetration tester or cyber security analyst. Below are examples of some Python programs I've developed as part of this journey.

Skills: Python (Programming Language) · Encryption · Scripting · Debugging Code · Software Development

BlackJack Game

Simple Caesar Cipher

-----------------------------------------------

References

Aaron Kinsey: American Patrols Inc. CEO aaron@americanpatrols.com | (979) 492-0424

Russell Eral: Western Governors University Program Mentor

russell.eral@wgu.edu | (385) 428-8218

Vicente Rosario: Captain U.S. Army, Western Governors University MSCSIA student

vicente.rosario1@outlook.com | (720) 742-0995

Contact

Get in touch with me (or learn more about me on my About page). - I am actively seeking a role in the Information Security / Cybersecurity / Information Technology field.

Hiring me is like buying apple stock in the 80's. Seems like it could be a risky move, but WOW did that payoff.

d.demark@live.com

+1 254-449-6552

Websites

LinkedIn: https://www.linkedin.com/in/david-demark

TryHackMe: https://www.tryhackme.com/p/ddemark