Scribd Logo
Importer

Bienvenue sur Scribd !

  • Intersasasa

    Transféré par

    Srinath Srinivasan
    16 vues3 pages
    jschCnkjcnjancahufhauihfajcnakjcahfgaga

    Copyright

    © © All Rights Reserved

    Formats disponibles

    DOCX, PDF, TXT ou lisez en ligne sur Scribd

    Avez-vous trouvé ce document utile ?

    Ce contenu est-il inapproprié ?

    Signaler ce document
    jschCnkjcnjancahufhauihfajcnakjcahfgaga

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme DOCX, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    16 vues3 pages

    Intersasasa

    Transféré par

    Srinath Srinivasan
    jschCnkjcnjancahufhauihfajcnakjcahfgaga

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme DOCX, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    sur 3

    Tell me about yourself:

    Well to give you a brief summary about me I come from a small place
    in India where computers are still considered to be state of the art and
    right now am a masters graduate in computer engineering specializing
    in network infrastructure and security. This has been my career growth
    in short.
    To brief you more about me, I am a Masters degree graduate from the
    university of Illinois at Chicago specializing in Network engineering and
    information security. I decided to pursue my career as a network
    engineer due to the passion I developed for it in my coursework and
    my previous jobs. I have been working as a network engineer for my
    schools network operations and control team. I was part of the team
    that ensures proper functioning of the network infrastructure and
    system. My job role was specifically to configure switches and routers
    of the network and configure Access control list on them to ensure
    security. I also had to perform a lot of server and network configuration
    I was also directly responsible for prevention of any network intrusion,
    which I implemented using signature based intrusion detection
    systems. My other work experiences are mostly related to designing
    and configuring LAN networks as per requirements providing IT support
    for over 500 computers.
    My coursework and professional experience from my previous jobs has
    helped me get hands on experience in handling a lot of network
    systems .This has made me want to do more in this area and my
    passion for it has grown. Right now I am looking for a corporate
    environment that has a good network engineering team with a great
    work culture and scope for innovations which is why I am very much
    interested in a career with Arxium.
    If you want me to focus on something particular please feel free to ask
    and I will be more than happy to share it with you.
    Experience:
    I would like to talk to you about my job experience and two of my
    projects which I think would be relevant for the job role;
    I would be following Task Action Results format as I explain please feel
    free to interrupt me with any questions that you might have.

    Task: As a network engineer at school I was responsible to configure


    LAN and WAN networks. I also had to prevent prevent intrusion attacks
    on the network system and maintain the network systems.
    Action:
    I performed configuration of LAN for over 50 of computer labs for
    students to work in them. I designed the LAN network configured the
    devices as per the requirements of the professors. Also there is a lot of
    migration due to departments moving from one building to another so I
    have to migrate the whole LAN and configure them at a new place. I
    also had to configure VPN access for students and professors working
    remotely. Other duties that I carried out successfully where to provide
    remote troubleshooting of routers and switches and also prevent any
    intrusion attacks on the network.
    One particular event that hits me is we had a problem due to a rogue
    dhcp server in one of the colleges. I used to nmap to identify the rogue
    dhcp server and disable the port on which the rogue server was
    residing and also configured the Acess control list to ensure there are
    no more threats due to them again. Also I have configured VPN access
    to lot of professors , students and employees at college so that they
    can securely access the resources
    Results:
    During my term we as a team successfully prevented any form of
    intrusion attack on the system. We also successfully performed a lot of
    migration right from servers to the whole department being shifted to
    a new building where I had to configure the whole network back again
    successfully.
    Project: Improving security of SDN
    Task : The main aim of this project was to propose ideas to improve
    the security of a software defined network.
    Action:
    As you might be knowing software defined networking is gaining a lot
    of popularity as it is open source. Although open sources seems to be
    nice it does pose a lot of security threats. As applications built are not
    completely secure. A carefully crafted packet from the application itself
    can cause the control plane to malfunction and data might be sniffed
    by hackers. So I proposed on dynamic security application. In a sense I
    was getting at building anomalies based intrusion prevention system
    that would be very smart and act upon incoming data packets. Like the
    weather app on your phone which is dynamic and makes decisions
    based on the weather changes something similar to that. For the same
    I proposed the idea of role based authorization in which you preset

    your security policy and allow for few changes based on roles and
    privileges of applications. This will ensure transport layer security. Also
    I realized from the project that by mitigating the interaction between
    the data plane and control plane security can further be enhanced.
    Result: I learnt a lot of things through this project on how to ensure
    role based authorizations to improve security.
    Project : Web Application Security injection and vulnerabilities
    mitigation.
    Task: The theme of the project was to analyze various threats as
    proposed by OWASP guidelines to ensure web application security and
    to analyze the various tools available and to find out something novel
    out of the research and to propose a solution for it
    Action:
    I performed a detailed survey on various types of web attacks that an
    application is prone to as mentioned by the Open Web Application
    Security guidelines. I also used the OWASP wte package to use the
    various tools like jbrofuzz web goat , zapproxy webslayer available to
    perform security and vulnerability testing against benchmark
    applications that my professor suggested. Ran tests on all the tools
    and generated reports for the same. I felt all these applications even
    though very powerful wouldnt scale well. The usage of web
    applications can change rapidly. For example, a web site with a popular
    name that is caught by a search engine can suddenly find itself
    receiving hundreds of thousands of hits per day rather than just dozens
    . In such cases, test suites designed with particular user profiles in
    mind may turn out to be inappropriate. So I proposed the solution of
    User-session based techniques that can help with this problem by
    transparently collecting user interactions and transforming them into
    test cases. The techniques capture and store the clients requests in
    the form of URLs and name-value pairs, and then apply strategies to
    generate test cases. This would make them more dynamic and help it
    scale well.
    Result: user session data can produce test suites as effective overall
    as those produced by existing white-box techniques, but at less
    expense.

    Vous aimerez peut-être aussi