This capstone post analyzes an end-to-end privacy attack pipeline: passive TLS metadata collection, behavioral modeling, live prediction, and mitigation impact using ECH. . Threat Model and Objective The attacker is passive on the victim network path and cannot decrypt TLS payloads. Objective: infer user intent and likely next destinations from observable handshake metadata. . […]
TLS and VPN Tunneling: Strong Encryption, Real-World Gaps, and Metadata Exposure
TLS and VPNs are foundational, but confidentiality of payloads does not eliminate all signal leakage. This post links handshake security, tunnel construction, and operational metadata exposure. TLS Security Objective TLS provides confidentiality, integrity, and endpoint authentication for data in transit. Modern deployments rely on authenticated key exchange, certificate validation, and AEAD ciphers. Handshake […]
DNS Security – Cache Poisoning, Resolver Weaknesses, and Hardening
DNS is a trust amplifier: one successful forged answer can redirect large volumes of traffic. This post connects DNS protocol behavior, cache poisoning mechanics, and practical defense controls. Why DNS Is a High-Value Target Applications usually trust DNS results implicitly. If an attacker can poison recursive cache state, downstream clients inherit malicious answers without […]
Cryptography, Symmetric Ciphers and PKI
This post connects cryptographic primitives to system-level trust. The core idea is simple: secure primitives are necessary but not sufficient; operational details determine whether those primitives actually deliver confidentiality, integrity, authentication, and non-repudiation. Why This Layer Matters Packet-level attacks show that identity can be forged at lower layers. Cryptography is the mechanism that upgrades […]
Packet-Level Foundations and Active Network Attacks
A technical deep dive into packet sniffing and spoofing from CS528, including ICMP attack mechanics, lab implementation details, and layered defenses.
Network Security Public Key Cryptography
Table of Contents 1. Introduction & Motivation 2. Why We Need PKC 3. Public Key Encryption 4. RSA Cryptosystem 5. RSA Security Analysis 6. CPA/CCA Security 7. Digital Signatures 8. Complete Comparison 1. Introduction: The Security Landscape 🎯 Course Context This lecture focuses on securing communication at different layers of the IP/TCP stack. We can […]
Network Security – TCP IP Attacks
🔒 TCP/IP Attacks & Security 📑 Table of Contents Overview TCP/IP Protocols IP Security ICMP Attacks TCP Scanning & Spoofing DoS Attacks Countermeasures 📖 1. Overview and Context Learning Objectives Understand the fundamental architecture and vulnerabilities of the TCP/IP protocol stack Identify and analyze common network-layer attacks including spoofing, sniffing, and scanning Comprehend DoS […]
Link Layer Security
Network Security: Link Layer Security 3.1 ARP Cache Poisoning Link Layer Addressing Fundamentals Two Types of Addresses: IP Address (32-bit): Network-layer address used for routing packets to destination networks across the internet MAC Address (48-bit): Link-layer (physical/Ethernet) address used to identify source and destination on the same local network Most LANs use globally unique 48-bit […]
Network Security Cryptography Hash MAC
Network Security Symmetric Cryptography Sections: 2.1 Basics of Crypto | 2.2 Stream Ciphers & Adversaries | 2.3 Block Ciphers | 2.4 Hash Functions | 2.5 MAC and Authenticated Encryption 2.1 Basics of Cryptography Goals of Cryptography Primary Goal: Ensuring security of communication over an insecure medium What Does Secure Communication Mean? Confidentiality (Privacy/Secrecy): Only the […]
Logistic Regression, Support Vector Machines, and Kernel SVM
Part 1: Logistic Regression 1.1 Introduction to Logistic Regression Logistic regression is a probabilistic model for binary classification. Unlike linear regression, which predicts continuous values, logistic regression outputs probabilities between 0 and 1. The core idea is to apply the sigmoid (logistic) function to a linear score: \[ \sigma(z) = \frac{1}{1 + e^{-z}} \] where […]
Search and Optimization in Machine Learning
This blog post provides a detailed explanation of optimization techniques in machine learning. It is intended for college students and explains concepts step-by-step with mathematical notations, examples, and illustrative diagrams. 1. Why Optimization Matters in Machine Learning In machine learning, training a model involves finding the best possible model from a dataset. This process is […]
Logistic Regression and Support Vector Machines
This blog post provides a detailed explanation of the key concepts Logistic Regression and Support Vector Machines (SVMs). These are fundamental algorithms in machine learning for classification tasks. 1. Logistic Regression Logistic Regression is a probabilistic classification model used primarily for binary classification problems. Unlike linear regression, which predicts continuous values, logistic regression outputs the […]
Nearest Neighbor Methods
This blog post provides a detailed explanation of the Nearest Neighbor algorithms, specifically focusing on k-Nearest Neighbors (KNN), as covered in predictive modeling for data mining. Introduction to Nearest Neighbor: Instance-Based Learning The Nearest Neighbor method is a discriminative classification algorithm that is non-parametric and instance-based. Unlike parametric models (e.g., linear regression) that learn explicit […]
Predictive Modeling in Data Mining: Concepts, Mathematics, and Practical Implications
This post explains predictive modeling as a data-mining workflow composed of four essential elements: (i) task specification, (ii) knowledge representation, (iii) learning (scoring + search), and (iv) prediction/evaluation. Contents 1. Introduction 2. The Four Components of a Predictive Modeling Algorithm 3. Task Specification 4. Knowledge Representation (Model Families) 5. Learning: Model Space, Scoring Functions, and […]
Naive Bayes Classifiers
This blog post provides a detailed explanation of Naive Bayes Classifiers (NBC), a fundamental probabilistic classification algorithm in data mining and machine learning. We will explore the concepts step by step, including mathematical foundations, assumptions, learning processes, and practical considerations. Introduction to Naive Bayes Classifiers The Naive Bayes Classifier is a probabilistic model used for […]
Exploratory Data Analysis (EDA)
What is Exploratory Data Analysis? Exploratory Data Analysis (EDA) is an approach to analyzing data when you do not yet have a clear hypothesis or modeling goal. Instead of jumping directly into modeling, EDA focuses on understanding the structure, patterns, and anomalies in the data. EDA aims to: Maximize insight into the dataset Uncover underlying […]
Linear Algebra for Data: Vectors, Matrices, Eigenvalues, SVD, and Distance Measures
1) Vectors: The Fundamental Data Object 1.1 What is a vector? A vector is a 1D array of numbers. You can think of it as: A list of features for one data point (e.g., height, weight, age). A point in space (2D, 3D, or higher dimensions). An arrow with direction and length (geometric view). Notation: […]
Foundations of Data Mining
The Data Mining Process Overview The full data mining process includes several stages: Data Selection: Choosing relevant data sources. Data Preprocessing: Cleaning, transforming, and preparing data (handling missing values, outliers, etc.). Data Mining: Applying algorithms to extract patterns/models (the focus of most courses). Interpretation/Evaluation: Analyzing results and validating them. While the full process is important, […]
Foundations of Probability and Statistics for Data Mining
1. High-Level Overview – Probability and Statistics In the real world, we rarely have complete information. Data is noisy, measurements contain errors, and future events are uncertain. Probability theory provides a rigorous mathematical framework for: Quantifying uncertainty in a principled way Making optimal decisions when outcomes are uncertain Building models that generalize beyond observed […]
Cryptography in Real-World Applications
TLS (Transport Layer Security) – Real-World Application What is TLS? Transport Layer Security (TLS) is a cryptographic protocol that provides secure communication over computer networks. It’s the successor to SSL (Secure Sockets Layer) and is widely used to secure web traffic (HTTPS), email, VPNs, and other network communications. Core Security Objectives: Confidentiality: Data encrypted so […]
Public Key Cryptography Foundations
Complete Guide to RSA, Rabin, Goldwasser-Micali, and ElGamal Cryptosystems Part I: RSA Encryption – Plain and OAEP RSA Algorithm Overview RSA remains one of the most widely used public-key cryptosystems. Understanding both its basic form and secure implementations is crucial for modern cryptography. Key Generation Process Choose two large primes: p and q (typically 1024+ […]
Mathematical Foundations and Basic Concepts of Cryptography
Basic Cryptographic Definitions Core Security Goals Confidentiality: information is accessible only to authorized parties Integrity: information hasn’t been altered by unauthorized parties Authenticity: information originates from claimed source Non-repudiation: sender cannot deny sending the message Threat Models: Passive adversary: Only observes communications (eavesdropper) Active adversary: Can modify, insert, or delete messages Adaptive adversary: Can change […]
Tensorflow Overview
TF1.x vs TF2.0 Pioneering lirary for building deep learning models, launch November 2015. Its free, open source, originally developed by Google. Other libraries: PyTorch – from FB, October 2016 TensorFlow 2.0 Major new version, September 2019 Dynamoic computation graphs Not backward compatible with TF1 Closer to PyTorch TF1.x vs TF2.0 vs PyTorch TF1.x PyTorch Computation […]
Machine Learning – Adversarial Sample Detection
Adversarial Examples Inputs generated by adversaries to fool neural networks. Two types: Semantic based perturbations Restricted area to manipulate pixels Modify a specific area of the image Simulate real world scenarios Pervasive Perturbations Full access to pixel alteration Modify the whole image Different distance metrics Defense and Detections Adversarial detections – determine whether input […]
Machine Learning – Inference Attacks
How model inversion attack works? Attacker first trains a separate ML model known as Inversion Model based on the output of the target model Goal is to predict the input data (original dataset used to train the target model) Attacker can exploit information based on the input Types of MIA attacks: Query based attacks: […]
Machine Learning – Adversarial Attacks
Below are various papers reviewed regarding security vulnerabilities and adversarial attacks against machine learning. 6thSense Intrusion Detection System (IDS) for smart devices This paper presents 6thSense, a novel intrusion detection system (IDS) designed to defend against sensor-based threats in smart devices, particularly Android smartphones. The framework uses context-aware models and machine learning techniques to detect […]
Machine Learning – Black Box Attacks and Transferability
Adversary Knowledge White-box = adversary has complete knowledge of the targeted model, including its parameter values, architecture, training method and in some cases its training data Black-box = adversary has no knowledge about the ML model except input output samples of training data or input output pairings obtained using the target model as an oracle […]
Model Evaluation – Regression
Model Evaluation Techniques This notebook will only deal with commonly used evaluation metrics for regression and classification. This list is not exhaustive, you are encouraged to look at the other metrics that can be used. References: (1) Scikit-Learn : https://scikit-learn.org/stable/modules/model_evaluation.html (2) https://github.com/maykulkarni/Machine-Learning-Notebooks Useful Resources : https://scikit-learn.org/stable/modules/model_evaluation.html https://scikit-learn.org/stable/modules/model_evaluation.html#mean-absolute-error In [1]: import numpy as np import matplotlib.pyplot as […]
Model Evaluation – Classification
Model Evaluation Techniques This notebook will only deal with commonly used evaluation metrics for classification. This list is not exhaustive, you are encouraged to look at the other metrics that can be used. References: (1) Scikit-Learn : https://scikit-learn.org/stable/modules/model_evaluation.html (2) https://github.com/maykulkarni/Machine-Learning-Notebooks Useful Resources : https://scikit-learn.org/stable/modules/model_evaluation.html https://scikit-learn.org/stable/modules/model_evaluation.html#mean-absolute-error In [1]: import numpy as np import matplotlib.pyplot as plt import […]
Machine Learning – Regression Algorithms
Machine learning Algorithms using Scikit-Learn Ref : All the documentation for the functions used can be found at https://scikit-learn.org/stable/ This notebook aims to introduce you to the scikit-learn library that contains a lot of popularly used Machine Learning algorithms. This notebook contains the following section: (1) Regression Each section has a data preparation section […]
Machine Learning Algorithms Scikit-Learn
Machine learning Algorithms using Scikit-Learn Ref : All the documentation for the functions used can be found at https://scikit-learn.org/stable/ This notebook aims to introduce you to the scikit-learn library that contains a lot of popularly used Machine Learning algorithms. This notebook contains the following section: (1) Classification For the classification component, we use the […]
Python Panda Data Visualization
Data Operations using Python and Pandas Using Python to prepare data for Machine Learning tasks and other data analysis¶ This notebook has been taken from the following link. Please follow that link to find more such notebooks on different topics. Ref : https://sebastianraschka.com/notebooks/python-notebooks.html This notebook explores pandas and matplotlib (library for visualization) by analyzing a […]
Python Pandas
Introduction to Pandas library with Python This notebook has been taken from the following link. Please follow that link to find more such notebooks on different topics. Ref : https://sebastianraschka.com/notebooks/python-notebooks.html Pandas is a popular library compatible with python, for Machine Learning and Data Analysis. This notebook aims to introduce you to a couple of basic […]
Python Introduction including Numpy
Python Numpy Tutorial This is notebook is part of the CS231n (Convolutional Neural Networks for Visual Recognition) offered at Stanford University. Introduction Python is a great general-purpose programming language on its own, but with the help of a few popular libraries (numpy, scipy, matplotlib) it becomes a powerful environment for scientific computing. We expect that […]
CoPilot and OpenAI API
Microsoft CoPilot Microsoft Bing Search and Bing Chat has changed name to Copilot Background Started with ChatGPT (November 2022) created by OpenAI. Microsoft has been investing in OpenAI since 2019. 1B in 2019. 10B in 2023. Microsoft has been OpenAi’s exclusive cloud provider. Use cases of LLM: Content Generation Language Translation Coding Assistance Customer […]
Entra ID
Introduction 2023 Microsoft rebranded Azure AD to Entra ID. Azure AD name caused confusion with Active Directory (AD) which is similar but not identical. Managing User and Service Accounts Domain Controller can be the DNS as well Joining Computer to a Domain Computer clock must be 5 mins within DC clock CMD+R ncpa.cpl […]
Cryptography
Hash Function Definition: Mapping a long string to a shorter string. Key Properties: Collision-resistance: Difficulty in finding two inputs that map to the same output. Pre-image resistance: Difficulty in finding any pre-image for a given output. Uses: Protecting the integrity of systems and passwords. Used for the actual storage of passwords Private Key Encryption […]
Network Security
Syn Flood Attacks https://www.cloudflare.com/learning/ddos/syn-flood-ddos-attack/ A SYN flood (half-open attack) is a type of denial-of-service (DDoS) attack which aims to make a server unavailable to legitimate traffic by consuming all available server resources. By repeatedly sending initial connection request (SYN) packets, the attacker is able to overwhelm all available ports on a targeted server machine, causing […]
Web Security
SQL Injection = no sanitizing Cross-site scripting = inject javascript via uri https://example.com/test.php?color=green&background=</style><script>alert(String.fromCharCode(88,83,83))</script> Path Traversal = Allowing for path or directory traversal on your server is an amazingly bad idea. You would be allowing people to list the folders on your server and to navigate from folder to folder. This allows attackers to go […]
Software Security
Introduction to Software Security What is computer security? Systems may fail for many reasons Reliability deals with accidental failures Usability deals with problems arising from operating mistakes by users Security deals with intentional failures created by intelligent parties Computing in the presence of an adversary Examples of Software Problems Therac-25 medical accelerator Killed […]
Security – Operating Systems
Computer System Components Hardware Provides basic computer resources (CPU, memory, I/O devics) Maybe addons Possible firmware Operating System Controls hardware and various apps Application Programs Users What is an Operating System Program that acts as an intermediary between user and computer hardware Efficiency – better utilization of resources Convenience – ease of use […]
Security – Passwords and Authentication
Basic, Fundamental Problem Client → Server How do you prove that you are who you claim to be? Users and servers prove themselves in different ways Different attack models Different assumptions about what they can feasibly do Authentication Determination of identity, usually based on a combination of Something the person has (smart card, […]
Security – Malware
Malware Malicious code that is stored on and runs on a victim’s system How does it get to run? Attacks a user – or network-facing vulnerable service (often using techniques we’ve just learned!) Backdoor: Added by a malicious developer Social engineering: Trick the user into running/clicking/installing Trojan horse: Offer a good service, add in the […]
Security – Side Channel Attacks
Covert Channels Covert means of transferring data Channel that transfers information in a way that violates a security policy An insider process leaks information to an outsider process not normally allowed to access that information Often divided into two (three) main categories: Storage Communication done in some memory space Timing Delay or some action in […]
Security – User Access Controls
Access Control Provides the essential services of authorization, identification and authentication, access approval, and accountability authorization specifies what a subject can do identification and authentication ensure that only legitimate subjects can log on to a system access approval grants access during operations, by association of users with the resources that they are allowed to access, […]
OAuth Principles
Review of different types of authentication attacks. This is examined through an example where user wants an application X to access their files on application Y and needs to delegate those permissions. Exposing Credentials Giving out your credentials is bad. Plain and simple. Minus the risk of exposure, having full credentials doesn’t allow for […]
Matrices
The following are some notes taken during a lecture. Matrices: Overview Matrices are useful discrete structures that can be used in many ways. For example, they are used to: Describe certain types of functions known as linear transformations. Express which vertices of a graph are connected by edges. In Machine Learning, Data Mining, and Information […]
Cardinality of Sets
Cardinality Revisited Definition: The cardinality of a set A is equal to the cardinality of a set B, denoted |A| = |B|, if and only if there is a one-to-one correspondence (i.e., a bijection) from A to B. If there is a one-to-one function (i.e., an injection) from A to B, the cardinality of A […]
Sequences and Summations
The following are some notes taken during a lecture. Sequences: Definition Sequences are ordered lists of elements. 1, 2, 3, 5, 8 1, 3, 9, 27, 81, ……. Sequences arise throughout mathematics, computer science, and in many other disciplines, ranging from botany to music. We introduce the terminology to represent sequences and sums of the […]
Functions
The following are some notes taken during a lecture. Basic Definitions Definition: Let A and B be nonempty sets. A function f from A to B, denoted f: A → B is an assignment of each element of A to exactly one element of B. We write f(a) = b if b is the unique […]
Set Operations
The following are some notes taken during a lecture. Set Union Definition: Let A and B be sets. The union of the sets A and B, denoted by A ∪ B, is the set: Set Intersection Definition: The intersection of sets A and B, denoted by A ∩ B, is BELOW. Note if the intersection […]
Basic Structures: Sets, Functions, Sequences, Sums and Matrices
The following are some notes taken during a lecture. Sets Sets are one of the basic building blocks for the types of objects considered in discrete mathematics. Important for counting. Programming languages have set operations. Set theory is an important branch of mathematics. Many different systems of axioms have been used to develop set theory. […]
Recursive Definitions
The following are some notes taken during a lecture. Recursively Defined Functions Definition: A recursive or inductive definition of a function consists of two steps. BASIS STEP: Specify the value of the function at zero. RECURSIVE STEP: Give a rule for finding its value at an integer from its values at smaller integers. A function […]
Induction and Recursion
The following are some notes taken during a lecture. Mathematical Induction Suppose we have an infinite ladder: We can reach the first rung of the ladder. If we can reach a particular rung of the ladder, then we can reach the next rung. From (1), we can reach the first rung. Then by applying (2), […]
Logic and Proofs
The following are some notes taken during a lecture. Rules of Inference We have the two premises: “All men are mortal.” “Socrates is a man.” And the conclusion: “Socrates is mortal.” How do we get the conclusion from the premises? Rules of Inference: The Argument We can express the premises (above the line) and […]
Predicate Logic
The following are some notes taken during a lecture. Limitations of Propositional Logic If we have statements of the form: “All Purdue CS students are brilliant.” “Alice is a Purdue CS student.” Does it follow that “Alice is brilliant?” This is not easy to represent in propositional logic. We need a formalism (logic) that reasons […]
Propositional Logic
The following are some notes taken during a lecture. Propositions A proposition is a declarative sentence that is either true or false Examples: Neil Armstrong was a Purdue Alum. true Purdue Computer Science is in the Silicon Valley. false Purdue won the 2018 NCAA men’s basketball championship. false 1 + 0 = 1 true 0 […]
Cloud Microservice Security
Monolith Architecture Security Controls Below is a sample traditional monolithic architecture with various security controls. Microservices Microservices are an architectural approach. Decouple system into small, independent services Use well defined service APIs Each microservice is easy to change and deploy independently They fit naturally with containers – one microservice per container Consider the following […]
DevOps Security
These are some notes regarding DevOps and security The DevOps Tool Chain A measurement for successful DevOps (CALMS) Culture Accept failure Collaboration occurs widely Empower teams High levels of trust Automation Tools Continuously iterate Transparency Consistency Everything as Code Be very good at git scripts, runbooks, configurations, documentation, … Lean Confront bureaucracy Efficiency Leverage automation […]
Data Privacy
Privacy Fundamental human right In most constitutions First law in 1361 against peeping toms and eavesdroppers In 1948’s Universal Declaration of Human Rights Most notable in the way it is constrained and infringed rather than how it is enforced What is Privacy? The ability to keep information about oneself confidential Information about me as […]
Cyber Ethics and Law
Before talking about Ethics and Law, we should look at the human cognition and understand some of our errors and biases. Our ethics and law try to address some of these errors. Human Biases The human factor in security incidents Analysis of security incidents reveals, more often than not, human factor as a major cause […]
Cyber Risk, Security, Economics and Insurance
Below are some notes when looking at cyber risk, security, economics and insurance. First a definition. What is Security? Security A system is secure if it is protected against all forms of threat This is hard to predict And cannot afford to protect against all of them Security = economic issue, not just engineering Solutions […]
Contributors to Science and Technology from marginalized groups
This was a diversity assignment to report on some leaders and significant contributors to the field of computer science from marginalized minority groups. Marsha Rhea Williams Marsha Rhea Williams is an African-American expert in information technology and advocate for STEM, especially in underprivileged black communities. Dr. Williams is most notably known for being the first […]
AWS SageMaker Overview
Amazon SageMaker is a fully managed machine learning service. With SageMaker, data scientists and developers can quickly and easily build and train machine learning models, and then directly deploy them into a production-ready hosted environment. It provides an integrated Jupyter authoring notebook instance for easy access to your data sources for exploration and analysis, so […]
Machine Learning Overview
Machine Learning = building a model from example inputs to make data-driven predictions vs following strictly static program instructions. Traditional programming contains logic that the machine must follow to execution. Machine Learning does not have same logic like traditional if, loops, case etc. Instead, it is based on data and some given algorithm. With that […]
UNIX Program Execution, CPU, Memory and Virtualization
More notes on UNIX Systems. See other article here: Unix System Program Layout in Memory Program versus process A program is an executable file containing a sequence of instructions A process is a program in execution For reasons of technology today A program is usually stored on disk or other non-volatile secondary storage A […]
C / C++ Review
These are random notes in reviewing C/C++. The C Language C language history and purpose Before UNIX, most OS were written in assembly language, tying them to specific instruction set architecture (ISA) An assembly language program is a sequence of ISA instructions C was created by Dennis Ritchie at Bell Labs in 1972 to have […]
Unix System
Some notes regarding UNIX Systems. More notes can be found here: UNIX Program Execution, CPU, Memory and Virtualization Operating System UNIX began 1970s ATT Bell Labs. Many variations of Unix today. UNIX Architecture: Kernel System Calls Shell and Library routines Applications UNIX documentation part of OS – man pages. (manual pages). Man page […]
Microsoft Intune
Microsoft Intune is industry accepted management for Windows systems. It is a cloud-based service for MDM and MAM. MDM vs MAM MDM – Mobile Device Management Capable of managing Windows MDM provider built into devices May include App management Intune MDM supports iOS, Android, Mac and Linux MAM – Mobile Application Management Focuses on app […]
Review of Bash and Zsh
Notes to review Bash and Zsh programming Background Shell is interface to run programs via commands. It is text based (command line). The Bash and Zsh (default on MacOS) are most popular. Windows has Powershell but lately can support Bash/Zsh as well via (WSL – Windows Subsystem for Linux). Zsh is very similar to Bash […]
Cybersecurity Strategies 2022
Notes from a recent whitepaper outlining cyber security strategies in 2022. Modern application development requires responsibilities across all of IT. Gartner estimates that by 2025 at least 75% of IT organizations will have faced at least one ransomware attack. Terminology / Concepts Shift Left Moving security review processes and tooling to earlier parts of the […]
XDR EDR SOAR and SIEM
Various topics related to Cybersecurity. XDR vs EDR vs SOAR vs SIEM Definitions on tools / services commonly used for cybersecurity. SIEM Combining security information management (SIM) and security event management (SEM), security information and event management (SIEM) offers real-time monitoring and analysis of events as well as tracking and logging of security […]
Web APIs and Streaming Data
Traditional WebAPI is inefficient during transactions that take long durations. Below are some popular alternatives to RESTFul API. Webhooks There is a client that registers with interested events and callback URL with the server. The client tells the server the client’s URL that the server POST updates to. When an event happens, […]
AWS Developer Associate Certification
The AWS Certified Developer Associate examination is intended for individuals who perform a development role and have one or more years of hands-on experience developing and maintaining an AWS-based application. Abilities Validated by the Certification Demonstrate an understanding of core AWS services, uses, and basic AWS architecture best practices Demonstrate proficiency in developing, deploying, and […]
Angular Material
Angular Material is a UI component framework that follows Google’s Material Design specification. It was created and supported by the Angular development team. More information about Material Design: Material Design Setting up Material Project Create a new ng project as normal. Then run commands to add ng material ng new material ng add @angular/material@11.0.0 […]
IoT on AWS
AWS provides several devices and services for enterprise IoT solutions. Devices and Device Software Snowcone FreeRTOS OS for microcontrollers that makes small, low-power edge devices easy to program, deploy, secure, connect and manage IoT Greengrass Software that allows local compute, messaging, data caching, sync and machine learning inference capabilities on connected devices in a […]
Managing vs Leading
Key takeaways to keep applying: – Leading vs Managing (remember to manage ‘things’ and ‘lead’ people) – Establish trust with your team by demonstrating that you value what they value – Eliminate expectation gaps – Keep giving feedback that feeds using the ‘Do well’ & ‘Do differently’ formulas Here’s a link to a short video […]
Web Application Security
Some common web security topics and patterns. Crypto-miner Cryptocurrency mining, or cryptomining, is a process in which transactions for various forms of cryptocurrency are verified and added to the blockchain digital ledger. Also known as cryptocoin mining, altcoin mining, or Bitcoin mining (for the most popular form of cryptocurrency, Bitcoin), cryptocurrency mining has increased […]
AWS Tagging Strategy
These are some notes on AWS Tagging Best Practices. See reference section below for sources. Amazon Web Services allows customers to assign metadata to their AWS resources in the form of tags. Each tag is a simple label consisting of a customer-defined key and an optional value that can make it easier to manage, search […]
AWS Service Quotas
In Amazon Web Services there are service quotas for many of the services. A service quota is the maximum number of service resources or operations that apply to an account, although some service quotas apply to a Region. An example of an account-based quota is the number of AWS IAM roles per account or AWS […]
AWS Solutions Architect Certification
Notes taken during preparation for the AWS SA Associate Certification. Purpose The AWS Solutions Architect Certification is intended for individuals who perform a Solutions Architect role. This exam validates an examinee’s ability to effectively demonstrate knowledge of how to architect and deploy secure and robust applications on AWS technologies. Exam Domains The exam is […]
Review of .Net Core 3
Some key features in .Net Core 3 / C# v8 Nullable Reference Types Pattern Matching Improvements First class support for Indices and Ranges Default Interface Members Async Streams JSON Parsing improvements Windows Desktop / Winforms Support Improvements to build, pack and deploy Nullable Reference Types The Null Reference Exception: static void NullException(MyObject obj) { Console.WriteLine(obj.title); […]
Load Balanced and Auto Scaling containerized app with AWS ECS
Elastic Container Service (ECS) is a container management service that is scalable, secure, reliable and fast. ECS can launch containers in EC2 or serverless in what is called Fargate. For either launch types, ECS will be orchestrating the containers and managing the cluster. Amazon ECS is a regional service that simplifies running application containers in […]
Revisiting Angular
Angular is a platform and framework for building client applications in HTML and TypeScript. The basic building blocks of an Angular application are NgModules, which provide a compilation context for components. NgModules collect related code into functional sets; an Angular app is defined by a set of NgModules. An app always has at least a root module that enables bootstrapping, […]
Federal Identity and Credentials
Federal Identity, Credential and Access Management F-ICAM There are 5 parts to Federal Identity, Credential and Access Management System. This is a combination of applications, tools, standards and policies. Identity Management Identity Management is how an agency collects, verifies, and manages attributes to establish and maintain enterprise identities for federal government employees, contractors, and authorized […]
Information Systems Government Compliance
Organizations DHS – Major US Government agency focused on cyber security is DHS. They focus on the physical and cyber threats to the nation. US-CERT (United States Computer Emergency Readiness Team) – coordinates cyber information sharing and manages national cyber risks. (www.us-cert.gov). They also distribute vulnerability and threat information to National Awareness System (NCAS) and […]
Azure implementing caching
The following is from Azure Developer Training lab for AZ-203 Azure Cache for Redis overview Azure Cache for Redis is based on the popular software Redis. It is typically used as a cache to improve the performance and scalability of systems that rely heavily on backend data-stores. Performance is improved by temporarily copying frequently accessed […]
Azure developing scalable apps
The following is from Azure Developer Training lab for AZ-203 Common autoscale patterns Note: Azure Monitor autoscale currently applies only to Virtual Machine Scale Sets, Cloud Services, App Service – Web Apps, and API Management services. Scale based on CPU You have a web app (/VMSS/cloud service role) and You want to scale out/scale in […]
Azure Monitor and Logging
The following is from Azure Developer Training lab for AZ-203 Azure Monitor overview Note: Consolidation of monitoring services into Azure Monitor Log Analytics and Application Insights have been consolidated into Azure Monitor to provide a single integrated experience for monitoring Azure resources and hybrid environments. Overview The following diagram gives a high-level view of Azure […]
Azure Secure Data Solutions
The following is from Azure Developer Training lab for AZ-203 Encryption Encryption is the process of translating plain text data (plaintext) into something that appears to be random and meaningless (ciphertext). Decryption is the process of converting ciphertext back to plaintext. To encrypt more than a small amount of data,symmetric encryption is used. A symmetric […]
Azure implementing Access Control
The following is from Azure Developer Training lab for AZ-203 Claims Authorization is the process of determining which entities have permission to change, view, or otherwise access a computer resource. For example, in a business, only managers may be allowed to access the files of their employees. In the past, this was simple toaccomplish with […]
Azure Managing Identities
The following is from Azure Developer Training lab for AZ-203 Managed identities for Azure resources overview Note: Managed identities for Azure resources is a feature of Azure Active Directory. Each of the Azure services that support managed identities for Azure resources are subject to their own timeline. Make sure you review the availability status of […]
Azure Implementing Authentication
The following is from Azure Developer Training lab for AZ-203 Microsoft identity platform overview Microsoft identity platform is an evolution of the Azure Active Directory (Azure AD) identity service and developer platform. It allows developers to build applications that sign in all Microsoft identities, get tokens to call Microsoft Graph, other Microsoft APIs, or APIs […]
Azure develop solutions Blob Storage
The following is from Azure Developer Training lab for AZ-203 Introduction to Azure Blob storage Azure Blob storage is Microsoft’s object storage solution for the cloud. Blob storage is optimized for storing massive amounts of unstructured data. Unstructured data is data that does not adhere to a particular data model or definition, such as text […]
Azure develop solutions Relational Database
The following is from Azure Developer Training lab for AZ-203 The Azure SQL Database service SQL Database is a general-purpose relational database managed service in Microsoft Azure that supports structures such as relational data, JSON, spatial, and XML. SQL Database delivers dynamically scalable performance within two different purchasingmodels: a vCore-based purchasing model and a DTU-based […]
Azure develop solution for Cosmos DB
The following is from Azure Developer Training lab for AZ-203 Azure Cosmos DB Microsoft Azure Cosmos DB is a database service native to Azure that focuses on providing a high-performance database regardless of your selected API or data model. Azure Cosmos DB offers multiple APIs and models that can be used interchangeably for various application […]
Azure develop solution for Table Storage
The following is from Azure Developer Training lab for AZ-203 Introduction to Table storage in Azure Azure Table storage is a service that stores structured NoSQL data in the cloud, providing a key/attribute store with a schema less design. Because Table storage is schema less, it’s easy to adapt your data as the needs of […]
Azure App Service API Apps
The following is from Azure Developer Training lab for AZ-203 API Management overview API Management (APIM) helps organizations publish APIs to external, partner, and internal developers to unlock the potential of their data and services. Businesses everywhere are looking to extend their operations as a digital platform, creating new channels, finding new customers and driving […]
Azure App Service Functions
The following is from Azure Developer Training lab for AZ-203 Introduction to Azure Functions Azure Functions is a solution for easily running small pieces of code, or “functions,” in the cloud. You can write just the code you need for the problem at hand, without worrying about a whole application or the infrastructure to run […]
Azure App Service Mobile Apps
The following is from Azure Developer Training lab for AZ-203 About mobile apps in App Service Azure App Service is a fully managed platform as a service (PaaS) offering for professional developers. The service brings a rich set of capabilities to web, mobile, and integration scenarios. The Mobile Apps feature of Azure App Service gives […]