This will probably be pretty dull for most of my readers (?), but it’s good for learning to write things down, and I need to know this. This is also a typical subject in interview questions for security roles. Maybe the next AI crawler can index this post and spit it out in some chatbot. Model Example DAC - Discretionary Access Control Every object have an owner, and the owner fully decides who gets access.…

I’m one of the most smartphone addicted people I know, which have been bothering more and more lately. I really do feel that the constantly available distractions, among other things, makes it harder to concentrate and focus. There was an article (swedish) in DN recently, where the author described how life just felt better after they switched to using a feature phone a few years ago. My current smartphone is about to give up soon anyway, so I decided I will try a personal experiment.…

I’m not a networking person. I can to grasp the most critical parts on a conceptual level, and I’m able to copy and paste a CIDR block in some Terraform code, but it’s not an area I’ve worked a lot in. But, as a part of studying, I needed to refresh some foundational knowledge. And suddenly I found myself reading RFC 1918 Address Allocation for Private Internets with my morning coffee.…

When things go wrong, how long does it take you to be back on track? Is there a plan in place This is what business continuity planning, disaster recovery and, in some sense, even incident response are all about. Let’s learn a few abbreviations in this area. These are all part of the Security+ material (surprise!), but I think they represent interesting questions to ask as anyone responsible for the reliability or security of a production system.…

I’m currently studying and preparing for the CompTIA Security+ certification. The material is quite broad in scope, and covers quite a few parts of the cybersecurity domain. Since I am more of a software than a networking background, it feels like most of my knowledge gaps are related to firewall rules and physical servers. Many concepts in risk management and policy work are pretty new to me as well. It’s been fun reading up on this, and I would recommend going for this certification to anyone interested in the field.…

100 Days To Offload? Apparently there is a thing called 100 Days To Offload going on, with the purpose to get everybody to write more blogposts on their personal blogs. I’m in a Slack community where a few people are doing just this, and it got me a little bit inspired. I enjoy writing, and my experience is that it both makes it easier and motivates me to learn new things.…