Tonisha Payne

Cybersecurity Studies, Skills, Knowledge and Training

Risk Management

• Knowledgeable in assessing and managing cyber risks to ensure the security posture of organizations.

Information Technology Foundations

• Basic understanding of OSI and TCP/IP Models.
• Knowledgeable in implementing security measures at different layers of network protocols.
• Skilled in virtualization technologies and their security implications.
• Familiarity with cloud technologies and their security considerations.

Consulting and Interpersonal Skills

• Strong critical thinking abilities to analyze and evaluate complex cybersecurity challenges.
• Proficient in conducting research and documenting findings to support decision-making processes.
• Experienced in strategy development and project management methodologies in Waterfall model and Agile Methodology.

Offensive Cybersecurity Concepts and Techniques

• Proficient in offensive cybersecurity techniques to identify and exploit vulnerabilities within systems.

The Defensive Mindset

• Solid understanding of cybersecurity defense structures and strategies.
• Proficient in implementing technical defense mechanisms to safeguard against cyber threats.
• Knowledgeable in cyber security economics and its implications on defensive strategies.
• Knowledgeable in implementing cyber security architectures.
• Familiarity with taxonomy of controls to enforce security measures effectively.

Incident Response

• Proficient in managing incident response lifecycles to mitigate cyber threats effectively.
• Experienced in cyber security analysis and interpreting relevant logs for incident investigation.
• Knowledgeable in ITIL lifecycle and its application in incident response processes.
• Skilled in identifying security incidents within IT operations and responding accordingly.
• Proficient in evidence collection and documentation for incident analysis and legal purposes.
• Familiarity with risk assessment methodologies to prioritize incident response efforts.
• Experienced in transitioning from incident response to threat intelligence gathering.
• Knowledgeable in NIST Cybersecurity Framework for aligning incident response practices with industry standards.

Technical Skills:

Operating Systems:

• Ubuntu
• Kali Linux
• Windows 10

Data Integrity & Security:

• Data Integrity Verification using Powershell
• Symmetric & Asymmetric Encryption/Decryption for Data Confidentiality

Network Management:

• Network Configuration (Linux & Windows)
• Telnet, FTP, SSH Server Setup
• Network Data Capture with Wireshark
• Traffic Capturing with Wireshark & Tcpdump
• Web Service Installation & Apache Server Configuration
• MySQL and PHP Tools Installation & Configuration
• Basic Firewall Management (e.g., ufw)

Security Assessment & Penetration Testing:

• Vulnerability Scanning & Management using NESSUS
• Google Hacking
• Dig Command for DNS Query
• Whois Command for Domain Details
• Nmap for Network Probing
• Exploit Delivery with Metasploit Framework
• Web Penetration Testing with Metasploit (DVWA)
• Cross-Site Scripting (XSS) & Command Injection (DVWA)
• Access Control Management in Linux
• USB Drive Usage Control
• Iptables Firewall Configuration

Access Controls & System Management:

• Managing Users & Groups in Linux
• Managing Ownership & Permissions in Linux
• Limiting SSH Login & User Abilities in Linux
• Exploring & Managing Certificates in Windows
• SSL Certificate Creation & Configuration
• Apache Web Server Configuration & Hardening
• Log Analysis & Review (Ubuntu & Windows)
• Collecting Digital Evidence
• Data Copying & Write-Protection Management

Other:

• Shell Scripting
• SOC 2 Report Review