IreneMakonnen/Irene_Portfolio
GitHub: IreneMakonnen/Irene_Portfolio
一份涵盖网络安全、云安全、渗透测试等多个领域的综合安全作品集,展示了从基础到实战的安全技能成长路径。
Stars: 0 | Forks: 0
# Irene_Cybersecurity_Portfolio
欢迎!我是 Irene Makonnen,一名专注于道德黑客、移动/网络/Web 安全以及网络防御的网络安全专业人士。本作品集展示了我的实战项目、安全研究和技术技能。
## 核心技能
- 网络安全自动化
- 漏洞评估
- 移动应用安全
- 网络安全
- Web 应用安全
- 渗透测试
- 风险评估与合规
- 事件响应与威胁情报
- 网络安全报告
## 项目中心
### Google Cybersecurity Professional 证书
我成功完成了包含 8 门课程的 Google 网络安全证书项目,并在其中掌握了关键工具和技术的实操经验。
在学习期间,我掌握了 `Python`、`Linux`、`SQL`、`安全信息与事件管理 (SIEM) 工具`、`入侵检测系统 (IDS)` 等技术技能,以及 `沟通`、`协作`、`分析` 和 `解决问题` 等关键软技能。
以下是我在模拟网络安全场景中完成的项目概览,详细介绍了所获得的技能、应用的方法论以及使用的技术。
2.2 [分析网络攻击](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/2.2%20Analyzing%20network%20attacks.md)
2.3 [应用操作系统加固技术](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/2.3%20Application%20of%20OS%20hardening%20techniques.md)
2.4 [分析网络加固](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/2.4%20Analysis%20of%20network%20hardening.md)
2.5 [使用 NIST CSF 响应安全事件](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/2.5%20Using%20NIST%20CSF%20to%20respond%20to%20security%20incident.md) | | 3. Linux 和 SQL | `命令行界面 (CLI)`、`SQL`、`Linux`、`Bash` | 3.1 [使用 Linux 命令管理文件权限](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/3.1%20Using%20Linux%20commands%20to%20manage%20file%20permissions.md)
3.2 [对 SQL 查询应用过滤器](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/3.2%20Applying%20filters%20to%20SQL%20queries.md) | | 4. 资产、威胁和漏洞 | `身份验证`、`漏洞评估`、`密码学`、`资产分类`、`威胁分析` | 4.1 [对连接到家庭网络的资产进行分类](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/4.1%20Classifying%20the%20assets%20connected%20to%20a%20home%20network.md)
4.2 [根据可能性和严重程度对风险进行评分](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/4.2%20Scoring%20risks%20based%20on%20their%20likelihood%20and%20severity.md)
4.3 [确定适当的数据处理实践](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/4.3%20Determining%20appropriate%20data%20handling%20practices.md)
4.4 [改进小型企业的身份验证、授权和记账](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/4.4%20Improving%20authentication%2C%20authorization%2C%20and%20accounting%20for%20a%20small%20business.md)
4.5 [分析小型企业的脆弱系统](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/4.5%20Analyzing%20a%20vulnerable%20system%20for%20a%20small%20business.md)
4.6 [识别 USB 驱动器的攻击向量](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/4.6%20Identifying%20the%20attack%20vectors%20of%20a%20USB%20drive.md)
4.7 [应用 PASTA 威胁模型框架](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/4.7%20Applying%20the%20PASTA%20threat%20model%20framework.md) | | 5. 检测与响应 | `SIEM 工具`、`数据包分析器`、`IDS` | 5.1 [使用事件处理程序日志记录事件](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/5.1%20Documenting%20an%20incident%20with%20an%20incident%20handler's%20journal.md)
5.2 [使用 Wireshark 分析数据包](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/5.2%20Analyzing%20a%20packet%20with%20Wireshark.md)
5.3 [使用 tcpdump 捕获数据包](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/5.3%20Capturing%20a%20packet%20with%20tcpdump.md)
5.4 [使用 Suricata 检查警报、日志和规则](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/5.4%20Examining%20alerts%2C%20logs%2C%20and%20rules%20with%20Suricata.md)
5.5 [使用 Splunk 执行查询](https://github.com/IreneMakonnen/Irene_Portfolio/blob/f6acfe57f8899186131712ce0ee5c785aa8413f8/Google%20Cybersecurity%20Professional%20Certificate/5.5%20Performing%20a%20query%20with%20Splunk.md)
5.6 [使用 Chronicle 执行查询](https://github.com/IreneMakonnen/Irene_Portfolio/blob/f6acfe57f8899186131712ce0ee5c785aa8413f8/Google%20Cybersecurity%20Professional%20Certificate/5.6%20Performing%20a%20query%20with%20Chronicle.md) | | 6. 使用 Python 自动化网络安全任务 | `计算机编程`、`Python 编程`、`编码`、`PEP 8 风格指南` | 6.1 [通过 Python 算法更新文件](https://github.com/IreneMakonnen/Irene_Portfolio/blob/f6acfe57f8899186131712ce0ee5c785aa8413f8/Google%20Cybersecurity%20Professional%20Certificate/6.1%20Updating%20a%20file%20through%20a%20Python%20algorithm.md) |
### Google Cloud Cybersecurity Professional 证书
我成功完成了包含 5 门课程的 Google Cloud 网络安全证书项目,并在其中掌握了关键工具和技术的实操经验。
使用的平台和工具:`Security Command Center (SCC)`、`Cloud Firewall` 和 `Logging`。
以下是我在模拟网络安全场景中完成的项目概览,详细介绍了所获得的技能、应用的方法论以及使用的技术。
1.2 [使用 Cloud Shell 创建 VPC](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/1.2%20Creating%20a%20VPC%20using%20Cloud%20Shell.md) | | 2. 云安全风险管理策略 | `风险管理框架`、`基础设施即代码`、`信息隐私`、`ISO/IEC 27001`、`NIST 800-53` | 2.1 [审查合规报告](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/2.1%20Reviewing%20a%20compliance%20report.md)
2.2 [审查和更新风险管理策略](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/2.2%20Reviewing%20and%20updating%20a%20risk%20management%20policy.md)
2.3 [使用 SCC 报告修复发现的问题](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/2.3%20Using%20SCC%20reports%20to%20remediate%20findings.md) | | 3. 云安全风险:识别并防御威胁 | `授权 (计算)`、`IAM`、`漏洞评估`、`数据安全与治理`、`云原生计算`、`基础设施即代码`、`身份验证`、`容器化`、`基础设施安全`、`RBAC` | 3.1 [在 Google Cloud IAM 中创建角色](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/3.1%20Creating%20a%20role%20in%20Google%20Cloud%20IAM.md)
3.2 [访问防火墙并创建规则](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/3.2%20Accessing%20a%20firewall%20and%20creating%20a%20rule.md)
3.3 [识别漏洞和补救技术](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/3.3%20Identifying%20vulnerabilities%20and%20remediation%20techniques.md)
3.4 [使用 Terraform 和 Cloud Shell 更改防火墙规则](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/3.4%20Changing%20firewall%20rules%20using%20Terraform%20and%20Cloud%20Shell.md)
3.5 [分析容器的安全性](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/3.5%20Analyzing%20the%20security%20of%20a%20container.md)
3.6 [创建对称和非对称密钥](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/3.6%20Creating%20symmetric%20and%20asymmetric%20keys.md) | | 4. 检测、响应和从云网络攻击中恢复 | `入侵检测与防御`、`事件管理`、`灾难恢复`、`威胁检测与管理`、`网络威胁狩猎`、`SIEM`、`安全控制`、`计算机安全事件管理`、`系统与事件监控`、`记录保存`、`IT 自动化` | 4.1 [确定正常活动与事件之间的区别](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/4.1%20Determining%20the%20difference%20between%20normal%20activity%20and%20an%20incident.md)
4.2 [通过事件检测探索误报](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/4.2%20Exploring%20false%20positives%20through%20incident%20detection.md)
4.3 [使用 BigQuery 分析审计日志](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/4.3%20Analyzing%20audit%20logs%20using%20BigQuery.md)
4.4 [记录事件时间线](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/4.4%20Documenting%20a%20timeline%20of%20events.md)
4.5 [使用 Google Backup and DR Service 恢复 VM](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/4.5%20Recovering%20VMs%20with%20Google%20Backup%20and%20DR%20Service.md) | | 5. 总结:为云安全分析师工作做准备 | `AI`、`生成式 AI`、`Google Cloud Platform` | 5.1 [Capstone 项目:响应数据泄露并从中恢复](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/5.1%20Capstone%20Project.md)
5.2 [Capstone 项目的事件报告](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/5.2%20Incident%20report%20for%20Capstone%20Project.md) |
### AfricaHackon Academy
我成功完成了为期 7 个月的 AfricaHackOn Academy 强化课程,该课程让我接触到了实战训练和真实世界的模拟环境。
[文件权限检查器]()
[简单日志监控器]()
[IP 地址验证器]()
[安全报告]()
[安全问答游戏]()
[编程 + MySQL](https://github.com/IreneMakonnen/Irene_Portfolio/blob/main/AfricaHackOn%20Academy/Coding%20+%20MySQL.md) | `Python`、`Bash`、`SQL` | | 网络安全 | [网络服务]()
[网络发现与分析]()
[数据包捕获分析]()
[Snort]()
[无线网络审计与渗透测试]() | `Apache`、`Wireshark`、`Snort` | | 侦察与 OSINT | [域名与子域名探测]() | `OSINT` | | Windows 安全 | [Windows 漏洞利用]() | `Metasploit`、`ngrok` | | Web 与 API 安全 | [crAPI]() | `Burp Suite`、`Postman`、`OWASP10` | | 移动应用安全 | [Beetlebug CTF](https://github.com/IreneMakonnen/Irene_Portfolio/blob/main/AfricaHackOn%20Academy/Beetlebug%20CTF.md)
[Damn Vulnerable Bank]()
[易受攻击银行](https://github.com/IreneMakonnen/Irene_Portfolio/blob/main/AfricaHackOn%20Academy/Vulnerable%20Bank.md) | `MobSF`、`Jadx`、`Burp Suite`、`ADB` | | 渗透测试 | [易受攻击银行]() | `OWASP10` | | 云安全 | [flAWS 挑战]() | `AWS CLI`、`Cloud Security` | | 威胁狩猎与事件响应 | [Velociraptor]() | `Velociraptor`、`MITRE` | | 恶意软件分析 | [TryHackMe Empire Room](https://tryhackme.com/room/rppsempire) | `Metasploit`、`Empire` |
### 其他个人项目
这是我在各种项目中磨练技能并学习新技能的机会。
下面提供了链接以供更详细地查看。
涵盖的项目
| 课程主题 | 获得的技能 | 项目 | | :--- | :---: | :---| | 1. 管理安全风险 | `INFOSEC`、`NIST RMF`、`NIST CSF`、`安全审计`、`事件响应剧本` | 1.1 [进行安全审计](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/1.1%20Conducting%20a%20Security%20Audit.md) | | 2. 网络与网络安全 | `安全加固`、`网络安全`、`TCP/IP`、`网络架构`、`云网络` | 2.1 [分析网络层通信](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/2.1%20Analyzing%20network%20layer%20communication.md)2.2 [分析网络攻击](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/2.2%20Analyzing%20network%20attacks.md)
2.3 [应用操作系统加固技术](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/2.3%20Application%20of%20OS%20hardening%20techniques.md)
2.4 [分析网络加固](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/2.4%20Analysis%20of%20network%20hardening.md)
2.5 [使用 NIST CSF 响应安全事件](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/2.5%20Using%20NIST%20CSF%20to%20respond%20to%20security%20incident.md) | | 3. Linux 和 SQL | `命令行界面 (CLI)`、`SQL`、`Linux`、`Bash` | 3.1 [使用 Linux 命令管理文件权限](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/3.1%20Using%20Linux%20commands%20to%20manage%20file%20permissions.md)
3.2 [对 SQL 查询应用过滤器](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/3.2%20Applying%20filters%20to%20SQL%20queries.md) | | 4. 资产、威胁和漏洞 | `身份验证`、`漏洞评估`、`密码学`、`资产分类`、`威胁分析` | 4.1 [对连接到家庭网络的资产进行分类](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/4.1%20Classifying%20the%20assets%20connected%20to%20a%20home%20network.md)
4.2 [根据可能性和严重程度对风险进行评分](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/4.2%20Scoring%20risks%20based%20on%20their%20likelihood%20and%20severity.md)
4.3 [确定适当的数据处理实践](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/4.3%20Determining%20appropriate%20data%20handling%20practices.md)
4.4 [改进小型企业的身份验证、授权和记账](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/4.4%20Improving%20authentication%2C%20authorization%2C%20and%20accounting%20for%20a%20small%20business.md)
4.5 [分析小型企业的脆弱系统](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/4.5%20Analyzing%20a%20vulnerable%20system%20for%20a%20small%20business.md)
4.6 [识别 USB 驱动器的攻击向量](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/4.6%20Identifying%20the%20attack%20vectors%20of%20a%20USB%20drive.md)
4.7 [应用 PASTA 威胁模型框架](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/4.7%20Applying%20the%20PASTA%20threat%20model%20framework.md) | | 5. 检测与响应 | `SIEM 工具`、`数据包分析器`、`IDS` | 5.1 [使用事件处理程序日志记录事件](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/5.1%20Documenting%20an%20incident%20with%20an%20incident%20handler's%20journal.md)
5.2 [使用 Wireshark 分析数据包](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/5.2%20Analyzing%20a%20packet%20with%20Wireshark.md)
5.3 [使用 tcpdump 捕获数据包](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/5.3%20Capturing%20a%20packet%20with%20tcpdump.md)
5.4 [使用 Suricata 检查警报、日志和规则](https://github.com/IreneMakonnen/Irene_Portfolio/blob/8684b73bb5eb2d6c2c96d6c1cb89e99f78b60777/Google%20Cybersecurity%20Professional%20Certificate/5.4%20Examining%20alerts%2C%20logs%2C%20and%20rules%20with%20Suricata.md)
5.5 [使用 Splunk 执行查询](https://github.com/IreneMakonnen/Irene_Portfolio/blob/f6acfe57f8899186131712ce0ee5c785aa8413f8/Google%20Cybersecurity%20Professional%20Certificate/5.5%20Performing%20a%20query%20with%20Splunk.md)
5.6 [使用 Chronicle 执行查询](https://github.com/IreneMakonnen/Irene_Portfolio/blob/f6acfe57f8899186131712ce0ee5c785aa8413f8/Google%20Cybersecurity%20Professional%20Certificate/5.6%20Performing%20a%20query%20with%20Chronicle.md) | | 6. 使用 Python 自动化网络安全任务 | `计算机编程`、`Python 编程`、`编码`、`PEP 8 风格指南` | 6.1 [通过 Python 算法更新文件](https://github.com/IreneMakonnen/Irene_Portfolio/blob/f6acfe57f8899186131712ce0ee5c785aa8413f8/Google%20Cybersecurity%20Professional%20Certificate/6.1%20Updating%20a%20file%20through%20a%20Python%20algorithm.md) |
涵盖的项目
| 课程主题 | 获得的技能 | 项目 | | :--- | :---: | :---| | 1. 云计算安全原则简介 | `DevSecOps`、`计算机网络`、`IT 自动化`、`云技术`、`IAM`、`基础设施安全`、`云计算架构`、`数字化转型` | 1.1 [Terraform 配置文件](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/1.1%20Terraform%20configuration%20file.md)1.2 [使用 Cloud Shell 创建 VPC](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/1.2%20Creating%20a%20VPC%20using%20Cloud%20Shell.md) | | 2. 云安全风险管理策略 | `风险管理框架`、`基础设施即代码`、`信息隐私`、`ISO/IEC 27001`、`NIST 800-53` | 2.1 [审查合规报告](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/2.1%20Reviewing%20a%20compliance%20report.md)
2.2 [审查和更新风险管理策略](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/2.2%20Reviewing%20and%20updating%20a%20risk%20management%20policy.md)
2.3 [使用 SCC 报告修复发现的问题](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/2.3%20Using%20SCC%20reports%20to%20remediate%20findings.md) | | 3. 云安全风险:识别并防御威胁 | `授权 (计算)`、`IAM`、`漏洞评估`、`数据安全与治理`、`云原生计算`、`基础设施即代码`、`身份验证`、`容器化`、`基础设施安全`、`RBAC` | 3.1 [在 Google Cloud IAM 中创建角色](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/3.1%20Creating%20a%20role%20in%20Google%20Cloud%20IAM.md)
3.2 [访问防火墙并创建规则](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/3.2%20Accessing%20a%20firewall%20and%20creating%20a%20rule.md)
3.3 [识别漏洞和补救技术](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/3.3%20Identifying%20vulnerabilities%20and%20remediation%20techniques.md)
3.4 [使用 Terraform 和 Cloud Shell 更改防火墙规则](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/3.4%20Changing%20firewall%20rules%20using%20Terraform%20and%20Cloud%20Shell.md)
3.5 [分析容器的安全性](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/3.5%20Analyzing%20the%20security%20of%20a%20container.md)
3.6 [创建对称和非对称密钥](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/3.6%20Creating%20symmetric%20and%20asymmetric%20keys.md) | | 4. 检测、响应和从云网络攻击中恢复 | `入侵检测与防御`、`事件管理`、`灾难恢复`、`威胁检测与管理`、`网络威胁狩猎`、`SIEM`、`安全控制`、`计算机安全事件管理`、`系统与事件监控`、`记录保存`、`IT 自动化` | 4.1 [确定正常活动与事件之间的区别](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/4.1%20Determining%20the%20difference%20between%20normal%20activity%20and%20an%20incident.md)
4.2 [通过事件检测探索误报](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/4.2%20Exploring%20false%20positives%20through%20incident%20detection.md)
4.3 [使用 BigQuery 分析审计日志](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/4.3%20Analyzing%20audit%20logs%20using%20BigQuery.md)
4.4 [记录事件时间线](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/4.4%20Documenting%20a%20timeline%20of%20events.md)
4.5 [使用 Google Backup and DR Service 恢复 VM](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/4.5%20Recovering%20VMs%20with%20Google%20Backup%20and%20DR%20Service.md) | | 5. 总结:为云安全分析师工作做准备 | `AI`、`生成式 AI`、`Google Cloud Platform` | 5.1 [Capstone 项目:响应数据泄露并从中恢复](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/5.1%20Capstone%20Project.md)
5.2 [Capstone 项目的事件报告](https://github.com/IreneMakonnen/Irene_Portfolio/blob/10c0d4f121729df7dd09676ac6ee6877e466db30/Google%20Cloud%20Cybersecurity%20Professional%20Certificate/5.2%20Incident%20report%20for%20Capstone%20Project.md) |
涵盖的项目
| 标题 | 项目 | 技能与工具 | | :---: | :--- | :---| | Linux 自动化 | [密码检查器]()[文件权限检查器]()
[简单日志监控器]()
[IP 地址验证器]()
[安全报告]()
[安全问答游戏]()
[编程 + MySQL](https://github.com/IreneMakonnen/Irene_Portfolio/blob/main/AfricaHackOn%20Academy/Coding%20+%20MySQL.md) | `Python`、`Bash`、`SQL` | | 网络安全 | [网络服务]()
[网络发现与分析]()
[数据包捕获分析]()
[Snort]()
[无线网络审计与渗透测试]() | `Apache`、`Wireshark`、`Snort` | | 侦察与 OSINT | [域名与子域名探测]() | `OSINT` | | Windows 安全 | [Windows 漏洞利用]() | `Metasploit`、`ngrok` | | Web 与 API 安全 | [crAPI]() | `Burp Suite`、`Postman`、`OWASP10` | | 移动应用安全 | [Beetlebug CTF](https://github.com/IreneMakonnen/Irene_Portfolio/blob/main/AfricaHackOn%20Academy/Beetlebug%20CTF.md)
[Damn Vulnerable Bank]()
[易受攻击银行](https://github.com/IreneMakonnen/Irene_Portfolio/blob/main/AfricaHackOn%20Academy/Vulnerable%20Bank.md) | `MobSF`、`Jadx`、`Burp Suite`、`ADB` | | 渗透测试 | [易受攻击银行]() | `OWASP10` | | 云安全 | [flAWS 挑战]() | `AWS CLI`、`Cloud Security` | | 威胁狩猎与事件响应 | [Velociraptor]() | `Velociraptor`、`MITRE` | | 恶意软件分析 | [TryHackMe Empire Room](https://tryhackme.com/room/rppsempire) | `Metasploit`、`Empire` |
涵盖的项目
| 项目 | 描述 | 技能 | | :--- | :---: | :---| | [实现 Caesar Cipher](https://github.com/IreneMakonnen/PRODIGY_CS_01) | 一个可以使用 Caesar Cipher 算法加密和解密文本的 Python 程序 | `Python`、`Cryptography` |标签:AES-256, GitHub Advanced Security, GitHub作品集, IP 地址批量处理, meg, Metaprompt, NIST CSF, NIST RMF, PE 加载器, Python, SQL, TCP/IP, Web安全, Web报告查看器, 事件响应, 人工智能安全, 信息安全, 入侵检测系统, 合规性, 多线程, 威胁情报, 安全加固, 安全数据湖, 安全项目集, 密码管理, 应用安全, 开发者工具, 技能展示, 插件系统, 无后门, 服务器监控, 漏洞利用检测, 漏洞评估, 目录枚举, 移动安全, 系统审计, 网络安全作品集, 网络安全审计, 网络架构, 蓝队分析, 谷歌网络安全证书, 逆向工具, 配置错误, 防御绕过