Cybersecurity principles form the bedrock of keeping digital assets safe from threats.

Here are some key

ones:

1. Confidentiality: Ensuring that information is accessible only to those authorized to have access.
2. Integrity: Safeguarding the accuracy and completeness of information and processing methods.
3. Availability: Ensuring that authorized users have access to information and associated assets when
required.
4. Authentication: Verifying the identity of a user, device, or other entity in a computer system, often
as a prerequisite to allowing access to resources in that system.
5. Non-repudiation: Ensuring that the authenticity of a signature or an assertion can be verified by
both parties in a transaction.
6. Access Control: Limiting access to information resources only to those who are authorized.

cybersecurity concepts:

1. Threats: Anything that can exploit a vulnerability to breach security and cause harm to an asset.
2. Vulnerabilities: Weaknesses or gaps in security that can be exploited by threats to gain unauthorized
access to an asset.
3. Risk: The potential for loss or damage when a threat exploits a vulnerability.
4. Encryption: The process of converting information or data into a code to prevent unauthorized
access.
5. Firewalls: Systems designed to prevent unauthorized access to or from a private network.
6. Intrusion Detection Systems (IDS): Devices or software applications that monitor network or
system activities for malicious activities or policy violations.
7. Malware: Malicious software designed to disrupt, damage, or gain unauthorized access to computer
systems.
8. Phishing: A method of trying to gather personal information using deceptive e-mails and websites.

Firewall

What is a Firewall?

A firewall is a network security device or software that monitors and controls incoming and outgoing
network traffic based on predetermined security rules. Its primary purpose is to establish a barrier between a
trusted internal network and untrusted external networks, such as the Internet.

Types of Firewalls

1. Packet-Filtering Firewalls:
o Inspect packets and allow or block them based on source and destination IP addresses, ports,
or protocols.
o Operate at the network layer.
o Example: Stateless firewalls.
2. Stateful Inspection Firewalls:
o Monitor the state of active connections and make decisions based on the context of the traffic.
o Keep track of the state of network connections (e.g., TCP streams).
o Example: Dynamic packet-filtering firewalls.
3. Proxy Firewalls:
o Act as an intermediary between users and the Internet.
o Inspect application layer traffic and can block malicious content.
o Example: Application layer firewalls.
4. Next-Generation Firewalls (NGFW):
o Provide advanced features such as deep packet inspection, intrusion prevention, and
application awareness.
 o Combine traditional firewall capabilities with additional security functions.
o Example: Palo Alto Networks, Fortinet.
5. Unified Threat Management (UTM) Firewalls:
o Integrate multiple security functions, including firewall, antivirus, and intrusion
detection/prevention, into a single device.
o Ideal for small to medium-sized businesses.

By Functionality

1. Packet-Filtering Firewalls:
o Inspect packets and allow or block them based on predefined rules related to IP addresses,
ports, and protocols.
o Operate at the network layer.
2. Stateful Inspection Firewalls:
o Monitor the state of active connections and make decisions based on the context of traffic.
o Operate at the transport layer and provide more security than packet-filtering firewalls.
3. Proxy Firewalls:
o Act as an intermediary between users and the Internet, inspecting and filtering traffic at the
application layer.
o Can block malicious content and provide more detailed monitoring.
4. Next-Generation Firewalls (NGFW):
o Incorporate traditional firewall functionality with advanced features such as deep packet
inspection, intrusion prevention, and application awareness.
o Provide comprehensive security by identifying and controlling applications and preventing
modern threats.
5. Unified Threat Management (UTM) Firewalls:
o Integrate multiple security features, including firewall, antivirus, intrusion
detection/prevention, and more, into a single device.
o Ideal for small to medium-sized businesses that need a comprehensive security solution.

By Architecture

1. Hardware Firewalls:
o Standalone devices dedicated to firewall functions.
o Suitable for protecting large networks and providing high performance.
2. Software Firewalls:
o Installed on individual devices such as computers or servers.
o Suitable for personal use or protecting individual machines within a network.
3. Virtual Firewalls:
o Deployed in virtual environments to protect virtual machines and cloud infrastructure.
o Provide the same functionality as hardware or software firewalls but in a virtualized form.

By Deployment

1. Network Firewalls:
o Placed at the boundary between an internal network and an external network.
o Protect the entire network by monitoring and controlling incoming and outgoing traffic.
2. Host-Based Firewalls:
o Installed on individual devices to protect them from attacks.
o Monitor and control traffic to and from the specific device.
3. Cloud Firewalls:
o Hosted in the cloud and provide security for cloud-based applications and services.
o Protect cloud infrastructure from various threats and can be managed remotely.
Key Functions of Firewalls

 Traffic Filtering: Allowing or blocking traffic based on rules.

 Stateful Inspection: Monitoring active connections and making decisions based on the state of
traffic.
 Intrusion Prevention: Detecting and blocking potential threats.
 VPN Support: Facilitating secure remote access through Virtual Private Networks.
 Logging and Monitoring: Recording and analyzing network activity for security incidents.

Importance of Firewalls

 Protect Against Cyber Threats: Firewalls help block malicious traffic and prevent unauthorized
access to your network.
 Enforce Security Policies: By defining and enforcing security rules, firewalls help maintain the
integrity and security of your network.
 Detect and Respond to Threats: Advanced firewalls can identify and respond to suspicious
activities in real-time.
 Enhance Network Performance: By filtering unwanted traffic, firewalls can improve overall
network performance.

Steps to Secure Your Firewall

1. Update Firmware Regularly: Ensure your firewall's firmware is up-to-date to protect against
known vulnerabilities and to benefit from the latest security features.
2. Change Default Settings: Default passwords and settings are well-known and can be easily
exploited. Change them immediately after installation.
3. Strong Authentication: Use strong, complex passwords and multi-factor authentication (MFA) for
accessing your firewall settings.
4. Disable Unused Services: Turn off any services or features that you do not use to minimize potential
attack surfaces.
5. Implement Access Controls: Limit who can access and modify firewall settings. Use role-based
access control (RBAC) to ensure only authorized personnel can make changes.
6. Educate Users: Train your staff on best security practices and the importance of firewall security. Encourage
them to report any suspicious activities.

Common Firewall Zones

1. Internal Zone:
o This zone includes trusted internal network resources, such as user workstations, internal
servers, and other network devices.
o Traffic within this zone is typically trusted, but security policies can still be applied to
monitor and control activity.
2. External Zone:
o This zone represents untrusted external networks, such as the Internet.
o Traffic from this zone is considered the highest risk and should be carefully monitored and
filtered.
3. DMZ (Demilitarized Zone):
o A special zone that acts as a buffer between the internal network and the external network.
o Typically hosts public-facing services such as web servers, mail servers, and DNS servers.
o Provides an additional layer of security by isolating these services from the internal network.
4. Perimeter Zone:
 o An outermost layer of the network that serves as the first line of defense against external
threats.
o Often used to house security devices such as firewalls and intrusion detection/prevention
systems (IDS/IPS).
5. Guest Zone:
o A separate zone for guest users, typically providing limited access to the Internet and
minimal access to internal resources.
o Ensures that guest devices do not pose a risk to the internal network.
6. Management Zone:
o A dedicated zone for managing network devices and security appliances.
o Access to this zone should be restricted to authorized personnel only.
7. Wi-Fi Zone:
o A zone specifically for wireless network traffic.
o Can be further divided into secure and guest Wi-Fi zones, with different security policies
applied to each.

Firewall Protocals

Firewalls utilize various protocols to manage and control network traffic. Here are some commonly used
protocols in firewalls:

Common Firewall Protocols

1. HTTP/HTTPS (Hypertext Transfer Protocol / Hypertext Transfer Protocol Secure):

o Used for web traffic. HTTPS is the secure version of HTTP, providing encryption for data in
transit.
o Port: 80 (HTTP), 443 (HTTPS).
2. FTP (File Transfer Protocol):
o Used for transferring files between systems on a network.
o Port: 21.
3. SSH (Secure Shell):
o Provides a secure channel for remote command-line login and execution.
o Port: 22.
4. Telnet:
o A protocol for accessing remote computers, less secure than SSH.
o Port: 23.
5. SMTP (Simple Mail Transfer Protocol):
o Used for sending emails.
o Port: 25 (unencrypted), 587 (encrypted).
6. DNS (Domain Name System):
o Translates domain names into IP addresses.
o Port: 53.
7. DHCP (Dynamic Host Configuration Protocol):
o Automatically assigns IP addresses to devices on a network.
o Ports: 67 (server), 68 (client).
8. TFTP (Trivial File Transfer Protocol):
o A simplified version of FTP, often used for booting devices from a network.
o Port: 69.

Importance of Protocol Testing

1. Ensuring Compatibility:
o Protocol testing verifies that different devices and software applications can communicate
effectively within a network.
 o It ensures that various network components adhere to protocol standards, enabling seamless
interoperability.
2. Identifying Vulnerabilities:
o Testing protocols helps uncover potential security vulnerabilities and weaknesses that could
be exploited by attackers.
o It ensures that protocols are robust and can withstand malicious activities.
3. Enhancing Performance:
o Protocol testing evaluates the performance of protocols under various conditions, such as
high traffic loads and network congestion.
o It helps identify and resolve performance bottlenecks, ensuring efficient data transmission.
4. Compliance with Standards:
o Protocol testing ensures that network components comply with industry standards and
regulations.
o Compliance with standards such as ISO, IEEE, and others is essential for achieving
certification and maintaining credibility.
5. Ensuring Reliability:
o Testing protocols ensures the reliability and stability of network communications.
o It helps prevent communication failures and data loss, maintaining the integrity of network
operations.
6. Validating New Protocols:
o When new protocols are developed, rigorous testing is essential to validate their functionality
and security.
o It helps ensure that new protocols can be safely deployed in real-world environments.

SYSTEM IMPLIMENTATION
System implementation is a crucial phase in developing and deploying any new IT system. Here are the key
steps typically involved in this process:

1. Planning: This involves defining the scope, objectives, and deliverables of the system
implementation. It includes creating a detailed project plan, allocating resources, and setting a
timeline.
2. Requirements Analysis: Understanding and documenting the specific needs and requirements of the
system. This may involve consultations with stakeholders, end-users, and IT professionals.
3. System Design: Creating a blueprint for the system, including architecture, interfaces, data models,
and processes. It should address both functional and non-functional requirements.
4. Development: The actual coding and building of the system. This step involves writing and testing
code, integrating different components, and ensuring that the system meets the specified
requirements.
5. Testing: Thoroughly testing the system to identify and fix any bugs or issues. This can include unit
testing, integration testing, system testing, and user acceptance testing (UAT).
6. Deployment: Installing and configuring the system in the production environment. This may involve
data migration, setting up user accounts, and configuring network settings.
7. Training: Providing training to end-users and administrators on how to use and manage the system
effectively. This ensures that everyone is comfortable with the new system.
8. Support and Maintenance: After deployment, ongoing support and maintenance are necessary to
ensure the system continues to operate smoothly. This may include regular updates, bug fixes, and
addressing any user issues.
9. Evaluation and Review: Assessing the system's performance and effectiveness. Gathering feedback
from users and stakeholders to identify areas for improvement.

Cybersecurity Installation Process

1. Assessment and Planning

 o This is the initial phase where security needs and risks are analyzed.
2. System Design
o Based on the assessment, a security architecture is designed.
3. Installation
o The chosen cybersecurity tools and technologies are installed.
o This includes setting up firewalls, antivirus software, intrusion detection systems (IDS),
encryption tools, and other security mechanisms.
4. Configuration and Customization
o Security solutions are fine-tuned to meet the specific needs of the organization.
5. Testing and Validation
o The installed security systems are tested for effectiveness.
6. Deployment
o The security systems are officially rolled out into the organization’s IT environment.
7. Training and Awareness
o Employees and users are trained on cybersecurity best practices.
8. Ongoing Maintenance and Support
o Continuous monitoring and updating of security systems to counter new threats.
o Regular patching, software updates, and security audits are performed.

Importance of Backup During Cybersecurity Installation

1. Data Protection – Ensures that critical data is not lost due to security incidents such as malware
attacks, accidental deletion, or system failures.
2. Ransomware Recovery – In case of a ransomware attack, backups allow data restoration without
paying the ransom, minimizing downtime and financial loss.
3. Disaster Recovery – Acts as a safeguard against cyber threats, hardware failures, or natural
disasters, ensuring quick system restoration.
4. Business Continuity – Reduces downtime by allowing organizations to recover from cyber incidents
without major disruptions to operations.
5. Version Control & Rollback – Provides the ability to revert to previous, secure versions of data or
system configurations if security breaches occur.

Features of a Good Password

1. Sufficient Length – At least 12-16 characters long to increase security.

2. Complexity – Should include a mix of:
3. Unpredictability – Avoid common words, phrases, or predictable patterns like "123456" or
"password".
4. Uniqueness – Each account should have a different password to prevent one breach from
compromising multiple accounts.
5. Not Personally Identifiable – Should not include names, birthdates, or other easily guessable
personal information.

Types of User Training After System Installation

1. End-User Training
o Focuses on general users who interact with the system daily.

2. Administrator Training
o Designed for IT staff and system administrators responsible for managing the system.

3. Security Awareness Training

o Educates users on cyber threats (e.g., phishing, malware, social engineering).

4. Role-Based Training
 o Tailored to different job roles to ensure users understand how the system applies to their tasks.

5. Hands-On Practical Training

o Users engage in real-world scenarios to practice using the system.

6. Self-Paced Training
o Users access online tutorials, manuals, or video guides at their own pace.

Objectives of Preparing a Maintenance Schedule

1. Ensure System Reliability – Regular maintenance helps prevent unexpected failures, ensuring
systems function efficiently.
2. Increase System Lifespan – Proper scheduling helps extend the life of hardware and software by
preventing premature wear and tear.
3. Prevent Costly Downtime – Scheduled maintenance reduces unexpected breakdowns, minimizing
operational disruptions and financial losses.
4. Enhance Security – Regular updates, patches, and security checks help protect systems from cyber
threats, malware, and vulnerabilities.
5. Optimize Performance – Maintenance ensures systems run smoothly by clearing outdated files,
fixing bugs, and optimizing configurations.
6. Compliance with Regulations – Helps organizations meet industry standards and legal
requirements for data protection and system integrity.

Importance of Firewall Updates

1. Enhanced Security – Updates patch vulnerabilities, protecting against new threats like malware,
ransomware, and hacking attempts.
2. Improved Threat Detection – Ensures the firewall can identify and block the latest cyber threats,
including zero-day attacks.
3. Bug Fixes – Resolves software glitches or performance issues that could weaken firewall
effectiveness.
4. Better Performance – Updates optimize firewall efficiency, reducing lag and improving network
speed.
5. Compliance with Security Standards – Helps organizations meet regulatory requirements (e.g.,
GDPR, HIPAA) by maintaining up-to-date security measures.
6. Protection Against Evolving Attack Methods – Cybercriminals constantly develop new hacking
techniques; updates help counteract them.
7.

Types of Cybersecurity Documentation

1. Security Policy Documents

o Define an organization’s security rules, guidelines, and best practices.
o Examples:
 Information Security Policy – Covers data protection, access control, and security protocols.
 Acceptable Use Policy (AUP) – Specifies how employees can use company IT resources.
 Password Policy – Outlines password creation, storage, and update requirements.

2. Incident Response Plan (IRP)

o A structured plan for detecting, responding to, and recovering from security incidents.
o Includes:
 Incident classification (e.g., malware, data breach, phishing).
 Response steps for containment and mitigation.
 Communication and reporting procedures.
3. Disaster Recovery Plan (DRP)
o Details how to restore IT systems after a cyberattack, system failure, or natural disaster.
o Includes data backup strategies, recovery timelines, and responsible personnel.

4. Network Security Architecture Documentation

o Diagrams and descriptions of network security layers, firewall configurations, and encryption
protocols.
o Helps IT teams manage and improve cybersecurity infrastructure.

5. Risk Assessment Reports

o Identify vulnerabilities, threats, and potential security risks.
o Provide recommendations to mitigate risks and enhance cybersecurity posture.

6. Security Audit and Compliance Reports

o Document compliance with industry standards (e.g., ISO 27001, GDPR, NIST).
o Help track security improvements and meet regulatory requirements.

7. Standard Operating Procedures (SOPs)

o Step-by-step guides on handling security-related tasks.
o Examples:
 How to set up multi-factor authentication (MFA).
 Procedures for granting/revoking user access.

8. Penetration Testing and Vulnerability Assessment Reports

o Document findings from ethical hacking tests and vulnerability scans.
o Help organizations identify and fix security gaps.
 CURRICULUM VITAE
PERSONAL DETAILS
Name : David Onyango Omondi
Place Of Birth:Western Province, Busia County, Butula District, Marach Location
Date Of Birth :6th November 1983
Gender : Male
Nationality : Kenyan
Address : P. O Box 19 Murumba Via Busia (K)
Language : English ,Kiswahili And Luhya
Religion : Christian
Telephone : 0738 765 180 / 0718 336 955
Email : [email protected]

CAREEROBJECTIVE
To widen my knowledge and attain capabilities which enables me to meet organizational objectives as well
as personal growth and development.

GOALS
➢ To build close relationship with colleagues, management and customers.
➢ To build professional skills in any activity allocated.

ACADEMIC QUALIFICATION
2000-2004: Bukhalalire Secondary School and awarded Kenya Certificate of
Secondary Education with a mean grade of C- (Minus)

1991-1999: Butunyi Primary School and awarded Kenya Certificate of Education

WORK EXPERIENCE
Sep 2014 to Date :Artcaffee Coffee and Bakery as a Saucier Chef.

Dec 2012 – Sep 2014 : Worked in RendezvousLimited as a Saucier Chef.

June 2009- Oct 2012 : Worked in Osterian as a Pizza Chef.

Dec 2006 – Feb 2007 : Worked in Cock Pit Restaurant as a Saucier Chef.

July 2005 – Oct 2006 :Worked as a General Worker in Casino Samsung Limited.

HOBBIES
• Reading
• Travelling
• Socializing

REFEREES
1. Chef Muloo : Kitchen Manager Artcaffee
Lavington Branch
Tel: 0720 918 245

2. Patrick : General Manager Artcaffee

Lavington Branch
Tel: 0727923452

3. Lambert: Kitchen Manager Rendezvous

Tel: 0729 709 514