Friday, January 26, 2018

Tips for success: How to draw a simple historical map

We will use the land given by God to Israel for this example.

1) Locate that part of the world. Joshua 1:4 NIV
Your territory will extend from the desert to Lebanon, and from the great river, the Euphrates—all the Hittite country—to the Mediterranean Sea in the west.

We are in the Middle East.

2) Orient your paper, North is usually pointing to the top.

3) Find the edges. Use a search engine to find a map that is bigger, (covers more territory), than you need. That is to prevent you from running out of paper. We need the boundaries for North, South, East, West. Here is one map that has Lebanon, the Euphrates, and Mediterranean Sea marked. Now we need to find the Hittites, check several maps, it is that blob between the Black Sea and the Mediterranean Sea.

4) Use a pencil so you can erase if you are badly out of whack.

5) The Euphrates is a boundary. It goes on the East, (right side) of the paper. It travels South East, (down and right) and ends in the Persian Gulf, a handy landmark. The river should go from the top of your paper, to at least the bottom third. When you draw a river, use this pattern  ... ____ ... ____

6) The Black Sea. We don't know exactly where the Hittite boundary is to the North, but putting in a bit of the Black Sea will give you a handy landmark. It goes on the top left of the paper. When you draw a sea, add some parallel lines in areas you are not using for labels.

7) The Mediterranean and Red Seas. These go on the left side of the paper and are essentially the same down and right angle as the Euphrates. Make sure to leave some room on the left hand side of the paper for Egypt.

8) The desert. We do not know the boundary exactly, but it terminates to the North at the Mediterranean Sea. It runs South in a strip of land to the West, left, of the Red Sea. It runs South to be about even with the South end of the Euphrates, (where it terminates in the Persian Gulf), and from that Southern point, East to the Euphrates.

9) Modern cities. One of the easiest to place is Beirut, because it is in a bend of the Mediterranean Sea. That makes it easy to locate and position Damascus.

Monday, January 8, 2018

Tips for Success: Description for an optional talk

There are two types of presentation opportunities: mandatory and optional. This post is a discussion of the latter.

The two pieces of information that your prospective audience uses to decide whether or not to attend your talk are the title and the description. The title is discussed here: https://securitywa.blogspot.com/2018/01/tips-for-success-selecting-title-for.html

After a reader looks at the title, they decide whether to inquire further, that usually leads to the description of the talk. It may be called the introduction, summary, abstract, or something else, but for it to be useful it must describe what the talk is about. For this reason, we are using the term, "talk description".

A talk description is similar to an abstract, it should be short, (target 200 words, shorter, or, longer may make sense). It should cover the four Ws: What, Why, When, Where. The better ones inform, delight and invite.
- We inform by briefly covering the subject matter of the talk, (what).
- We delight by sharing an insight, touching on a shared emotion, giving the potential audience a reason to want to attend our talk, (why).
- We invite by making sure they know they are welcome, cover the when and where, as well any costs or requirements.

It should read/play well in both written and oral forms. Some people consume information better by reading, others by listening, the description should support either. Never assume it will only be published in one form or the other. Many speakers have been surprised by a host "introducing" their talk which often consists of reading the speaker's bio and talk description. When I was a SANS instructor, we read the "morning announcements" to the class. This included the optional evening talk presenters, title, and description. Most importantly, the world is changing; ten years ago we consumed most of our information by reading, today, more and more people connect to information by speech and sound, (just look for the earbuds).

Tips for Success: Selecting a title for an optional talk

There are two types of presentation opportunities: mandatory and optional. This post is a discussion of the latter.

A quick scan of your local community news, a visit to a conference, the monthly meeting of your organization all tend to have something in common, optional talks. A busy reader scans the information making a decision on whether they might be interested in attending.

The headline, most important piece of information is the talk title. Consider these five titles taken from upcoming webcasts at SANS January 2018:

Improving Your Defenses - CredentialGuard in Windows 10
What Event Logs? Part 1: Attacker Tricks to Remove Event Logs
Head Hacking
How to Build & Maintain an Open Source SIEM
Are You in Control? Managing the CIS Critical Security Controls within your Enterprise

Assuming you are interested in the general topic of cybersecurity, are there any titles that cause you to reject further investigation of the talk by reading its title? Do any really reach out and grab you?

Different things appeal to individuals, here are off-the-cuff thoughts of two of them:
Head Hacking
= What's that? Probably social engineering. Do I care enough to click to read more?
How to Build & Maintain an Open Source SIEM
= Boring, but possibly useful. I would probably click to read more.

Now let's look at the two longest examples:
What Event Logs? Part 1: Attacker Tricks to Remove Event Logs
= Consider: Attacker Tricks to Remove Event Logs

Are You in Control? Managing the CIS Critical Security Controls within your Enterprise
= This one is hard. The word "control", used twice, has a different meaning in each use. This causes cognitive dissonance. Most people will probably ignore this talk because of its title.

Tips for titles:
- Keep it short, while explaining what the talk is about. 
- Feature the subject matter, if you have chosen a subject people want to hear about they will be interested.
- Avoid humor unless your presentation is about comedy. You are vying for time from busy people.
- Avoid abbreviations and acronyms unless you are certain your audience regularly uses them.





Thursday, January 4, 2018

Tips for Success: Powerpoint summary presentation of a research paper

Executive Summary: the most common medium to summarize research papers has changed, but the underlying concepts and goals remain the same.

Introduction: before the PC and PowerPoint, when you completed your research paper it was very common to create a poster summarizing your paper. Many young scientists and engineers remember what it is like to be one of twenty posters in a large hall at technical conferences. You would stand next to your poster and recite the elevator pitch summarizing your research and paper to other scientists that walked by with glasses of wine and plates of hors d'oeuvres.

PowerPoint: today instead of a poster, most researchers use PowerPoint and give a short presentation. The goals have not changed, they are:
- To inspire colleagues to read your paper
- To build name recognition for yourself and your work
- To share your passion for a problem, issue, and/or potential solution

Presentations regardless of medium: the same guidelines apply whether the medium is poster, PowerPoint, or increasingly, short video presentation:
- Match your presentation to your audience's knowledge level. If they are working in the field, do not waste their time with the basics.
- Focus your message, what are the three golden nuggets you want them to "take away?"
- Convey your message visually. Avoid tiny print, very busy slides, charts that do not actually inform, and be aware of red/green colorblindness with both the slides and laser pointer.
- Distance, be aware of the distance between your screen and the audience. This applies to live presentations and presentations viewed over the Internet. In a large room, people sitting in the back row may lose out, but people in the middle of the room should be able to understand.
- Remember some of your audience may be non-native English speakers or of a different culture, be careful with jargon, jokes and idioms.
- Be professional, avoid "cutesy slides", be consistent with fonts and font sizes.
- Be organized, tell them what you are going to tell them, tell them, tell them that you told them.

1.1 Added fonts and font sizes thank you S. Ramsey

Tips for success: The Research Proposal

There is a “chicken and egg” problem associated with almost all research proposals. Before submitting the proposal, the student is expected to:

1) Come up with an idea of something they would like to research.

2) Conduct first level research, (also known as Google, and perhaps other, searches), looking for information related to the topic. When you fill out the research proposal this is the information that is referred to as:

Review Existing Literature.
- As you learn more, by reviewing literature, it should be possible to refine your topic idea.
-You may also discover that your initial topic has been heavily covered by material that has already been published.
-If the topic has been researched and the results published, then there may be a more focused approach to the general topic area that is not already researched and published.

Please go through this process before filling out and submitting the research proposal. With that in mind here are some tips for the remainder of the research proposal:

Discuss the literature. The template states between 2 - 5 pages. There is a danger in being wordy, your thoughts and intents may be lost. Make your first effort to explain your research topic idea in the context of existing literature in 2 pages. If you need more that is fine, but, in general, do not feel like you need 5 pages.

Identify the research question. This is where the faculty research committee that evaluates your proposal will turn first. What is the problem you are trying to solve? If you are having a hard time putting that into a paragraph, that could be a bad sign. The research question should be obvious to you and to others.

Research methods. If you have a topic and question and there is no way to conduct original research to prove or disprove a thesis, this is not a workable proposal. We understand that some of this has to be figured out as we go along, that is what research is all  about. However, it is imperative that you have a way to start. Hope is not a strategy, have a plan on how to prove or disprove your thesis.

Significance of the study. We are talking about a lot of work, let’s all agree this is worth doing before we dive in.

Proposed title. This comes last for a reason. At this point you have given this a lot of thought. They tell writers that your title is your contract with your audience. Try to avoid cute titles, you would be amazed at some of the title proposals that are submitted to the committee. Instead try to summarize the point, the thesis, in a single title. If you absolutely need a subtitle the world will not come to an end, but precise and concise is best.

Tips for Success: Writing a graduate level essay

Executive summary: Essays and other short writing pieces at the graduate level are expected to be concise, insightful and correctly written. Their purpose is to persuade, explain, or inform.

Tips for success:

1) Have a message to share. This seems obvious, but in a world of word processors, grammar checkers, and search engines it is possible to produce a document that looks good, but doesn't actually communicate useful information. The successful writer knows what he is going to say before starting to write. If you are struggling with step one, try this:
A) Walk around the block, talk to yourself in the shower, do whatever works for you to verbalize and focus on your message. State your thesis and the reasons why you think it is true. B) Use a voice recorder, (most cell phones have this ability). Record your thesis and primary supporting arguments. Let it sit for 24 hours. C) Listen to your recording. If your message still makes sense, build your outline.
2) Support your assertions. Invest the time to do research, (hint, if you type a short phrase into Google and build your paper from the first page of results, that doesn't count as research).
A) Look for "whitespace," (the term used to refer to blank areas on printed documents, can also be used to describe topic areas that have not been exhaustively covered by other authors and researchers). The goal of your research is to cover the topic from a new angle or perspective.
B) Note counterarguments. You may find information that contradicts your assertions. The best writers know there are counterarguments and acknowledge them.

3) Remember the reader. People rarely have to read what you write. Back in the era of printed books, every author knew that if they couldn't get the reader to turn from page 1 to page 2, the book was lost. With online publications, the abstract and introduction have to "sell" the paper, if not, page abandonment is just one click away.
A) Make sure you convey the value of the paper to the reader early in the process.
B) Make it easy for the reader, everything from the font, formatting to word choice should be chosen with the reader in mind. Correct grammar and spelling are a must in this respect.
C) Be ruthless with word count. If a word, sentence, or paragraph is not directly related to the central point, replace it with one that is.

Tips for Success: Writing a technical report

A technical report conveys information about an issue, product, or event. Even though the document usually targets one group of readers, it should have value to a wide ranging audience: management, technical colleagues, and interested third parties such as customers or investors. The sections of a technical report vary, but in general, readers expect an: abstract, executive summary, introduction, body, conclusion and when needed supporting technical documentation.

Abstract: This is your contract with your reader. It should be very concise and simply tell them what the document is about so they can decide it they wish to read it. This is different than an executive summary which tells the reader what they need to know. Try to target 100 - 200 words.

Executive Summary: Even though this is part of the technical report, consider printing separate one page copies of the executive summary, or paginating the technical report, so that busy senior executive can simply refer to this part of the report to learn what the authors and reviewers feel they need to know. Make sure you are clear on actionable recommendation. For more specific guidance on the executive summary please see:
https://securitywa.blogspot.com/2017/11/tips-for-success-writing-executive.html

Introduction: This part of the technical paper establishes the structure of the information you wish to share. Ideas, concepts, or issues brought up in the introduction should be aligned with the executive summary and fully explored, or explained in the body of the paper. NOTE: assertions in the introduction should be supported, either immediately by citations, (SANS and GIAC require APA), or by the results of lab experiments referenced later in the technical report, or supporting technical documentation.

Body: The body of the technical report supports the executive summary and must be written to be useful to both management and technical colleagues. Cybersecurity reports commonly describe the issue at hand, risks, and expand on immediate, medium term, and long term recommendations that are briefly mentioned in the executive summary. NOTE: avoid the trap of explaining basic material. There is a tutorial for almost every 101 level topic. Simply reference the best tutorial on any subject your paper covers and move on to explain new, applicable, actionable, information.

In general the body is one of the largest sections of the document. Consider the use of white space, headings, subheadings, bulleted or numbered lists, tables and possibly color to help make the meaning of the information clear. If you see a single paragraph that is a half a page or longer that is a sign the body needs organizational work.

Conclusion or summary: The secret to great written and oral communication is to tell your audience what you are going to tell them, tell them about the issue with supportable detail, and then tell them you have told them. A good way to write a conclusion is to take the introduction, verify that you have covered all of its points and then summarize what you have shared. After you have written the conclusion, take the time to compare it to the executive summary to ensure that you have fully explained the information you wish to share with a C-level executive.
NOTE: it may be appropriate to mention opportunities for further research, or development, in the conclusion.

Additional technical information, lab notebooks, technical appendices: This is the part of the technical report targeted squarely at subject matter experts in the topic area. Screen shots, packet traces, output of tools and so forth are difficult to read. Place them at the end of the document, arrange them so that readers can see how the information supports your assertions, or duplicate your work. For additional guidance on a lab notebook, please see:
https://securitywa.blogspot.com/2017/11/sansedu-ise-6100-assignment-lab.html


Version 1.0 1/4/2018
Version 1.1 1/6/2018 Executive summary: make sure it is actionable. Body: move past the basics, avoid large blocks of text with no white space.

Tips for success: Writing an Executive Summary V 1.4

An executive summary should be included on most cybersecurity reports, proposals, analysis papers, and research papers. Points to consider when creating one include:

- Brevity and conciseness. It should target 200 - 300 words. That takes practice.

- Recommendations. If the paper is addressing a problem it should briefly mention immediate, medium and long term time frame actionable recommendations.

- Supportable and defensible. While the executive summary is designed for easy reading and digestion of information, supporting data should be easily available. This could be in the form of the accompanying paper, or appendices as appropriate.

- WIIFM. Whenever we communicate from someone else, we need to answer the question What's In It For Me. The C-suite will want to be briefed on why this information is important to the business.

- Well written. If it scores below 90 on Grammarly, you have work to do. Consider the "Napoleon's Private" test, ( have someone else read it and tell you what they feel it means).

- On topic. State the topic, problem, recommendation as needed. Do not put extraneous information in the executive summary.

- No humor. This is not a place for jokes or humor, they can be misinterpreted.

- Avoid acronyms and "techo babble". As techies we speak a different dialect of English than management. Avoid writing anything that is hard for them to understand.

- Designed to be scanned or read rapidly. In general, when you produce an executive summary, it is for someone above your pay grade. Don't make them work to get the message, Make it plain.

- Readable fonts and font sizes. It is very likely your organization has a style guide. Use it. Executives are accustomed to various formats. Under no circumstances shrink the font to make the executive summary fit on one page; your audience very likely has older eyes than you do.

Change history:
Version 1.1 don't use acronyms
Version 1.2 why do I care :)
Version 1.3 1/4/18 alignment with GSM 200 - 300 words, recommendations
Version 1.4 stress actionable

Tips for Success: Creating/maintaining a Lab Notebook

Executive Summary: a lab notebook in this context is a record of the research component of your group project.

Context: when you are assigned a 6100 group project you will be expected to:
- Receive the assignment, meet as a group to determine a plan of attack, produce and submit a project plan to satisfy the components of the assignment.
NOTE: faculty welcomes questions about the assignment. Contact data is embedded in your assignment.

- Begin development of a report. These vary based on the contemporary real world assignment your group is given, but in general have two major components:

+ A non-technical summary of your findings and recommendations
+ A technical report on the work that you did, the lab notebook

A lab notebook historically was a composition book, or similar paper record, where researchers logged their expectations, observations, experiments and results. Today in the automated world, while paper records are still useful they tend to be electronic, often including screen shots.
Example lab notebook from the PCAP contest.

When your lab notebook is graded, the faculty will be looking for the following components:
- A logical flow of experimentation based on the problem you were assigned and the solution approach outlined in the project plan.
- Expectations, hypotheses, theses, before you begin an experiment, there should be a clear understanding of what you are testing, what you hope to achieve.
- Details of the experiment sufficient to reproduce your results. This commonly includes essential record keeping: dates, times, locations, and software versions are common artifacts.
- Results,  these can be fairly terse and informal, they will be summarized in the non-technical report
- Analysis, were the results what you expected? Do they affect the planned logical flow of experimentation.

NOTE: Unexpected results, miscalculations, surprises, happen, they are as much a part of research as expected results. Simply record what happened and your analysis. In some cases these may cause the group to update the project plan. That is not a problem, project plans are designed to be updated.