Mentor Assessment #3

Date:​ ​March 6, 2020

Date of Mentor Meeting:​ February 27, 2020

Analysis:
On Thursday, February 27th, I attended my third group mentor meeting at the second
North Texas Cybersecurity group meeting. At this month’s meeting, the topic of discussion was
third party risk assessment, learnings from which I discuss in Evidence of Learning #3. After the
presentation, the other mentee and I had the opportunity to discuss our original work products
with our mentor. We first discussed the progress I had made since our previous meeting. I
explained how I had created a completely random password generator based on the users’
requirements of length and case type. Additionally, I also explained the encryption method I had
developed using a standard mathematical formula. At this point, Mr. McAninch introduced the
concept of hashing, which is essentially a method that can be used to uniquely encrypt each
password. Furthermore, he explained that this method of encryption has a significantly higher
level of security than my original method, as if my formula is compromised, the encryption
method fails to truly protect the users’ credentials. At that moment, a friend of Mr. McAninch
decided to join our conversation and provide his opinion. He introduced the HashCat function,
which in the hacking community, is the most common, most efficient encryption hacker. The
friend, who prefered to go be called Sheldon, explained how I could use this to show the
efficiency of my encryption, as I could compare the HashCat runtime on my encryption to other
common encryptions or even unencrypted passwords. With the opportunity to receive an
additional perspective on my product, I proceeded to ask Sheldon about Google Firebase and
whether utilizing it would be feasible and significantly beneficial to my application. Sheldon was
quite impressed by this idea, and explained that it would be an excellent service to utilize in
order to transform my application into a completely functional password vault. However, similar
to my metnor, he did express concern in the difficulty of this implementation. Therefore, he
emphasized the importance of working diligently on this aspect, as he was fairly certain that this
feature would require a lengthy amount of time in order to implement correctly.

After discussing my original work, we proceeded to shift focus to the other mentee's
product. At this point, Sheldon explained the drawbacks of Kali Linux, the main one being its
poor integration with other softwares. However, after fully understanding the mentee’s product
purpose, he agreed with Mr. McAninch in using Kali Linux. Furthermore, in order to jumpstart
the mentee’s progress, he suggested researching Aircrack-ng, which is a software used to gauge
WiFi security specifically. He explained that code was already on the internet that completed
processes such as packet sniffing, meaning the mentee could use this code to understand the
software at a much faster rate. This was very insightful for me as well, as I could use these online
resources to begin understanding the networking side of cybersecurity, a side of cybersecurity I
am rarely exposed to.

Overall, this mentor meeting was very productive. Not only was I able to receive
guidance on my original work from my mentor, but also another qualified cybersecurity
professional. In other words, having two perspectives on my original work truly helped me better
understand the difficulty/feasibility of my original work. Additionally, I was exposed to
additional online resources I could use to begin understanding the networking aspect of
cybersecurity, something I was hoping to do through the mentorship process. Looking forwards,
I plan to make significant progress on my application in order to have adequate time to transform
the application into a complete password vault using Google Firebase. I hope to continue
receiving advice and guidance from my mentor as well as other professionals throughout this
journey.