Secure Group Knowledge: Difference between revisions

From Secure Group Wiki
Jump to navigation Jump to search
No edit summary
 
(32 intermediate revisions by the same user not shown)
Line 1: Line 1:
The Secure Group knowledge management strategy enables our organization to create, apply, and share information, breaking down silos and increasing the usage of valuable data.
The Secure Group knowledge management strategy enables our organization to create, apply, and share information, breaking down silos and increasing the usage of valuable data.


Secure Group (SG) knowledge is all about understanding the company’s products and processes, the way all teams work, the concepts that are part of their scope, and how they contribute to the overall corporate strategy. It includes technical knowledge for non-technical people and business knowledge to technical people. For this category of knowledge, we provide pieces of training because this way we can ensure that everyone has the complete knowledge set to be a high-performer in our company.
Secure Group (SG) knowledge is all about understanding the '''company’s products and processes''', the '''softwares, tools, and platforms''' we use to accomplish our projects, and the '''concepts''' that are part of their scope. It includes technical knowledge for non-technical people and business knowledge to technical people. For this category of knowledge, we provide pieces of training because this way we can ensure that everyone has the complete knowledge set to be a high-performer in our company.


The progression in this type of knowledge starts from "having a basic understanding of their team's domain and Secure Group's strategic plan, industry, and market space" and going forward to "having a thorough understanding of the entire business, organizational strategy (strategic maps), including all department's domains, and how they contribute to the overall strategy.
The progression in this type of knowledge starts from "having a basic understanding of their team's domain and Secure Group's strategic plan, industry, and market space" and going forward to "having a thorough understanding of the entire business, organizational strategy (strategic maps), including all department's domains, and how they contribute to the overall strategy.


Each department has a Knowledge Hub that composes the SG Knowledge. The [[Team_Management#Managers_vs._Tech_Lead|Tech Lead]] of the department is responsible for managing such content ensuring proper documentation and knowledge transfer.


== Software Engineering ==
SG Knowledge is part of the [[KAI]] of every framework because it provides context regarding all the teams and divisions in our company. Therefore, in order to progress in the development path, employees are required to have a level of proficiency in the items available in our internal wiki Confluence.
 
{| class="wikitable"
|- style="font-weight:bold; text-align:center; background-color:#c0c0c0;"
! Business Function/Category
! Concept
! Description
|- style="text-align:center;"
| rowspan="12" style="font-weight:bold;" | QA/Automation
| rowspan="8" | Main testing techniques
| style="text-align:left;" | What's data driven test?
|- style="text-align:center;"
| style="text-align:left;" | What's black box testing?
|- style="text-align:center;"
| style="text-align:left;" | What is white box testing?
|-
| What is stress testing, load testing and volume testing?
|-
| What is performance testing and what are the bottlenecks of performance testing?
|-
| What is Test case?
|-
| How to report bugs?
|-
| What is bug triage?
|-
| rowspan="4" style="text-align:center;" | Automation
| What is Appium?
|-
| What is Selenium?
|-
| Which language do we use for automation test?
|-
| Which tests should be automated?
|- style="text-align:center;"
| rowspan="24" style="font-weight:bold;" | Programming
| Programming languages
| style="text-align:left;" | Which programming language do we use for development?
|-
| rowspan="3" style="text-align:center;" | Tools
| What is Android studio and what you can do with it?
|-
| What is Bitbucket and how do we use it?
|-
| What is Bamboo and how are we using it?
|-
| rowspan="2" style="text-align:center;" | RestAPI, JSON
| How to post an API request?
|-
| How to understand the result using a tool?
|-
| rowspan="3" style="text-align:center;" | Basic arithmetic functions
| How to work on complex Excel?
|-
| How to use VBA formula?
|-
| How to apply basic arithmetic in any programming language?
|-
| rowspan="2" style="text-align:center;" | Variables
| What is a variable? How to use it?
|-
| What is math, string, array and boolean? How to use them?
|-
| style="text-align:center;" | String manipulation
| How to concatenate, trim and manipulate strings in any programming language?
|-
| rowspan="2" style="text-align:center;" | Looping - flow control
| How to use basic IF, THEN, ELSE clause in any programming language?
|-
| How to build a looping array in any programming language?
|-
| rowspan="4" style="text-align:center;" | Version control
| What's version control and where it's used?
|-
| What is git repo?
|-
| Where do we keep Secure OS source?
|-
| Where do we keep SC and SE source?
|-
| rowspan="2" style="text-align:center;" | Conditionals
| How to apply basic boolean algebra?
|-
| What are boolean operator (And/Or) and how to use them
|-
| style="text-align:center;" | HTML/CSS
| How to write or modify a very simple web page and basic HTML tag?
|-
| rowspan="3" style="text-align:center;" | SDLC
| What is the Software Development Life Cycle concept?
|-
| What are the phases of the SDLC?
|-
| What are software development models?
|- style="text-align:center;"
| rowspan="16" style="font-weight:bold;" | Android
| rowspan="4" | Secure OS
| style="text-align:left;" | On which android version each Secure OS version is based?
|-
| Which features does it support
|-
| Which devices Secure OS can run on?
|-
| What are our custom apps? Which ones are developed as part of the OS and which ones as standalone apps?
|-
| rowspan="2" style="text-align:center;" | Android Studio
| How to create a project and how to connect a device?
|-
| How to execute real-time debugging?
|-
| rowspan="4" style="text-align:center;" | Adb command
| How to perform basic adb to capture log?
|-
| How to load an OS via adb?
|-
| What are the most basic adb command and how to use them?<br />(Devices, push, pull, reboot, reboot-bootloader, reboot recovery, fastboot devices, fastboot unlock, install)
|-
| How to execute USB debugging?
|-
| rowspan="2" style="text-align:center;" | Android SDK
| What are layouts and views and what's the relation between them?
|-
| What are activities and their life cycle?
|-
| style="text-align:center;" | Android OS architecture
| What are the basic components of an Android Phone?<br />Android Runtime – ART Linux Kernel, Libraries, Application Framework, Applications
|-
| style="text-align:center;" | Android App log
| How to identify actions in an app that can cause a log entry?
|-
| rowspan="2" style="text-align:center;" | SQL
| What is SQL and what does it do?
|-
| How to write a simple SQL query?
|- style="text-align:center;"
| rowspan="6" style="font-weight:bold;" | Encryption
| rowspan="6" | Basic encryption
| style="text-align:left;" | What's a PGP universal server?
|-
| What is a Certificate and a Certificate Authority?
|-
| What's the difference between a Public Key and a Private Key and what are they used for?
|-
| What's SSL, TLS, PGP, OTR, OMEMO and where do we use it?
|-
| What is SIP?
|-
| What is XMPP?
|- style="text-align:center;"
| rowspan="5" style="font-weight:bold;" | Development
| rowspan="5" | Development process
| style="text-align:left;" | What is agile?
|-
| What are the agile ceremonies? Who are the participants and the goal of each ceremony?
|-
| What is sprint demo, and what is product demo?
|-
| What is backlog?
|-
| How is the backlog prioritized?
|- style="text-align:center;"
| rowspan="4" style="font-weight:bold;" | Documentation
| rowspan="4" | Documentation process
| style="text-align:left;" | What is Technical documentation? When to refer to it?
|-
| Who is responsible for updating TD?
|-
| What is functional documentation? How to use it?
|-
| Who is responsible for updating FD?
|}
 
== Information Security ==
 
{| class="wikitable"
|- style="font-weight:bold; text-align:center; background-color:#c0c0c0;"
! Business Function/Category
! Concept
! Description
|- style="text-align:center;"
| style="font-weight:bold;" | IS Department Management
| IT Policies
| style="text-align:left;" | Which are the user oriented IT policies of the company?
|- style="text-align:center;"
| rowspan="16" style="font-weight:bold;" | Network Security
| rowspan="3" | Network Security principles
| style="text-align:left;" | What are the different functionalities in network security?
|-
| What should be done in case we suspect a security breach?
|-
| How to ask to implement new tool in the company?
|- style="text-align:center;"
| rowspan="6" | Network Attack Types
| style="text-align:left;" | What is DDoS, MitM attack?
|-
| What is fishing attack?
|-
| What is scam email/website?
|-
| What is ransomware, malware, adware, spyware, computer virus?
|-
| What is social engineering?
|-
| What is shadow IT?
|-
| rowspan="7" style="text-align:center;" | Network Attacks' Prevention
| What is Network Access Control?
|-
| How to securely access company resources and minimize the risks of network attacks?
|-
| How to set a strong password?
|-
| How to perform a malware scan of your workstation?
|-
| What is the importance of firewalls in network security?
|-
| What is secure remote access and VPN?
|-
| What is Data loss prevention?
|- style="text-align:center;"
| rowspan="26" style="font-weight:bold;" | Services Management
| rowspan="5" | Virtualization
| style="text-align:left;" | What is virtualization?
|-
| What is the difference between virtual and physical host?
|-
| What is VMware Server/Desktop application and how does it work?
|-
| How to replicate VMs?
|-
| How to restart VMs?
|-
| rowspan="5" style="text-align:center;" | Microsoft Server / Linux Server
| What is the main function of a server ?
|-
| Which are the servers that should be accessed by the department?
|-
| What are the services that should be used by the department?
|-
| How to use Guacamole?
|-
| How to access a server via RDP or SSH?
|-
| style="text-align:center;" | Docker
| What is docker and how is it used ?
|-
| rowspan="3" style="text-align:center;" | Active Directory Management
| What is  an Active Directory?
|-
| What is GPO ?
|-
| What is the function of selfservice (Adaxes) and how to use it  ?
|-
| rowspan="4" style="text-align:center;" | Mail services management
| What is Microsoft Exchange Server?
|-
| How to configure outlook client?
|- style="text-align:center;"
| style="text-align:left;" | How to use webmail service?
|-
| How to manage events on the calendar? How to book a room?
|-
| rowspan="3" style="text-align:center;" | Atlassian Products Management
| What is the main function of Bamboo, Bitbucket, Jira and Confluence?
|-
| How to use Jira and Confluence?
|-
| What is space and project?
|-
| rowspan="2" style="text-align:center;" | Accounting Services
| How to access Navision?
|-
| What are the main functions of Navision?
|-
| style="text-align:center;" | File sharing
| How to use Next Cloud ?
|-
| rowspan="2" style="text-align:center;" | PBX Services
| How to use Digium PBX ?
|-
| What are the codes for dialing ?
|- style="text-align:center;"
| rowspan="16" style="font-weight:bold;" | Network and IT Infrastructure management
| rowspan="5" | Firewall
| style="text-align:left;" | What is firewall?
|-
| How mail quarantine functions?
|-
| What are the NAT rules?
|-
| What is Port forwarding used for?
|-
| How to set up port forwarding?
|-
| rowspan="3" style="text-align:center;" | DNS Services
| What is the function of DNS?
|- style="text-align:center;"
| style="text-align:left;" | What are A, MX, CNAME, TXT, SPF, AAAA, SRV records?
|-
| What are the differences and relations between Internal DNS and External DNS?
|-
| rowspan="8" style="text-align:center;" | Network Infrastructure
| What is the difference between LAN, VLAN?
|-
| What is TCP and IP?
|-
| What are the differences between UDP and TCP and when to use each one of them?
|-
| How to connect to the company VPN?
|- style="text-align:center;"
| style="text-align:left;" | How to check network connectivity ?
|-
| What are the most common CMD commands and what are they used for?<br />(Ipconfig, Ping, Dir, Nslookup, Tracert)
|-
| How to use web tools: mxtools, visual trace route, dnstools, etc…?
|-
| How to define the IP address of the workstation?
|- style="text-align:center;"
| rowspan="10" style="font-weight:bold;" | IT Services Operation
| rowspan="3" | User access management
| style="text-align:left;" | How to use your AD account : which accesses does it give you?
|- style="text-align:center;"
| style="text-align:left;" | How to access services via  idaptive ?
|-
| Which are the personal accounts that you have ?
|-
| rowspan="5" style="text-align:center;" | Troubleshooting user issues
| What are the accesses to company resources that you need regarding the KAI?
|-
| How to request access for a tool?
|-
| What is a command line?
|-
| What are the basic CMD commands to execute a network troubleshooting?
|-
| How to address an issue with a tool or a hardware?
|-
| rowspan="2" style="text-align:center;" | Incident management
| What is the internal Statuspage?
|-
| How to define incidents' priority and how address them?
|- style="text-align:center;"
| style="font-weight:bold;" | Hardware Management
| Workstations management
| style="text-align:left;" | What's advanced hardware in terms of: terminology, troubleshoot and the relation between them?
|- style="text-align:center;"
| rowspan="5" style="font-weight:bold;" | Day-to-Day User Operations
| rowspan="4" | Workstation operation
| style="text-align:left;" | What are the universal keyboard commands for operating systems?
|-
| What are the hardware components of a workstations?
|-
| How to set up a working station and advanced drivers configuration?
|-
| How to execute basic troubleshooting of  Windwos, installed software, Linux, networking?
|-
| style="text-align:center;" | Network device management
| How to connect to and use company's network devices?<br />Printers, IP Phones, TV Screens, White Boards and other network devices
|-
| rowspan="3" style="text-align:center; font-weight:bold;" | Purchasing
| rowspan="3" | Subscriptions and Hardware
| How to address orders for IT equipment?
|-
| How to address subscription requests ?
|-
| How to check if a tool is already available in the company?
|}

Latest revision as of 15:38, 30 July 2021

The Secure Group knowledge management strategy enables our organization to create, apply, and share information, breaking down silos and increasing the usage of valuable data.

Secure Group (SG) knowledge is all about understanding the company’s products and processes, the softwares, tools, and platforms we use to accomplish our projects, and the concepts that are part of their scope. It includes technical knowledge for non-technical people and business knowledge to technical people. For this category of knowledge, we provide pieces of training because this way we can ensure that everyone has the complete knowledge set to be a high-performer in our company.

The progression in this type of knowledge starts from "having a basic understanding of their team's domain and Secure Group's strategic plan, industry, and market space" and going forward to "having a thorough understanding of the entire business, organizational strategy (strategic maps), including all department's domains, and how they contribute to the overall strategy.

Each department has a Knowledge Hub that composes the SG Knowledge. The Tech Lead of the department is responsible for managing such content ensuring proper documentation and knowledge transfer.

SG Knowledge is part of the KAI of every framework because it provides context regarding all the teams and divisions in our company. Therefore, in order to progress in the development path, employees are required to have a level of proficiency in the items available in our internal wiki Confluence.