Coral J. Cook Jr.
Information Assurance Engineer

YEARS ADMINISTRATIVE EXPERIENCE: 13 years
YEARS MANAGEMENT EXPERIENCE: 17 years
YEARS PROFESSIONAL EXPERIENCE: 24 years
YEARS TECHNICAL EXPERIENCE: 24 years

EDUCATION: 
High School Graduate, McDonogh #35, New Orleans, LA, 1979

SKILL SUMMARY:
Information Security Practitioner, 24 years
Network Administrator, 9 years
Network Security Analyst, 10 years

CAMEO:
Mr. Cook has been an Information Security Practitioner for over 20 years. As an Electronics Warfare Technician in the U.S. Navy, Mr. Cook has been involved in all aspects of Information Security, including protection of friendly forces electronic/digital information and exploitation of enemy forces electronic/digital information. Mr. Cook has extensive training/experience in the areas of Computer Network Administration and Information Assurance (IA), to include Computer Network Attack (CNA) and Computer Network Defend (CND). In regard to CNA activities, he has conducted network security assessments and penetration testing of numerous Naval activities, including on-going security test and evaluation of the Navy's Global Command & Control System Maritime (GCCS-M). He has extensive knowledge and use of the various security and hacker tools/software required to conduct such operations. He has also developed his own security tools to meet specific needs/requirements. In regard to CND activities, Mr. Cook has extensive experience implementing defensive measures such as building, configuring and deploying Firewalls and Network Intrusion Detection Systems (NIDS). He has provided training and recommendations to various Naval activities on ways to improve network security, including on-going recommendations for GCCS-M security related issues. He has also implemented policy, procedures, & processes to establish & maintain network security. Mr. Cook has been cleared for Top Secret information and granted access to Sensitive Compartmented Information (SCI) based on a Singe Scope Background Investigation completed on 930610

CURRENT JOB DESCRIPTION:
06/00 - Present. Principal Information Security Engineer, Integrits Corporation.
Mr. Cook's current position consists of providing IA services to Naval Space & Warfare Systems Command (SPAWAR). He provides IA Engineering & Architecture support to PMW 161-4 (Navy Marine Corps Intranet (NMCI)). In this capacity, Mr. Cook analyzes various aspects of the NMCI architecture and recommends secure, risk-mitigating solutions to existing problems, and secure architectural & engineering solutions to support future growth, services, offerings etc., for NMCI. Mr. Cook is responsible for reviewing the technical packages (consisting of network drawings, conceptual risk assessments, system configuration documents, etc) to ensure compliance with the NMCI SSAA. He also is repsonsible for recommending wheter or not new systems should be issued Interim Authority to Connect (IATC)/Interim Authority to Operate (IATO) on the NMCI.

Mr. Cook is also responsible for Integrits Corporation's in-house information security services, and developing/expanding the Information Assurance Program, which will offer business services in the areas of policy development, security assessments, penetration tests, disaster recovery and business continuity. These responsibilities include:
- Building, configuring & installing network firewalls based on OpenBSD and Packet Filter.
- Configuring and installing & monitoring network intrusion detection systems (IDS), building on OpenBSD and Snort.
- Conducting regular network security assessments against corporate network using various open source tools (Nmap, Nessus, Dsniff, Hunt, fragroute, firewalker, etc) and manual methods.
- Implementing security policy to protect internal network against unauthorized access, and to making provisions for disaster recovery in the event of successful intrusion/attack.
- Establishing an in-house program to train Integrits Personnel in Information Assurance and penetration testing.
- Designing and configuring Information Assurance Laboratory Network to simulate real-world heterogeneous "target" network - consisting of Windows, Unix, Linux, and BSD platforms/operating systems.
- Designing and configuring Student Attack Workstations used to "attack" target network described above.
- Developing training curriculum and scenarios to accomplish IA training and penetration testing as described above.

EMPLOYMENT HISTORY:
12/99 - 06/00. Network Administrator, ManTech
Mr. Cook was a Senior Network Administrator for Fleet Anti-Submarine Warfare Training Center (FASW) San Diego. 
He was responsible for day-today operations, management and upkeep of FASW Local Area Network consisting of approximately 500 users, 400 workstations and 10 network servers.

10/79 - 10/99. Electronic Warfare Technician, Fleet Information Warfare Center, U.S. Navy, 1993-1999
Mr. Cook was responsible for the design, upkeep & security of Local Area Network (LAN) consisting of 150 computer workstations and ten network servers running various network operating systems, including Windows NT, Novell, Linux, BSD and UNIX. These responsibilities included:
- Building, configuring & installing network firewalls consisting of TIS Firewall Toolkit running on Linux & BSD. 
- Configuring and installing various network scanning tools such as ISS Internet Scanner (NT & Unix), Fyodor's NMAP, WebTrend's Security Analyzer, SATAN, etc.
- Configuring and installing various intrusion detection systems (IDS) such as ISS RealSecure, Network Flight Recorder (NFR), Naval Intrusion Detection System (NIDS), Psionic Port Sentry, etc.
- Setting up and securing/hardening all network servers, including Domain Name Servers (NT DNS & Linux/Unix BIND), Email Servers (NT Exchange Server & Linux/Unix Sendmail) and WWW Servers (NT IIS & Linux Apache).
- Implementing security policy to protect internal network against unauthorized access, and to make provisions for disaster recovery in the event of successful intrusion/attack.
- Conducting network security assessment and penetration testing of numerous Naval activities using manual methods, proprietary government/military software, commercial and open source software. Providing feedback and training on ways to improve network security.

HARDWARE EXPERIENCE DETAIL:
IBM PC & Compatibles, 14 years
HP Unix Workstations/Servers, 10 years
Sun Sparc Workstations/Servers, 10 years
Cisco Routers, 4 years
Cabletron MMAC Plus, 4 years
Cabletron SmartSwitch 2200, 2 years
Wireless Access Points, 1 year

OPERATING SYSTEM EXPERIENCE DETAIL:
Solaris, 10 years
HPUX, 10 years
Linux, 9 years
FreeBSD/OpenBSD, 6 years
Windows NT/9x, 5 years
Windows 2000, 3 years
MS DOS, 13 years

SOFTWARE PRODUCT EXPERIENCE DETAIL:
Microsoft Word, 9 years
Microsoft PowerPoint, 9 years
Microsoft Access, 9 years
Microsoft Excel, 9 years
Microsoft Front Page, 7 years
Advanced Adobe Photoshop, 9 years
WordPerfect, 14 years

PROGRAMMING LANGUAGE EXPERIENCE DETAIL:
HTML, 9 years
Unix Shell Scripting, 9 years
BASIC, 2 years

PROFESSIONAL AFFILIATIONS:
Information Systems Security Association (ISSA)
High Technology Crime Investigation Association (HTCIA)

PROFESSIONAL CERTIFICATION/LICENSES:
National Security Agency (NSA) Information Assurance Methodology (IAM) Certification