Introduction

For more than a decade, I've been entrenched in the world of Information Security - you might know it as InfoSec, or perhaps "Cyber Security" (it's trendy alter-ego). Along the way, I've come to understand that it's a touch audacious to expect anyone to keep atop of every nitty-gritty detail crucial to our job roles. Honestly, the sheer volume and complexity of knowledge in this domain can be mind-boggling.

Sadly, I lack a photographic memory. Moreover, I've always held a certain scepticism towards those who purport to have all the answers. Experience has taught me that such individuals either:

1. DONT know it all (unfortunately, this is very common...) and there is some, ahem... uniqueness in their work - see the Dunning-Kruger effect

2. They truly are unique in their phenomenal cosmic powers, which most mere mortals cannot hope to match

Now of course, there are a few extraordinarily gifted souls out there who are truly in a league of their own. I affectionately dub them "Unicorns". Perhaps one day we might:

<joke>
    capture one, study it, and replicate their powers for the greater good!
</joke>

However, until such a time, I must resort to alternative strategies.

Embracing Humility and Knowledge Foundations: The Heartbeat of This Aide Memoire

Before delving further, I'd like to underscore several tenets:

1. Admitting, "I don't know," is not just acceptable, but commendable. Recognising when you're out of your depth and seeking clarity is vastly superior to hazarding ill-informed guesses

2. Regularly consulting resources is the norm; few among us can claim encyclopaedic recall

3. It's vastly more beneficial to have a firm grasp on foundational principles, appreciate the range of possibilities, and then consult specific methods when needed, rather than mere rote learning of commands without context

This reasoning forms the bedrock of this Aide Memoire. Allow me to explain.

Admitting you don't know something, when it's true, is way better than pretending you're clued up and then making a hash of things. In my day-to-day job, should I feel like we're all not singing from the same hymn sheet in meetings or chats, I often play the 'I don’t get it' card. It gives others a chance to pipe up if they're also in the dark, and more often than not, I catch a few thankful looks from around the room.

My intentions here are twofold:

1. To dispel the perceived shame in admitting a lack of knowledge

2. To challenge the idea that the loudest voice is always right

I believe it's crucial to understand the bigger picture first and then delve into the specifics. Blindly following procedures without comprehending the reasons can lead to poor habits, misguided decisions, or potential security risks. Instead, I prefer conceptual understanding, which then guides the practical implementations, ensuring they are tried, tested, and reliable.

Therefore, I plan to continuously update this Aide Memoire, creating a growing repository of insights that I can revisit. This approach reduces my need to memorise every specific command. Documenting my understanding ensures consistency in my practices, and it's a useful reference for those times when my memory fails me.

I truly hope you, the reader, find value in this. So, indulge in my thoughts and let's dive in!