RoadMap to CyberSecurity(S. E Lampaku)

This is a satirical website. Don't take it Seriously. It's a joke.

Monday 06 December 2059 78073 Shares

RoadMap to CyberSecurity(S. E Lampaku)

Roadmap to Cybersecurity:

1. Learn OS functionality. Should understand the boot, load, running, update, and shut down processes/procedures for both Windows and Linux (ubuntu). This includes where configurations are stored, scripting, process start/stop, memory use, storage mounting, user creation, privileged elevation, and root/service access or interaction.

2. Learn networking functionality. You should know the basics of internetworking, RFCs, packets, TCP/IP stacks, and the devices controlling it all (switches, routers, multiplexers, etc). This includes the use of networking at the OS level and a ball park understanding of what the logs look like whenever a session is established or torn down via a browser versus a service.

3. Learn enterprise management. Should understand how the end-point OS interacts via the network within a larger authority environment (enterprise). Should understand the use of servers, AD, permissions sets, groups, enrollments, GPOs, software management, and policy management. Again, should understand how this is applied to the end-points, which includes servers.

4. Understand basic fundamentals of security. You should review basic security architecture (firewalls, IDS/IPS, HIPS, AV, DLP, EDR, gateway, SIEM, SOAR, vulnerability scanners, etc), security concepts (RBAC, least-privilledge, zero-trust, CIA, job segregation, forced vacation, etc), and the basic fields of security.

5. Experience multiple security fields. Once you have a fundamental understanding of the operations of the enterprise environment and the security aspects of that environment, start playing with multiple fields. Try some forensic investigation labs online, review some basic bug bounty reporting, do some malware analysis labs, try pennetration testing. Get your hands dirty and try everything. Keep in mind that Risk management and vulnerability management are both technically cyber security related, but are more custodial work (I said management, not discovery).

6. Get relevant certifications along the way. There is no "magic pill" of security certifications and no central authority that will determine a job. Depending on the CS field you enjoy will depend on the recommendation for certification. FURTHERMORE (and I cannot stress this enough) THESE RECOMMENDATIONS ARE TEMPORARY AND CHANGING. When I started out in security, CEH was the standard for Cybersecurity, now it is just ok. It used to be CISSP was the bar of excellence, now everyone has one. These tests and revisions change the employers opinion of the capability. I have found time and time again that the most resilant measure of capability in cyber security is experience. A degree or a few certifications will get you into an interview, but being able to have an intelligent conversation about security topics, backed by research or experience, is what will get you to stay. Communication is key in this field because a breach can occur pretty easily, cost millions of dollars in remediation, and it is encumbant on you as a security service provider, to explain highly technical issues in a manner to be understood by ALL STAKEHOLDERS.
PRD by SE Lampaku!

This is a satirical website. Don't take it Seriously. It's a joke.

loading Biewty

Most Popular

  1. 1

    has ganado un iphone 12 pro max Solo tiene que mandárselo a 20 personas de tus amigos


Ccc