How I Would Learn Cyber Security If I Was To Start Over in 2024 (Beginner Roadmap In Cybersecurity)

00:00

hey what's up everyone welcome back to

00:01

another video I just want to say thank

00:03

you to everyone first of all at St Pete

00:06

bides this weekend I had a really really

00:09

good time I really enjoyed meeting every

00:11

single person in my workshop and in the

00:14

conference so thank you so much for that

00:16

if you guys are ready today we're going

00:18

to be talking about if I had to start

00:20

over in 2024 in cyber security pen

00:23

testing or whatever you want to call it

00:24

what would I do so I was getting that

00:27

question a lot this weekend if you can

00:29

start over how would you approach it so

00:32

we're going to go over some steps and

00:33

let's get into the

00:37

[Music]

00:41

video all right everyone so the first

00:44

step into mastering cyber security or

00:47

what I would do if I was starting all

00:48

over in 2024 is master the basics of it

00:53

right what is this actually mean maybe

00:55

some basic networking computer setups

00:59

system Administration what you can do is

01:02

do basic Network setups for your friends

01:04

go to a local charity go to a local

01:06

church and say hey do you guys need any

01:08

networking or computer setups just to

01:10

plug it in understanding when you hit

01:12

the power button on a computer when it

01:14

boots up what exactly is happening right

01:17

so that's definitely the first step

01:19

right because in cyber security

01:20

fundamentals and understanding the solid

01:23

system administration maybe some light

01:25

programming is super super critical

01:27

right I'd learn how to Network computers

01:31

build computers install operating

01:33

systems this is what I would do if I had

01:36

to start all over right and

01:38

understanding first of all understanding

01:40

the fundamentals of networking such as

01:42

IP addresses protocols how data

01:45

traverses across your basic Network or

01:47

your local network and across the web

01:50

right when you send out a packet when

01:52

you go to google.com or facebook.com or

01:55

youtube.com what exactly is happening so

01:59

and obviously some resources that you

02:01

can use to get this knowledge is stuff

02:05

like from compt or you can do the it

02:07

fundamentals plus they have a basic

02:09

basic one network plus A+ all of this

02:13

will help you master the basics that's

02:16

number one okay so the second thing that

02:20

I have when I wrote down on the way home

02:23

is choose a specialization what does

02:25

this really mean so for example me when

02:28

I got into it want to specialize in

02:31

system administration right I got really

02:33

good with Windows Server I got really

02:35

good with all the stuff DNS active

02:37

directory Windows clients all that good

02:40

Jazzy Jazz right so then I trans I

02:43

transitioned into Network Administration

02:46

network engineering Cloud engineering

02:48

and building out like VMware

02:50

understanding Cisco routing switching

02:52

firewalls and all that stuff and then

02:55

that was my specialization right I was

02:57

really really good with firewalls that

02:58

was my specialization I was really good

03:00

with ASAS and fire power threat defense

03:03

or ftds and all that stuff so that's

03:05

where my specialty was before I got into

03:07

the world of pen testing and offensive

03:10

security and cyber security right so

03:14

choose a specialization and I think that

03:15

will be awesome awesome for you like my

03:18

specialization now is a little all over

03:20

the place right for me personally I like

03:22

to do the Blue Team aspect and I like to

03:24

do the offensive right so but my

03:27

specialization is probably pentesting

03:29

and in all honesty social engineering

03:32

internals externals Wi-Fi pen testing

03:34

that's what I specialize in right can I

03:36

dabble in some other stuff absolutely

03:38

but I have my specialization and I know

03:41

what I'm good at right

03:44

so and now what you can do is choose a

03:47

path right do you want to focus on pen

03:49

testing you want to focus on sock

03:52

analyst you want to do Cloud security

03:54

and once you actually choose whatever

03:56

you want to dabble in and get better at

03:59

what you can do is specialize in that

04:01

and start training in those areas right

04:04

for an example if you wanted to become a

04:05

pentester you can start learning you

04:08

know burp Suite Cali Linux you know

04:10

active directory depending on what you

04:11

want to you know what Avenue what

04:14

specialty you want to do in pen testing

04:16

for example web app testing you'll

04:18

understand fuzzing you have to

04:20

understand burp Suite proxies code maybe

04:24

code review and all the stuff that you

04:25

know web pen testers do if you want to

04:27

be an internal assessor and you want

04:29

want to learn about active directory pen

04:31

testing you have to learn what active

04:33

directory really is and understand the

04:35

ins and outs of it because if you don't

04:37

know how to build it you don't know how

04:38

to administer it how can you attack it

04:40

right just think about that for a second

04:42

and the next step that I would say this

04:45

is probably one of the critical if

04:47

you're getting into pen testing and even

04:49

defensive stuff and sock analyst is get

04:51

Hands-On practice right so practice

04:54

practice practice I got an itch on my

04:56

nose you can do this with my my course I

04:59

do a lot of uh practice Hands-On for pen

05:03

testing you can use hack the box you can

05:05

use try hack me but I I believe home

05:07

Labs is where it's at create your own

05:09

home lab and then transition to an

05:11

online platform just because you can

05:13

have an understanding of those

05:15

fundamental knowledge before you start

05:17

going on to the internet and hacking and

05:20

that's just my recommendation that's

05:21

what I did and this this video is all

05:24

about what I would do if I had a start

05:26

over these are the things I would do

05:28

right because cyber security is all

05:31

about getting hands-on experience right

05:34

so you have platforms like hack to box

05:35

try hack me all this

05:39

stuff and then setting up your own home

05:42

lab is essential for getting real

05:44

Hands-On and Real World Experience right

05:47

learn how to solve break your system

05:49

legally you can solve it maybe you join

05:53

maybe this is real world right and this

05:55

happened to me when I first started

05:57

setting up my labs many many moons ago I

06:00

would set up active directory for an

06:01

example and when you set up active

06:03

directory on your own if you do it with

06:06

2019 2022 server you have a DNS server

06:10

right so your DNS server should point to

06:12

the DC IP address normally so if you

06:16

don't reassign say for an example your

06:19

DC is 19216811

06:22

100.5 okay and your gateway is one and

06:27

now sometimes like if you reboot you go

06:30

back into your ipv4 settings your DNS is

06:33

probably going to be the loop back

06:35

12701 if you leave it as as so and you

06:38

go to your Windows 10 machine and you

06:40

try to join that computer it's not going

06:42

to know where to find DNS so what you

06:46

have to do is have a preferred DNS

06:47

server and point it to five in this

06:49

example and now on your unless you have

06:52

a dhp server that's handing out DNS and

06:54

all that stuff but that's something on a

06:56

different level but if you want to get

06:58

your windows 10 onto your onto your

07:02

active directory you have to make sure

07:03

Windows 10 is pointing to

07:06

192.168.1 100.5 in that instance right

07:09

for that example so just make sure and

07:11

breaking it you know troubleshooting it

07:13

it's real Hands-On so I always recommend

07:16

that Hands-On that's why I do a lot of

07:18

workshops Hands-On Labs setting it up

07:21

because things things are really really

07:23

critical when you have the real world

07:26

experience and the next thing here I

07:28

have on my screen that I written down

07:30

was get

07:35

certified so what does this mean so you

07:37

can get uh prepared for uh for an

07:40

example for certifications from like TCM

07:43

security offensive security hack the box

07:45

so many other things right pmpt PJP ejpt

07:50

ocp cpts there's so many other

07:53

certifications out there that you can

07:55

prepare those are the ones that I would

07:56

recommend because it's practical

07:58

knowledge right it's not like going for

08:00

your pentest Plus or C or any of those

08:03

because those are like multiple choice

08:05

yes you have the C practical but at you

08:08

know unless you're going for a

08:09

government position yeah C Security Plus

08:12

those are mandatory they're not optional

08:15

so I would always recommend that and

08:18

remember if you get into a

08:19

specialization for example like Cloud

08:22

maybe you'll do like Azure security or

08:24

AWS security or whatever your specialty

08:27

remember have a specialty and I think

08:29

that is always really critical okay and

08:32

then the next thing I have here is build

08:35

a network and stay updated what do I

08:37

mean by that so if you want to have a

08:41

network like on LinkedIn groups

08:44

participate in different cyber security

08:45

forms you can go on Discord servers you

08:48

can go on local meetups like I just went

08:50

to bide St Pete it's not local for me

08:52

it's about 5 hours away but I went there

08:55

I did a workshop I got to network with

08:56

folks meet so many awesome people and

08:59

it's always always good to network

09:01

especially when you're looking for a job

09:02

and you're getting into the field

09:04

because now you're going to get together

09:05

in a community with like-minded people

09:07

and you can share your thoughts and what

09:09

you want to do and maybe they can guide

09:11

you to that path you know so the

09:15

industry obviously changes really really

09:17

fast really quickly and just stay up to

09:19

date with like blogs trainings podcasts

09:22

uh different kinds of events that's

09:24

always always critical if you're getting

09:26

into the field or if I wish to do this

09:28

all over these are the things I would do

09:30

right and that's pretty much it so

09:33

that's my road map if I was to start

09:35

again from scratch in 2024 so remember

09:38

stay curious stay Hands-On keep pushing

09:41

keep learning and obviously don't forget

09:44

to like this video subscribe share it

09:46

and for any other tips and tricks stay

09:49

tuned

09:54

[Music]