How I Would Learn Cyber Security If I Was To Start Over in 2024 (Beginner Roadmap In Cybersecurity)
Summary
TLDRIn this video, the speaker shares insights on how they would approach starting a career in cybersecurity in 2024. They emphasize mastering the basics, such as networking and system administration, and gaining hands-on experience. The speaker advises choosing a specialization, such as pentesting or cloud security, and getting certified to prove practical knowledge. They also stress the importance of building a professional network and staying updated with industry trends through continuous learning.
Takeaways
- π Start with mastering the basics of cybersecurity, including networking, computer setups, and system administration.
- π§ Gain practical experience by setting up networks and computers for friends, local charities, or churches.
- π‘ Understand the fundamentals of networking, such as IP addresses, protocols, and how data traverses networks.
- π Utilize resources like CompTIA IT Fundamentals, Network+, and A+ to build a strong foundation in cybersecurity.
- π― Choose a specialization within cybersecurity, such as system administration, network engineering, or cloud engineering.
- π οΈ Develop expertise in specific areas like Windows Server, DNS, Active Directory, or firewalls, based on your chosen specialization.
- π¬ Get hands-on practice with platforms like Hack The Box, TryHackMe, or by creating your own home lab for real-world experience.
- π Consider getting certified in your area of specialization, such as OSCP, PTP, or EJPT for practical knowledge and recognition.
- π€ Build a professional network by participating in cybersecurity forums, Discord servers, and local meetups to share knowledge and insights.
- π Stay updated with the latest trends and advancements in cybersecurity through blogs, trainings, podcasts, and industry events.
Q & A
What was the speaker's experience at St Pete?
-The speaker had a really good time at St Pete, enjoying meeting every single person in their workshop and conference.
What is the first step the speaker suggests for mastering cybersecurity?
-The first step is to master the basics of cybersecurity, such as networking, computer setups, and system administration.
Why is it important to understand what happens when you hit the power button on a computer?
-Understanding what happens when the power button is hit helps in grasping the fundamentals of system administration, which is critical in cybersecurity.
What resources are recommended for learning the basics of networking and computer systems?
-Resources like CompTIA's IT Fundamentals, Network+, and A+ are recommended for mastering the basics.
Why is choosing a specialization important in cybersecurity?
-Choosing a specialization allows one to focus on a specific area of cybersecurity, such as pentesting or cloud security, and become highly proficient in it.
What does the speaker suggest for getting hands-on practice in cybersecurity?
-The speaker suggests creating a home lab, using platforms like Hack The Box and TryHackMe, and participating in workshops for hands-on experience.
What is the significance of getting hands-on experience in cybersecurity?
-Hands-on experience is critical for understanding real-world scenarios and for troubleshooting and solving problems in a legal and controlled environment.
Which certifications does the speaker recommend pursuing in cybersecurity?
-The speaker recommends certifications from CompTIA, Offensive Security, and other practical certifications like PTP, OSCP, and CTPS.
Why is it important to build a network in the cybersecurity field?
-Building a network helps in sharing ideas, getting guidance, and finding job opportunities within the cybersecurity community.
How can one stay updated in the fast-paced cybersecurity industry?
-One can stay updated by following blogs, participating in trainings, listening to podcasts, and attending events to keep abreast of the latest trends and developments.
What is the speaker's advice for those starting over in cybersecurity in 2024?
-The speaker advises starting with the basics, choosing a specialization, getting hands-on experience, getting certified, building a network, and staying updated.
Outlines
π Starting Over in Cybersecurity
The speaker begins by expressing gratitude for a recent event at St Pete and then dives into a discussion about how they would approach starting a career in cybersecurity in 2024. The first step emphasized is mastering the basics, such as networking, computer setups, and system administration. The speaker suggests gaining practical experience by offering to help friends or local organizations with their IT needs. They also highlight the importance of understanding what happens when a computer boots up and the fundamentals of networking, including IP addresses and data transmission. The speaker recommends using resources like CompTIA's IT Fundamentals, Network+, and A+ to build a strong foundation in these areas.
π οΈ Hands-On Experience and Certifications
In the second paragraph, the speaker continues with advice on gaining hands-on experience, which they consider critical for anyone entering the cybersecurity field. They recommend setting up home labs and transitioning to online platforms like Hack The Box and TryHackMe for practical learning. The speaker also stresses the importance of certifications, suggesting that practical certifications from organizations like Offensive Security, CompTIA, and others are more beneficial than multiple-choice exams. They also encourage building a professional network through platforms like LinkedIn, Discord, and local meetups, which can be invaluable for job seekers and those looking to grow in the field. The speaker concludes by urging viewers to stay curious, hands-on, and continuously learning, emphasizing the fast-paced nature of the cybersecurity industry.
Mindmap
Keywords
π‘Cyber Security
π‘Pen Testing
π‘System Administration
π‘Networking
π‘Specialization
π‘Hands-On Practice
π‘Certifications
π‘Home Lab
π‘Active Directory
π‘Social Engineering
π‘Stay Updated
Highlights
Master the basics of cyber security, including networking, computer setups, and system administration.
Offer to help local charities or churches with networking and computer setups to gain practical experience.
Understand the fundamentals of networking, such as IP addresses and data transmission across networks.
Learn how to build computers, install operating systems, and administer systems.
Choose a specialization within cyber security, such as system administration, network engineering, or cloud engineering.
Transition from system administration to network engineering and specialize in areas like firewalls and threat defense.
Specialize in pentesting and social engineering, focusing on both internal and external assessments.
Get hands-on practice with platforms like Hack The Box and Try Hack Me, and create your own home lab.
Set up your own home lab to gain real-world experience and learn to troubleshoot systems legally.
Get certified in your chosen specialization, such as TCM, Offensive Security, or other practical certifications.
Build a network by participating in cyber security forums, attending local meetups, and engaging with the community.
Stay updated with industry changes through blogs, trainings, podcasts, and events.
Stay curious and keep pushing your learning boundaries in cyber security.
Engage in workshops and hands-on labs to gain practical experience and improve your skills.
Understand the importance of DNS settings and how they affect system connectivity in a network.
Transcripts
hey what's up everyone welcome back to
another video I just want to say thank
you to everyone first of all at St Pete
bides this weekend I had a really really
good time I really enjoyed meeting every
single person in my workshop and in the
conference so thank you so much for that
if you guys are ready today we're going
to be talking about if I had to start
over in 2024 in cyber security pen
testing or whatever you want to call it
what would I do so I was getting that
question a lot this weekend if you can
start over how would you approach it so
we're going to go over some steps and
let's get into the
[Music]
video all right everyone so the first
step into mastering cyber security or
what I would do if I was starting all
over in 2024 is master the basics of it
right what is this actually mean maybe
some basic networking computer setups
system Administration what you can do is
do basic Network setups for your friends
go to a local charity go to a local
church and say hey do you guys need any
networking or computer setups just to
plug it in understanding when you hit
the power button on a computer when it
boots up what exactly is happening right
so that's definitely the first step
right because in cyber security
fundamentals and understanding the solid
system administration maybe some light
programming is super super critical
right I'd learn how to Network computers
build computers install operating
systems this is what I would do if I had
to start all over right and
understanding first of all understanding
the fundamentals of networking such as
IP addresses protocols how data
traverses across your basic Network or
your local network and across the web
right when you send out a packet when
you go to google.com or facebook.com or
youtube.com what exactly is happening so
and obviously some resources that you
can use to get this knowledge is stuff
like from compt or you can do the it
fundamentals plus they have a basic
basic one network plus A+ all of this
will help you master the basics that's
number one okay so the second thing that
I have when I wrote down on the way home
is choose a specialization what does
this really mean so for example me when
I got into it want to specialize in
system administration right I got really
good with Windows Server I got really
good with all the stuff DNS active
directory Windows clients all that good
Jazzy Jazz right so then I trans I
transitioned into Network Administration
network engineering Cloud engineering
and building out like VMware
understanding Cisco routing switching
firewalls and all that stuff and then
that was my specialization right I was
really really good with firewalls that
was my specialization I was really good
with ASAS and fire power threat defense
or ftds and all that stuff so that's
where my specialty was before I got into
the world of pen testing and offensive
security and cyber security right so
choose a specialization and I think that
will be awesome awesome for you like my
specialization now is a little all over
the place right for me personally I like
to do the Blue Team aspect and I like to
do the offensive right so but my
specialization is probably pentesting
and in all honesty social engineering
internals externals Wi-Fi pen testing
that's what I specialize in right can I
dabble in some other stuff absolutely
but I have my specialization and I know
what I'm good at right
so and now what you can do is choose a
path right do you want to focus on pen
testing you want to focus on sock
analyst you want to do Cloud security
and once you actually choose whatever
you want to dabble in and get better at
what you can do is specialize in that
and start training in those areas right
for an example if you wanted to become a
pentester you can start learning you
know burp Suite Cali Linux you know
active directory depending on what you
want to you know what Avenue what
specialty you want to do in pen testing
for example web app testing you'll
understand fuzzing you have to
understand burp Suite proxies code maybe
code review and all the stuff that you
know web pen testers do if you want to
be an internal assessor and you want
want to learn about active directory pen
testing you have to learn what active
directory really is and understand the
ins and outs of it because if you don't
know how to build it you don't know how
to administer it how can you attack it
right just think about that for a second
and the next step that I would say this
is probably one of the critical if
you're getting into pen testing and even
defensive stuff and sock analyst is get
Hands-On practice right so practice
practice practice I got an itch on my
nose you can do this with my my course I
do a lot of uh practice Hands-On for pen
testing you can use hack the box you can
use try hack me but I I believe home
Labs is where it's at create your own
home lab and then transition to an
online platform just because you can
have an understanding of those
fundamental knowledge before you start
going on to the internet and hacking and
that's just my recommendation that's
what I did and this this video is all
about what I would do if I had a start
over these are the things I would do
right because cyber security is all
about getting hands-on experience right
so you have platforms like hack to box
try hack me all this
stuff and then setting up your own home
lab is essential for getting real
Hands-On and Real World Experience right
learn how to solve break your system
legally you can solve it maybe you join
maybe this is real world right and this
happened to me when I first started
setting up my labs many many moons ago I
would set up active directory for an
example and when you set up active
directory on your own if you do it with
2019 2022 server you have a DNS server
right so your DNS server should point to
the DC IP address normally so if you
don't reassign say for an example your
DC is 19216811
100.5 okay and your gateway is one and
now sometimes like if you reboot you go
back into your ipv4 settings your DNS is
probably going to be the loop back
12701 if you leave it as as so and you
go to your Windows 10 machine and you
try to join that computer it's not going
to know where to find DNS so what you
have to do is have a preferred DNS
server and point it to five in this
example and now on your unless you have
a dhp server that's handing out DNS and
all that stuff but that's something on a
different level but if you want to get
your windows 10 onto your onto your
active directory you have to make sure
Windows 10 is pointing to
192.168.1 100.5 in that instance right
for that example so just make sure and
breaking it you know troubleshooting it
it's real Hands-On so I always recommend
that Hands-On that's why I do a lot of
workshops Hands-On Labs setting it up
because things things are really really
critical when you have the real world
experience and the next thing here I
have on my screen that I written down
was get
certified so what does this mean so you
can get uh prepared for uh for an
example for certifications from like TCM
security offensive security hack the box
so many other things right pmpt PJP ejpt
ocp cpts there's so many other
certifications out there that you can
prepare those are the ones that I would
recommend because it's practical
knowledge right it's not like going for
your pentest Plus or C or any of those
because those are like multiple choice
yes you have the C practical but at you
know unless you're going for a
government position yeah C Security Plus
those are mandatory they're not optional
so I would always recommend that and
remember if you get into a
specialization for example like Cloud
maybe you'll do like Azure security or
AWS security or whatever your specialty
remember have a specialty and I think
that is always really critical okay and
then the next thing I have here is build
a network and stay updated what do I
mean by that so if you want to have a
network like on LinkedIn groups
participate in different cyber security
forms you can go on Discord servers you
can go on local meetups like I just went
to bide St Pete it's not local for me
it's about 5 hours away but I went there
I did a workshop I got to network with
folks meet so many awesome people and
it's always always good to network
especially when you're looking for a job
and you're getting into the field
because now you're going to get together
in a community with like-minded people
and you can share your thoughts and what
you want to do and maybe they can guide
you to that path you know so the
industry obviously changes really really
fast really quickly and just stay up to
date with like blogs trainings podcasts
uh different kinds of events that's
always always critical if you're getting
into the field or if I wish to do this
all over these are the things I would do
right and that's pretty much it so
that's my road map if I was to start
again from scratch in 2024 so remember
stay curious stay Hands-On keep pushing
keep learning and obviously don't forget
to like this video subscribe share it
and for any other tips and tricks stay
tuned
[Music]
Browse More Related Video
How I Would Learn Cyber Security If I Could Start Over (Amazon Principal Security Engineer)
Getting Into Cyber Security: 5 Skills You NEED to Learn
How I Would Learn Digital Marketing (If I Could Start Over)
Do you have what it takes to get into Cybersecurity in 2024
How I'd Learn Data Science In 2024 (If I Could Restart) - The Ultimate Roadmap
Top tips to become a hotel general manager
5.0 / 5 (0 votes)