I Passed the Security Blue Team Level 1 Exam

Ben Truong

29 Apr 202409:30

Summary

TLDRIn this video, the creator shares their experience with the Security Blue Team Level One certification, which prepares individuals for roles as Security Operation Center analysts. The course covers six domains including security fundamentals, phishing analysis, threat intelligence, digital forensics, SIEM operations, and incident response. It offers a blend of reading materials, video tutorials, and hands-on lab environments, fostering a practical learning experience. The creator emphasizes the value of the certification for beginners in cybersecurity, highlighting the comprehensive content and the enjoyable, hands-on lab and exam components. The certification costs $493, and the creator recommends it for those looking to enter the cybersecurity field, especially for gaining familiarity with tools like Splunk and Autopsy.

Takeaways

📚 The speaker recently passed the Security Blue Team Level One certification and shares an honest review of the course.
🛡️ The certification aims to teach skills necessary for becoming a Security Operation Center analyst, covering investigation techniques and tools.
📈 The course is divided into six domains: security fundamentals, phishing analysis, threat intelligence, digital forensics, SIEM (Security Information and Event Management), and incident response.
📝 The course content includes reading materials, videos, and lab environments for testing knowledge, with a focus on hands-on learning.
💻 Lab environments are accessible directly within the browser, allowing for easy and interactive learning experiences.
👍 The speaker appreciates the balance between theoretical learning and practical application provided by the course.
🛠️ Key tools taught in the certification include Splunk for SIEM, Autopsy for digital forensics, PowerShell and terminal commands, and Wireshark for packet analysis.
📝 The exam is a 24-hour open-book test, designed to simulate real-world scenarios and requiring the use of various resources and tools.
💡 The speaker recommends brushing up on tools and concepts before taking the exam, as suggested by the course's last modules.
💰 The cost of the course is £399 or approximately $493 USD, which the speaker suggests can be covered by an employer.
🎓 The speaker highly recommends the certification for those looking to enter cybersecurity on the Blue Team side, praising its comprehensive and hands-on approach.

Q & A

What is the Security Blue Team Level One certification about?
-The Security Blue Team Level One certification is designed to teach everything one would need to know to train as a Security Operation Center analyst, including investigation skills and the use of various tools.
How many domains does the certification consist of?
-The certification is comprised of six different domains covering security fundamentals, phishing analysis, threat intelligence, digital forensics, SIEM (Security Information and Event Management), and incident response.
What type of content can be expected in the course?
-The course content includes reading materials, video tutorials, and lab environments for testing knowledge. It is designed to provide a balance between theoretical understanding and hands-on experience.
How are the lab environments presented in the course?
-The lab environments are accessible directly inside the browser or website, allowing students to easily start a lab, conduct analysis, and answer questions within the lab interface.
What is the duration of the course content based on the speaker's experience?
-The speaker took approximately one to two hours per day for about a month to a month and a half to complete the course content.
Which tools are covered in the certification and why are they important?
-The certification covers tools like Splunk, Autopsy, PowerShell, and Wireshark. These tools are important as they are commonly used by Security Operation Center analysts for tasks such as querying logs, digital forensics, command execution, and packet analysis.
What is the format of the certification exam?
-The exam is a 24-hour open-book and open-note format, where the candidate must answer 20 open-ended questions, simulating a real-world SOC investigation.
How long did it take the speaker to complete the exam?
-The speaker took 10 hours and 20 minutes to complete the exam, with multiple breaks included.
What advice does the speaker give for preparing for the exam?
-The speaker advises to brush up on the tools used in the course, review the labs, and take the time to understand the questions and type in the answers correctly without rushing.
What is the cost of the course?
-The course costs 399 British pounds, which is equivalent to approximately $493 US Dollars.
Who would the speaker recommend this certification for?
-The speaker recommends this certification for anyone looking to break into cybersecurity on the Blue Team side, especially those with no background in cybersecurity, as it provides comprehensive and hands-on learning.