I Passed the Security Blue Team Level 1 Exam
Summary
TLDRIn this video, the creator shares their experience with the Security Blue Team Level One certification, which prepares individuals for roles as Security Operation Center analysts. The course covers six domains including security fundamentals, phishing analysis, threat intelligence, digital forensics, SIEM operations, and incident response. It offers a blend of reading materials, video tutorials, and hands-on lab environments, fostering a practical learning experience. The creator emphasizes the value of the certification for beginners in cybersecurity, highlighting the comprehensive content and the enjoyable, hands-on lab and exam components. The certification costs $493, and the creator recommends it for those looking to enter the cybersecurity field, especially for gaining familiarity with tools like Splunk and Autopsy.
Takeaways
- π The speaker recently passed the Security Blue Team Level One certification and shares an honest review of the course.
- π‘οΈ The certification aims to teach skills necessary for becoming a Security Operation Center analyst, covering investigation techniques and tools.
- π The course is divided into six domains: security fundamentals, phishing analysis, threat intelligence, digital forensics, SIEM (Security Information and Event Management), and incident response.
- π The course content includes reading materials, videos, and lab environments for testing knowledge, with a focus on hands-on learning.
- π» Lab environments are accessible directly within the browser, allowing for easy and interactive learning experiences.
- π The speaker appreciates the balance between theoretical learning and practical application provided by the course.
- π οΈ Key tools taught in the certification include Splunk for SIEM, Autopsy for digital forensics, PowerShell and terminal commands, and Wireshark for packet analysis.
- π The exam is a 24-hour open-book test, designed to simulate real-world scenarios and requiring the use of various resources and tools.
- π‘ The speaker recommends brushing up on tools and concepts before taking the exam, as suggested by the course's last modules.
- π° The cost of the course is Β£399 or approximately $493 USD, which the speaker suggests can be covered by an employer.
- π The speaker highly recommends the certification for those looking to enter cybersecurity on the Blue Team side, praising its comprehensive and hands-on approach.
Q & A
What is the Security Blue Team Level One certification about?
-The Security Blue Team Level One certification is designed to teach everything one would need to know to train as a Security Operation Center analyst, including investigation skills and the use of various tools.
How many domains does the certification consist of?
-The certification is comprised of six different domains covering security fundamentals, phishing analysis, threat intelligence, digital forensics, SIEM (Security Information and Event Management), and incident response.
What type of content can be expected in the course?
-The course content includes reading materials, video tutorials, and lab environments for testing knowledge. It is designed to provide a balance between theoretical understanding and hands-on experience.
How are the lab environments presented in the course?
-The lab environments are accessible directly inside the browser or website, allowing students to easily start a lab, conduct analysis, and answer questions within the lab interface.
What is the duration of the course content based on the speaker's experience?
-The speaker took approximately one to two hours per day for about a month to a month and a half to complete the course content.
Which tools are covered in the certification and why are they important?
-The certification covers tools like Splunk, Autopsy, PowerShell, and Wireshark. These tools are important as they are commonly used by Security Operation Center analysts for tasks such as querying logs, digital forensics, command execution, and packet analysis.
What is the format of the certification exam?
-The exam is a 24-hour open-book and open-note format, where the candidate must answer 20 open-ended questions, simulating a real-world SOC investigation.
How long did it take the speaker to complete the exam?
-The speaker took 10 hours and 20 minutes to complete the exam, with multiple breaks included.
What advice does the speaker give for preparing for the exam?
-The speaker advises to brush up on the tools used in the course, review the labs, and take the time to understand the questions and type in the answers correctly without rushing.
What is the cost of the course?
-The course costs 399 British pounds, which is equivalent to approximately $493 US Dollars.
Who would the speaker recommend this certification for?
-The speaker recommends this certification for anyone looking to break into cybersecurity on the Blue Team side, especially those with no background in cybersecurity, as it provides comprehensive and hands-on learning.
Outlines
π‘οΈ Overview and Honest Review of Security Blue Team Level One Certification
In this section, the speaker introduces the Security Blue Team Level One Certification and provides an overview of the video content. They emphasize that the review is unsponsored and honest. The certification is aimed at those training to become Security Operation Center analysts, covering various domains and skills needed for the role.
π Detailed Breakdown of Certification Domains
This part outlines the six domains covered by the certification: security fundamentals, phishing analysis, threat intelligence, digital forensics, Security Information and Event Management (SIEM), and incident response. Each domain is briefly explained, highlighting the skills and knowledge they impart.
π» Course Content and Structure
The speaker describes the course content, which includes reading materials, videos, and lab environments. They praise the hands-on labs that simulate real-world scenarios, making it easier for learners to grasp concepts and apply their knowledge. The content is designed to be accessible and comprehensible for entry-level cybersecurity analysts.
π οΈ Tools and Hands-On Skills
A list of tools and skills gained through the certification is provided, including Splunk, Autopsy, PowerShell, and Wireshark. These tools are essential for performing tasks such as querying logs, conducting digital forensics, and analyzing network packets, which are critical skills for a Security Operation Center analyst.
π Exam Structure and Preparation Tips
The speaker explains the 24-hour open-book exam format, emphasizing the importance of being thorough and methodical. They share personal tips on preparing for the exam, such as reviewing course materials, brushing up on tools, and taking quality notes. The exam simulates real-world SOC investigations with open-ended questions.
π· Course Cost and Recommendation
The certification cost is discussed, with the price being Β£399 (approximately $493 USD). Despite the higher cost, the speaker recommends the certification for those interested in breaking into the cybersecurity field, particularly on the Blue Team side. They highlight the comprehensive, hands-on nature of the labs and exams as key benefits.
π Final Thoughts and Call to Action
In the closing segment, the speaker summarizes their positive experience with the certification, recommending it for beginners in cybersecurity. They encourage viewers to check out the certification, like the video, subscribe to the channel, and follow them on social media for more cybersecurity content.
Mindmap
Keywords
π‘Security Blue Team
π‘Certification
π‘Security Operation Center (SOC) Analyst
π‘Investigation Skills
π‘Phishing Analysis
π‘Threat Intelligence
π‘Digital Forensics
π‘SIEM (Security Information and Event Management)
π‘Incident Response
π‘Lab Environments
π‘Exam
Highlights
Passed the Security Blue Team, Level One certification.
Provides an honest review of the course without sponsorship.
Certification prepares you for a role as a Security Operation Center analyst.
Includes six different domains covering various security skills.
Domains include security fundamentals, phishing analysis, threat intelligence, digital forensics, SIEM, and incident response.
Course content is a mix of reading, video, and lab environments.
Lab environments are accessible directly within the browser for hands-on learning.
Reading material is bite-sized and avoids jargon for an entry-level audience.
Course duration is flexible, taking about a month and a half at one to two hours per day.
Tools covered include Splunk, Autopsy, PowerShell, Terminal, and Wireshark.
Exam is a 24-hour open-book test with 20 open-ended questions.
Exam simulates real-world scenarios for a security operations center analyst.
Course cost is Β£399 or $493 USD.
Highly recommends the certification for those looking to break into cybersecurity on the Blue Team side.
Course provides comprehensive and digestible content with hands-on experience.
Labs and exams are the most valuable and enjoyable parts of the certification.
Transcripts
so I just passed the security Blue Team
level one certification a few days ago
and in today's video I want to give you
guys a complete comprehensive breakdown
of my honest opinion on the course
itself what to expect what you guys will
learn whether or not i' recommend you
guys take it as well so I just wanted to
say before we go ahead and get into the
video security blue team did not sponsor
me for this video they didn't pay me a
penny uh to say the things that I'm
about to say in this video it's going to
be a completely honest review for my
experience so let's go ahead and start
this video by talking about exactly uh
what the security Blue Team level one
certification is and what you guys can
expect so this certification is going to
teach you everything you would need to
know as if you were training to become a
security Operation Center analyst within
aak um so this includes different
investigation skills and using different
tools that I'll elaborate a little bit
more in the video later on so the
certificate itself is comprised of six
different domains and we'll go over them
right now so the first domain is going
to be the security fundamentals and
that's just going to teach you the
basics of cyber security domain number
two is fishing analysis this is going to
go over exactly how to identify a
suspicious fishing email domain number
three is threat intelligence
understanding exactly how threat
intelligence Works how a threat
intelligence team operates and gets
their intelligence domain number four is
digital forensics this one was honestly
the most interesting domain to me uh
just because I had the least amount of
knowledge on it um but this goes into
using different tools how these fic
teams operate op Ates when it comes to
an investigation domain number five is
the uh Sim this is going to teach you
how to query a Sim how Sims work how Al
learning works and how to conduct an
investigation within a Sim domain number
six is incident response this is going
to teach you exactly how an incident
Response Team operates how it will
conduct itself once a incident actually
occurs within an organization's
environment so let's go ahead and talk
about the actual course content so these
six different domains are broken down
into different sections and these
sections contain mostly reading you'll
have some video sprinkled throughout and
then lastly once you go to the end of
these different sections you'll be
tested on your knowledge through
different lab environments one of the
biggest things that I really enjoyed
about this certification is that these
lab environments are found directly
inside of the browser or the website
itself it's really easy to access you
just hit start machine and your lab will
just spin up and you can go ahead and
conduct your analysis and they'll have
the questions on the side as well so you
can just answer them within lab if
you've ever taken a try hacky room
before it's very similar in the way that
it works you just put in your answer and
submit it and it'll tell you if you're
right or wrong it's a great way in my
opinion to test your knowledge I really
enjoy this type of course where they
give you some reading and some video
material and at the end it test your
knowledge that just fits my way of
learning the most I'm really a Hands-On
learner so the reading material itself
is broken down into like paragraph forms
it's really sort of bite-sized they
don't use any jargon that you know an
entry level cyber security analysts
wouldn't know about so this
certification does a great job at giving
you that sort of nice balance of sort of
sitting back and just understanding
information reading and watching video
tutorials but they also have that
balance of that hands-on experience with
the labs as well so I really enjoyed
that balance with the course material
and it really made it easy for me and
enjoyable for me to continue going
throughout the entire certification I
think going through the material itself
I did probably around an hour or two per
day for want to say about a month to a
month and a half um so it didn't take me
too long as well I wasn't in any rush to
kind of complete it so I really enjoyed
that flexibility and the content aspect
of the certification so now let's go
ahead and talk about what you'll
actually learn so like kind of the
Hands-On skills so in my opinion the
most valuable part of the certification
itself is going to be the tools and the
Hands-On skills that you'll get from
taking this certification in these
different labs and the actual exam
itself so I'm going to name off a few of
the main tools that you'll learn how to
use when taking this certification it's
not limited to these tools there's a
bunch of more uh tools that you'll learn
throughout the entire certification so
the first one is going to be Splunk
which is the main Sim that they use in
the lab and the exam environment so this
is going to be teaching you how to query
uh within Splunk and finding different
logs in order to further your
investigation and that's going to be the
most important skill I feel like when it
comes to being a security Operation
Center analyst and conducting an
investigation number two is is going to
be using autopsy which is like a digital
forensics uh tool that you'll use in
order to navigate through a dis image
and navigate through the file directory
and trying to find different artifacts
in order to further your investigation
as well number three is learning how to
use Powershell and terminal they're
going to teach you the basics like
different commands that you can use in
order to find different artifacts as
well in order to continue your
investigation and number four is wire
shark which is pretty much a packet
analyzer that you can use to
understand different connections uh
different timelines and really help
build out your investigation as well so
let's move on to the actual exam itself
so you're able to actually take the exam
whenever you want to you don't have to
finish all the course content in order
to take the exam um but I personally
completed all the course content before
I went ahead and felt comfortable taking
the exam just because first of all I
wasn't in a rush to complete the
certification and also I was actually
interested and wanted to learn about all
the different modules within the course
content I finished the course content
like I said before in about a month to a
month and a half and after that I went
ahead and took about a day or two to
brush up on the different labs and the
different tooling just to get a
refresher and from there I went ahead
and began the exam so this was actually
my first 24-hour exam you have a 24-hour
window to submit your exam you must
submit it before the 24-hour period is
over so it took me about 10 hours and 20
minutes to complete the entire exam I
had multiple breaks throughout I had
lunch uh during during my exam as well
uh it's open book you can use your notes
that you've taken throughout the entire
course so make sure you take some
quality notes you can use Google um if
you want to search something up if you
forgot something or how to use something
um so there's no pressure on that end I
think the main reason why they wanted to
make it an open book open note exam is
because in a real world scenario if
you're a security operations center
analyst you're going to be able to use
different resources like Google maybe
some of your co-workers and ask them
questions so they want to sort of
simulate the exact same situation as if
you were in a real world environment so
the actual exam itself is similar to a
real world uh sock investigation there's
no multiple choice questions it's going
to be all sort of open-ended questions
um similar to a tryck me room if you had
those before but it's going to be very
similar to the labs that you'll do
throughout the entire course so you need
to answer 20 Questions within 24 hours
so you have a lot of time when it comes
to conducting
this investigation for the exam there's
no rush make sure you guys take your
time really understand what the question
is asking make sure you type in your
answers correctly as well and just make
sure to review your questions once you
get your answer make sure you're right
don't overthink things those are pretty
much going to be my tips when taking the
exam one of the biggest tips that I can
give you is before you take the actual
exam is to brush up on the tools that
you use one of the things that I really
enjoyed about the actual course content
is that one of the last modules they
actually explain to you what you should
brush up on prior to beginning the exam
they actually tell you what to study and
what to brush up on like the different
tooling the different concepts that you
should brush up on prior to starting the
exam which I found really helpful so one
of the biggest tips I can give you is
make sure you guys take your time and
don't rush into the exam make sure you
understand everything and make sure
you're familiar with the different tools
that they actually tell you to get ready
for so the course itself cost 399
British pounds and in US Dollars that's
$493
it's a little bit more pricey on the
pricey side of things but um you can
definitely get your employer to do that
so to sum this video all up what I
recommend you take this certification
and my simple answer to that is going to
be yes if you're someone who is looking
to break into cyber security on The Blue
Team side of things this certification
is going to be a great place to start
you're going to get hands-on experience
when it comes to the tools that Security
operation Center analysts actually use
like Splunk autopsy and even a lot more
tools than that the content itself was
was really comprehensive and digestible
it was easy to follow along there was at
no point where I was completely confused
so if you're someone who has no
background in cyber security I would
highly highly recommend this course I
can't say it enough and in my opinion I
think the most value that you get from
this certification is going to be
through the lab and through the exam the
most hands-on experience um the labs and
the exams were the most fun parts of
this uh certification and even at times
during the exam itself I found myself
having fun and really enjoying it if you
guys want to go ahead and check out this
certification I'll leave a link in the
description below highly recommend this
course I really enjoy taking it uh but
thank you guys so much for watching I
hope this video provide you with some
kind of value and insight if you're
considering taking this course make sure
to like the video and subscribe to my
channel if you're new for more cyber
security related content and make sure
to follow me on Instagram and Tik Tok at
cyberith Ben for more short form and
lifestyle content with that being said
guys thank you so much for watching and
I'll catch you guys in the next video
peace peace
Browse More Related Video
![](https://i.ytimg.com/vi/dHxEd5o_22I/hq720.jpg)
I Passed the CompTIA Security+ Certification in 9 Days
![](https://i.ytimg.com/vi/JbEPJv7Ybcs/hq720.jpg)
What You Should Learn Before "Cybersecurity" - 2023
![](https://i.ytimg.com/vi/Mukn1dxW5sw/hq720.jpg)
AZ-104 Exam EP 01: AZ104 Course Introduction
![](https://i.ytimg.com/vi/aPKJvJIGpQM/hq720.jpg)
FREE Cyber Security Training for Beginners (HIGH Demand Skills)
![](https://i.ytimg.com/vi/df0J9wCBdsA/hq720.jpg)
IT:16 Cybersecurity Training Platforms
![](https://i.ytimg.com/vi/hAtYSXne1kE/hq720.jpg?v=6648b663)
GRC Certification Roadmap v1.0: Recommended Training and Certs #cybersecurity #grc
5.0 / 5 (0 votes)