Hello guys, I write articles and share posts from sites I follow and find interesting. I always think of this question when I think back to the many experiences that I shared with professional friends.
“Where can I begin studying to migrate to safety?”
I wanted to share my journey as a Cybersecurity Analyst, what I have learned and how I am doing it. My IT life has always been based on the principle that “If I’m going to study something, then I will study it very well and with a theoretical framework [books].” Some areas I studied helped me until today when I did a behavioral analysis of an infection, a pentest, vulnerability exploitation, and others.
It is a good idea to learn about the most commonly used protocols and ports, as well as their weaknesses. The main commands that are used for troubleshooting. When I speak of testing networks, I don’t mean using the ping command.
I don’t recommend that you learn all the tools available. I am not suggesting that you study every tool in the world. I recommend that you have a solid understanding of the tools so that you can modify the product interface to make it proprietary or open-source.
This topic is still very relevant to my studies. You might ask, “But why should I learn to operate hypervisors if my goal is to work with Cybersecurity?”. Then there’s the big balcony that allowed me to grow a lot. It’s cool to learn how to use Hyper-V, Hyper-V and VMware. This is a great tool for labs that simulate vulnerability or studies. You need to test malware to identify its behavior.
I believe that one of the most important skills a Cybersecurity professional should have is the ability to use the main OS in the world, which is Windows and Linux. Many professionals have spent their entire career learning one OS, and it was difficult for me to learn another. You will never face difficulties when trying to validate vulnerabilities, pentest, harden, or do other activities.
I recommend that you study the distributions below from Microsoft.
Windows 7 to 10 (Desktop).
Windows 2008, 2012 and 2016 (Server).
Linux is a multi-distribution system. I recommend that you only study the main ones. The rest are derived from them.
Debian (my favourite)
CentOS (community version) of Redhat
Kali (Focused On Security)
Parrot (Focused on Security).
These distributions are a solid foundation that makes it easier to use the other ones on a daily basis.
This is why I think many Cybersecurity Analysts are not signed on Linkedin. They operate only tools and don’t know any theoretical concepts. I once asked a security professional how to prevent SQL Injection attacks against your company’s applications. The answer was “I monitor requests, then when I see a significant rise in requests, I block the origin for some time.” To anyone who asks me for guidance, I always tell them not to be a professional Script Kid. This means that they only know how to run scripts or get them prepared on the internet, and have no idea what the tool or script does. The market is flooded with professionals today so I recommend you study, persevere, and join forums and groups.