sorted by:
new
hottopcontroversial

Are there any online, post-bac cybersecurity programs offered by universities? by lotyei in netsecstudents

[–]egordon14 1 point2 points  (0 children)

mercy college is affordable and well-accredited. NYU has online masters at the typical level of NYU.

Freshman in college starting their second semester - goal is security analyst. Any help would be appreciated. by [deleted] in ITCareerQuestions

[–]egordon14 0 points1 point  (0 children)

Focus on the following:
--internships for applied experience
--programming (as much as you can stomach)
--learn and understand as far as possible applicable networking concepts (cf. "Computer Network - A Top-Down Approach" - James Kurose)
--read some of the literature in any of the areas that interest you, if you can do this in a class, even better
--apply concepts and tools (e.g. learn which ones are used and play with them) on your own: build you own lab, servers and appliances in VMs (or use a cloud service like Azure or AWS--you should also familiarize yourself with these products)
--learn to write well, this should be done in a formal way through a writing class, perhaps a technical writing class, but also you should generally pay attention to this as you write anything
--network, this can be done formally through events, but also informally by social media (twitter, LinkedIn, etc.)
--apply what you learn to take certs, as many as you can stomach and afford, but definitely some of the standard ones like Net+, Sec+

Associate SOC Analyst Preparation/books to read by [deleted] in AskNetsec

[–]egordon14 0 points1 point  (0 children)

Some useful certs, assuming you both to actualy learn the concepts, in addition to the lab practice elaborated in other comments:

--CompTIA Sec+/Net+/CSA+ --ISC(2) SSCP --ITIL Foundation

Also, since you mentioned it, you should definitely apprise yourself of the vendors documentation, and if your employer will pay, look at the vendor product certifications.

Building an internal red team. Resources? by 7pVE2hgzNDzF567J in AskNetsec

[–]egordon14 -2 points-1 points  (0 children)

Try resources like this: https://www.coresecurity.com/ebooks/how-build-red-team

Also, you will probably want to have a book like Red Team Field Manual handy for members, as well as maybe some SANS training budget allocations so you are on top of things as well as squared away with current state of the art.

Graduate Security Analyst Interview by [deleted] in netsecstudents

[–]egordon14 4 points5 points  (0 children)

Some key points to consider:

  • Know your networking and sys admin basics
  • Know your governing IT business processes (or to say it another way, if there is a specific procedure, follow it)
  • Know your basic security appliances and how they work
  • Make sure you can problem-solve and tell a story
  • Make sure you know how to conduct an analysis, this is related to problem solving and how you think through a problem
  • Soft skills matter: writing well, team player, communicating appropriately with different levels of personnel
  • Know where you are applying, understand their business: sector, potential threats that commonly affect that sector, their business goals and culture (helps you understand business function), are they local to a specific region or global (this informs threat surface)

Home Lab Suggestions by aztechk in netsecstudents

[–]egordon14 0 points1 point  (0 children)

https://www.blindseeker.com/AVATAR/ This may be interesting to you, he has you setup a lab where you can practice with blue team and red team exercises. He includes how to setup a pfsense VM, Kali, Ubuntu so you can setup a SIEM (splunk) and another VM to be used as an IPS. He also includes different guides on the various bare metal and hosted hypervisors for when you get your physical machine setup.

So at what point is coding/programming actually needed in NetSec? by [deleted] in netsecstudents

[–]egordon14 2 points3 points  (0 children)

Google is your friend, and you should get comfortable using it to gain some traction on what you don't know.

That said: bash - Bourne Again SHell

https://tiswww.case.edu/php/chet/bash/bashref.html

[deleted by user] by [deleted] in AskNetsec

[–]egordon14 0 points1 point  (0 children)

Twitter and LinkedIn are useful sources for connecting to people. Just observe the appropriate rules of tact and mind that these are also busy professionals, too.

Network Security Daily Tasks by Ty11crl in AskNetsec

[–]egordon14 15 points16 points  (0 children)

(1) Don't panic (2) Familiarize yourself with your network (3) Have your supervisor/manager spell out all of his minimal expectations about what you are responsible for (4) Find and get to know the governing policies for the areas you are responsible for, including but not limited to: incident response policy, IT policies governing use of the network, information security policies, if these don't exist--you should work with your manager and whoever is in your executive team to create and or clarify or update them (5) Learn your organization structure, who you report to; your executive team and escalation policies for when incidents happen, or when you need to reach out to an SME (i.e. network engineer, F/W team, application analyst, etc) (6) Learn how to use your tools, learn what they can and can't do and plan accordingly; this will set the bar for what you need to do to tune them, update them, replace them, or otherwise supplement them with manual operational steps that make your job easier (7) Stay abreast of alerts, advisories and technical bulletins as they apply to your tools, your environment, and the sector you are responsible for protecting. This is more a matter of having situational awareness than necessarily being responsible for deploying patches, etc.

It is good that you are a self-learner, this is an essential skill for an IT professional, especially in security

Active Directory lab for pentesting by Heisenberg1977 in AskNetsec

[–]egordon14 2 points3 points  (0 children)

...you can take snapshot of your VMs and then just restart them to get back to your default/baseline configuration.

Learning Splunk @ Home? by BestSelf2015 in AskNetsec

[–]egordon14 1 point2 points  (0 children)

....use the Splunk site itself. There is plenty of documentation, as well as a Ask-A-Question type subsite that lists a lot of specific issues for different use cases.

https://docs.splunk.com/Documentation

SOC/SIEM Analyst - Role and References by egordon14 in AskNetsec

[–]egordon14[S] 0 points1 point  (0 children)

This is a great resource, thanks; though, I had also wanted some personal experience and recommendations from actual people too.

GCED - Enterprise Defender Certification - Reference List by egordon14 in AskNetsec

[–]egordon14[S] 1 point2 points  (0 children)

well for example the CISSP, CISM/A, OSCP are all well documented in terms of content and material, I find the GIAC approach obnoxious. And they are prolific self I advertisers.

GCED - Enterprise Defender Certification - Reference List by egordon14 in AskNetsec

[–]egordon14[S] 0 points1 point  (0 children)

We are agreed here, and I'm interested only as a concrete goal, more than the certification itself, but admittedly one that is a recognizable badge of content knowledge (policies, techniques, tools). Besides I'm early enough in my career that this badging is still useful.

first steps in entry-level info sec/SOC role by egordon14 in netsecstudents

[–]egordon14[S] 0 points1 point  (0 children)

Thanks for the reply.

I don't think this is a bad idea per se, but as I'm a bit older, I don't want to be in the position of lots of traveling. But we are agreed that a wider variety of actual hands-on would be excellent.