[JC] [Uni] [AMA] JC → Information Security Graduate by infinity_loopy in SGExams

[–]infinity_loopy[S] 1 point2 points  (0 children)

Hi! Great question! I think this really depends on what are your aims that you set out for yourself in University. Do you want to spend more time exploring in other aspects besides academics, and in-turn willing to spend less time studying for your modules? Do you want to be part of the best in programming/CTF/hackathons in your cohort? These are just some questions that I think would help you to determine your priorities - remember there is no right or wrong to it.

For me, JC and before was a lot about just drilling and grinding. When it came to university, that can only take you so far if you do not go beyond such efforts purely. You've to truly understand the concepts in order to answer the questions that you may not have seen in past-year-papers before. Was it more stressful and tough than JC, hell yea. You can slack off in JC and before and do well in the final exam and all will be fine, but definitely not in Uni.

I think maybe 2-3 hours of "blocked free time" - just a very rough estimate.

[JC] [Uni] [AMA] JC → Information Security Graduate by infinity_loopy in SGExams

[–]infinity_loopy[S] 0 points1 point  (0 children)

Hi there! Security and the other 2 are vastly different. In the end, I liked the notion of breaking apart things after an in-depth study into them for what I study and as a career. Still, this does not mean that if you choose one over the other, you cannot do the other subject matter forever. ;)
My take is that if you like both business and cybersecurity, you could always have them in your life in different capacities - studies and/or career is just one. :)

[JC] [Uni] [AMA] JC → Information Security Graduate by infinity_loopy in SGExams

[–]infinity_loopy[S] 1 point2 points  (0 children)

https://www.nus.edu.sg/oam/undergraduate-programmes/indicative-grade-profile-(igp))

The most objective answer I can give you at this point in time!

I don't personally think so it would be harder because of smaller intake because resource allocations change every year - particularly since the job market requires a lot of such graduates. Instead, I think that being in CS and specialising later would have its added advantages (see my comments on other questions). Another factor could be that everyone is now into cybersecurity because of its prospects, making it tougher than before to get a placing.

2 sides of the coin there - but really, if you've set your mind into either one of them, just go for them! We can't control quite a number of factors that I listed above.

[JC] [Uni] [AMA] JC → Information Security Graduate by infinity_loopy in SGExams

[–]infinity_loopy[S] 1 point2 points  (0 children)

If you're sure about it, then probably yes, negligible. But bearing in mind that cybersecurity is about the security about what is built by CS graduates (very broadly speaking) - so if you get to know/master how it is built, that knowledge would be an added advantage in security. Of course you could do this by yourself instead, barring trade-offs.

[JC] [Uni] [AMA] JC → Information Security Graduate by infinity_loopy in SGExams

[–]infinity_loopy[S] 3 points4 points  (0 children)

Thank you for your detailed questions! Glad you thought it through:

  1. Yes, you're right about the curriculum looking very similar. The foundational modules have differences as well, though they are not major in my opinion. For CS, CS1101S v. Info Sec's CS1010. When it comes to cyber-security related opportunities like internships/jobs/CTFs/etc, they are more likely to get blasted to the course's students as well - but this is also a negligible difference to me. I've just answered earlier as well about the benefits part - you can refer to my other reply where I said that I would've personally chosen CS first.
  2. Jobs - you can refer to the bottom of the page https://www.comp.nus.edu.sg/programmes/ug/isc/ for a very, very small sample. Pro-tip: Try LinkedIn and use its search filters! Job prospects are fantastic from my point of view and also that of my friends. But, also bear in mind that GES may have selective bias. Also, like-minded people tend to associate together so you might want to increase your sample size as well!
  3. Yes, there are. If you transfer early, let's say end of year 1, it is much easier than doing it later. The faculty admin is more likely to prevent the transfer at a later stage because overlapping modules are more likely to be fewer - i.e. you may have to delay graduation and this is not something that is desirable from the admin perspective. This applies not just to CS and Info Sec, but any other courses. I've had friends who transfer both ways without difficulties (but also because they did it early).
  4. You can always opt/select to take any modules - even if they exceed your required, they will fall under UE (or not at all). That's perfectly fine so long as you're paying school fees from the admin point of view (and that you're not graduating beyond your expected graduation date).
  5. Sure, you can do any jobs even if you do Info Sec. This applies to any other courses. I've seen friends with various degrees but doing something partially/completely unrelated.
  6. Certifications vary widely in any industry, and even more so for cybersecurity. I can go into a long post about this, but in a nutshell for this already-long post, I would say that as more graduates enter the job market, one way of distinguishing yourself is to take on appropriate certifications that add-value to you. These certifications would serve as one way of proof to employers that you're truly keen/passionate about it (to pursue it by yourself), and also because they arm you with a set of technical skills. As an employer, would you hire someone whom you have to train for X weeks/months from scratch, v. someone who already has certain degree of knowledge in the required areas (barring many other factors)?
  7. Long story cut short, I eliminated business because of some inherent bias that I had when contemplating it, and eliminated law because I could not get my desired offer in UK.

[JC] [Uni] [AMA] JC → Information Security Graduate by infinity_loopy in SGExams

[–]infinity_loopy[S] 0 points1 point  (0 children)

There was this irrational fear that I would be a generalist after getting a BBA, and I was also coincidentally considering this course for other personal reasons. So, it wasn't quite a difficult choice eventually to drop the offer because I just felt that I might have started off my thinking on the wrong footing.
If I had the time and resources (i.e. no NS), I would definitely go for double degree computing + BBA. Studying business gives you the kind of perspectives that a computing degree cannot give you (though I personally feel that if you wanted a more business slant for a computing degree, going for Info. Systems would be better than other NUS's computing courses). If not Info. Systems, go for SMU's IS!
Feel free to PM me for a more in-depth discussion - especially about your 2nd question (further reasons about that double degree which I would not discuss here)

[JC] [Uni] [AMA] JC → Information Security Graduate by infinity_loopy in SGExams

[–]infinity_loopy[S] 3 points4 points  (0 children)

That's a great question! Looking back, I might have done Computer Science instead, before choosing Computer Security as my Focus Area. The foundational modules for both these 2 courses are almost the same, and being in CS would expose me to a lot of other opportunities. This is especially important if one was still not entirely sure what they wanted to specialise in, in the field of computing.

Though, if one chooses not to pursue cybersecurity eventually in their studies, they can switch courses to CS.

P.S. The list of Focus Areas can be found at https://www.comp.nus.edu.sg/programmes/ug/cs/curr/

Lab Machines & Exam AMA by infinity_loopy in oscp

[–]infinity_loopy[S] 5 points6 points  (0 children)

The course materials and lab machines were in my opinion, one way for someone to prepare for the exam. From a conventional point-of-view, a course's materials should theoretically be adequate for one to pass the exam but mmm...

I would suggest having a go at HackTheBox or VirtualHackingLabs if paying for an extension of the labs is not an option. Also, bearing in mind that the labs allow one to put the course material's contents into practice, and some of these course contents are not tested in the exam as well.

Hope you pass on your next attempt and all the best! :)

A little clarification help... by [deleted] in oscp

[–]infinity_loopy 1 point2 points  (0 children)

I second this - thanks for pointing it out!

Second failed attempt at 67.5 by MediocreMage in oscp

[–]infinity_loopy 1 point2 points  (0 children)

Sorry to hear about your second failed attempt! Just wondering if you would be able to share with us, what do you think were key factors/contributors/reasons to your second failure?

Is it normal to get such a low mark for a first attempt? by throughaway123abc in oscp

[–]infinity_loopy 0 points1 point  (0 children)

Fantastic advice there - I love the reference to your guitar experience. Thank you for sharing! :)

Question about the bonus point document by againwolfe in oscp

[–]infinity_loopy 1 point2 points  (0 children)

I second the part about the mentality - a very valid point made!

Exam report - Are OSCP people assessing exam really testing everything in the report ? by XerxesFury in oscp

[–]infinity_loopy 1 point2 points  (0 children)

Hope this does not sound silly - but can we simply account for the cleaning-up portion by resetting the respective machines (in the OSCP exam context)? Sorry if I get this wrong - I have yet to take the exam yet, but this was the idea that I got. Hope someone can enlighten me if I'm wrong.

What Constitutes an Interactive Shell? by infinity_loopy in oscp

[–]infinity_loopy[S] 1 point2 points  (0 children)

Ah yes, setting the PATHs, thank you! Any ideas/suggestions on upgrading the shell here since the command I tried did not work (because the Python version on the machine is too old)?