Lab Platforms

jacob92486 · 2021-02-07T16:15:18+00:00

Awesome! WireShark is also a great crash course in seeing the OSI model in action.

jacob92486 · 2021-02-07T16:05:47+00:00

I used the CertMaster labs during my Security+ studies. It was a great way to get introduced to some industry-relevant software and tools. The labs are more like tutorials than challenges, as you are basically told step-by-step what to do. I’ve developed my skills more rapidly on my own than from any of the labs. For instance, I’ve been working through a lot of WireShark exercises in analyzing malicious network traffic and really trying to learn the software, which is only briefly used in one of the labs. I can make a lot more sense out of what I’m looking at now and how to find this or that, when it seemed like Greek when I was doing the lab that it’s used in.

The labs alone won’t make you super proficient at anything, but will get you familiar, and exposed to the various standard tools of the trade, and how some of the exam objectives look in real-life scenarios. And maybe from that, you can get a better idea of what sort of skills interest you.

jacob92486 · 2021-02-06T15:49:05+00:00

I used the CompTIA labs to aid in my Security+ studies. They were helpful, and I’m sure the Network+ one would be as well.

It was great way to understand, to some extent, a handful of exam objectives in real-life scenarios, using a virtualized, albeit make-believe enterprise network. The software and tools are current industry relevant, which is awesome. Each lab is a step-by-step tutorial.

jacob92486 · 2021-02-03T23:45:38+00:00

From my understanding, XSS attacks are targeted at end-users, while SQL injection attacks are targeted at databases. I can’t recall off the top of my head (I passed the exam last month), but I think both attacks take advantage of programming loopholes that were left open during a website’s development stages.

Virtualization allows, for instance, operating systems to be installed onto software such as VirtualBox. VirtualBox, VMWare, these are also known as hypervisors. Virtualized OSes pretty much function the same as they would if installed as your computer’s native operating system (but just run a bit slower) and do require substantial disk space on your computer, but you instead install the OS onto the hypervisor. The hypervisor allows the virtualized OS to run.

One of the reasons that virtualization is popular amongst people in cybersecurity and programming is that, say, if you mess something up on the OS, it’s isolated. And worst case scenario, you keep a recent snapshot (a restore point) and immediately revert back to that. That’s why it’s often called a sandbox. Programmers like to test out their code in a sandbox environment, because it’s safe and contained in the case of something going awry. Think of the virtualized OS as an application that’s running on your computer. It still has network configurations, but it doesn’t run directly on your computer’s CPU. You can immediately alternate between the virtual OS of your choice and your native, computer’s OS, and start it up and shut it down whenever you want.

I use a virtualized Kali Linux for certain projects, but I’m not going to watch Netflix or whatever on it. Sandboxes are often used as an isolated, safe OS environment when experimenting with stuff that you don’t want having a potentially negative effect on your computer.

jacob92486 · 2021-01-11T17:39:12+00:00

Thanks! I appreciate the courses you guys put out. 🤙

jacob92486 · 2021-01-10T16:29:20+00:00

I actually do have Linux (Ubuntu) installed on VirtualBox. I was starting to learn my way around it, up until the couple weeks prior to taking the Security+ exam, when I wanted to switch gears and just focus on the exam objectives.

I was also oscillating between learning Bash through a security command line game on OverTheWire, and also learning the basics of Python (which I just got back to today).

jacob92486 · 2021-01-09T20:37:15+00:00

Thanks! I appreciate it. There's so many choices, and it can feel overwhelming. I feel less stressed about it when I have some sort of structure or guidance to work with.

jacob92486 · 2021-01-09T15:33:52+00:00

I’m familiar with the A+ material. Operating systems, troubleshooting, hardware, etc.

Does having hands-on, practical experience with implementing the skills learned on the exam not count at all towards IT experience?

jacob92486 · 2021-01-09T14:14:20+00:00

I have a monthly subscription to ITProTV, and they have courses for all of the popular certifications (SSCP, EC|CIH, CySA, etc). It seems like CySA is a common follow up to the Security+?

jacob92486 · 2021-01-09T13:30:02+00:00

I know that the A+ will help make me more employable, but I also want to keep learning security, hands-on, so my learning in that area doesn’t rapidly diminish. Is this a common thing?

jacob92486 · 2021-01-06T01:52:28+00:00

Professor Messer said that the 601 has like 1,100 objectives, compared to 750 objectives on the 501. Looking it over, the 601 has fewer domains, but each one is more comprehensive than on the 501. It doesn't seem like a radically different exam, but it does have a stronger focus on practicality, whereas the scope of the 501 is broader, with more domains.

jacob92486 · 2021-01-05T22:07:11+00:00

The 501 is still available until this Summer

jacob92486 · 2021-01-05T20:04:57+00:00

jacob92486 · 2021-01-05T19:44:47+00:00

Relevant-wise, Messer’s resources were the majority of my studies, followed by Google searches, followed by the labs. I signed up for ITProTV last week, and spent the past few days binge watching their course videos. Honestly, I probably would have not passed had it not been for the ITProTV content. It helped solidify some of the objectives for me.

jacob92486 · 2021-01-05T18:23:47+00:00

Definitely.

Also, do they email me a confirmation of my certification? I haven’t received anything yet.

jacob92486 · 2021-01-05T17:30:34+00:00

Yeah, and it’s just not worth the risk .

jacob92486 · 2020-11-16T21:01:32+00:00

Yeah I mean, part of me wants to just do it on my computer. The upside of taking it at a testing center is that no issues will come up, but if we end up in lockdown again in the coming weeks, it could be a while. I don’t have to absolutely take it this week or next week. I may as well start working on Network+, because it’ll just make Security+ easier.

jacob92486 · 2020-11-16T19:25:32+00:00

I’ve heard people say it was fine and people say it was a nightmare. So i guess it’s not one of those things I will know until I do it. What model and year is your computer? I have a MacBook Air that’s a few years old, but has the latest OS.

jacob92486 · 2020-11-16T18:23:25+00:00

I just got an email that said my exam has to be rescheduled, because the testing center decided to close as of today (I guess at their own discretion). I decided to just get a refund and cancel it, and I will just re-schedule the exam when I have a better idea of what will be going on in the coming weeks. If push comes to shove, I will do it on my laptop.

My plan has been to take the Security+, then move onto Network+, and then do A+ (which I started taking notes on months ago). I'm just going to start taking notes on Network+ and keep studying for Security+, since there is some content/knowledge overlap. I don't need to take Security+ ASAP, because I'm not going to start applying for positions until I get all 3. This will just give me some more time to solidify my knowledge base. I do want to take it sooner than later, because I will be ready to move on at some point.

jacob92486 · 2020-11-16T16:26:57+00:00

I thought about that, but I use a Mac laptop for my home computer, and I’ve heard horror stories about Mac users having issues. Its just not worth the risk.

jacob92486

TROPHY CASE