Introduction

In this post, I presented a roadmap for beginners and advanced professionals in cyber security. This roadmap includes the steps taken to get into cyber security and how to move between different domains such as offensive security, defensive security and management.

HTB CDSA Study Notes

Certified Security Blue Team Level 1 Study Notes

Getting Started in Cyber Security

Lets discuss the first step to get into cyber security. Some of you may say the first step is getting a college degree in computer science or information technology. While this is not wrong, there is a more accurate and specific description of the first step to get into cyber security.

Before diving into technical skills, familiarise yourself with the fundamentals of cyber security. Understand what is cyber security and its importance, type of threats, key concepts such as CIA triad and Security frameworks and compliance. These concepts should be on the top of the list before learning any technical skills like programming or networking.

Alright, next step is a deep understanding of IT concepts. Strengthen your knowledge in TCP/IP, DNS, VPNs, firewalls, and proxies. Study network protocols and packet analysis tools like Wireshark.

Part of building a strong foundation in IT is having an expertise in Windows, Linux, and macOS. Try to get familiar with command-line interfaces, especially in Linux operating system. In cyber security, you will often be working with command line tools in Linux so having a basic understanding of command line tools in Linux is of utmost importance.

Another aspect of building a strong IT foundation is programming. Start with scripting languages like Python, Bash, or PowerShell and then move on to other languages such as Java, PHP and C.

You don’t need to be fluent in every single language, however, you will need the minimum which is the ability of reading and understanding any written code in these languages and analyze its behaviour.

  1. Introduction to Cybersecurity:
    • Entering cybersecurity can be daunting, but with a structured roadmap, it becomes achievable.
    • The video provides an example plan to build a solid career in cybersecurity.
  2. Step 1: Understand Cybersecurity Fundamentals:
    • Learn the importance of cybersecurity, types of threats, and key concepts like the CIA Triad and security frameworks.
    • Grasp the basics of compliance and understand the landscape before diving into technical skills.
  3. Step 2: Strengthen IT Knowledge:
    • Focus on foundational IT concepts: TCP/IP, DNS, VPNs, firewalls, and proxies.
    • Gain expertise in Windows, Linux, and macOS with an emphasis on command-line tools in Linux.
    • Learn programming: Start with Python, Bash, or PowerShell, and then explore Java, PHP, and C. Aim to understand and analyze code rather than achieving fluency in every language.

Step 3: Choose a Specialization in Cybersecurity

Now that you have built strong foundation in information technology and grasped the basics of cyber security concepts, its time now to start thinking of what area of cyber security you want to specialise in?

In cyber security, you can specialize in offensive security or penetration testing. Another area in cyber security is blue teaming and security operations center. Compliance and auditing is also another domain in cyber security where you audit security practices and benchmark them to standard global practices such as ISO27001 or COBIT. Lastly, we got the computer and digital forensics.

As you can see, cyber security is a broad domain and to build a solid career, you have to decide and select which domain you want to focus on. Of course, many professionals shift from blue teaming into compliance and auditing and some transition from penetration testing into management.

  • Specializations include:
    • Offensive Security/Penetration Testing
    • Blue Teaming/Security Operations Center
    • Compliance and Auditing
    • Computer and Digital Forensics
  • Career transitions between specializations (e.g., penetration testing to management) are common.

Alright, lets assume you want to start in penetration testing. In penetration testing, you attack systems and network to test its security defences and eventually you hand over the report to your client demonstrating what method you followed, what vulnerabilities you discovered, the level of access you achieved ( standard user or root) and lastly some recommendations on security mitigations.

You can gradually build experience in attacking systems by doing exercises created specifically for that purpose. Vulnerable machines available for such practices in websites such as TryHackMe, HackTheBox and OverTheWire. You can also build a home lab with virtual machines and tools like Kali Linux and Metasploitable.

When you are ready to prove your knowledge, I suggest you prepare for certifications such as eJPT, TCM Security PNPT, COMPTIA Pentest+, OSCP and HackTheBox CPTS.

Perfect, what about blue teaming then? well in blue teaming, the path is different than penetration testing.

In blue teaming, aim to understand security operations, incident response, identity and access management, malware analysis and on a more advanced level, reverse engineering.

Understanding tools such as Splunk, ELK Stack, Nessus, OpenVAS and of course Snort IDS is also a must in blue teaming.

You can check out TryHackMe’s SOC tracks as those are very helpful to get you started. Also check out HackTheBox Sherlocks challenges and LetsDefend as well.

When you are ready to prove your knowledge, you can start preparing for credentials such as COMPTIA CySa+, BTL1 and BTL2, HackTheBox CDSA and of course certified cyber defender.

Detailed Insights into Specializations:

  • Penetration Testing:
    • Involves attacking systems and networks to test security defenses.
    • Practice using platforms like TryHackMe, HackTheBox, and OverTheWire or set up a home lab.
    • Recommended certifications: eJPT, TCM Security PNPT, CompTIA Pentest+, OSCP, HackTheBox CPTS.
  • Blue Teaming:
    • Focus on security operations, incident response, malware analysis, and reverse engineering.
    • Tools to learn: Splunk, Nessus, OpenVAS, Snort IDS.
    • Platforms: HackTheBox Sherlocks, Let’sDefend.
    • Certifications: CompTIA CySA+, BTL1 & BTL2, Certified Cyber Defender.

Cyber Security Management

Most professionals in cyber security start either as penetration testers or blue teamers. Later on, you may start planning to move into a managerial position.

Management in cyber security involves managing teams, meeting business expectations, assessing the overall risk of the cyber threats on the organisation and of course meeting compliance obligations.

Getting into management is a matter of amassing technical expertise and having the ability to lead teams and understand the business needs of your organization.

Certifications such as CISSP and CISM are great additions to speed up your transition into management.

Management Path:

  • Cybersecurity management involves team leadership, risk assessment, and compliance obligations.
  • Technical expertise and leadership skills are essential.
  • Relevant certifications: CISSP, CISM.

    Staying up to date

    o you think this is the end of it? then you are wrong !

    Staying up to date and following latest news are important aspects of keeping your knowledge updated in this ever changing landscape.

    There are many other resources you can use to learn and keep learning. Course sites such as Udemy, Pluralsight and Coursera are very useful and contain a lot of courses to teach different aspects of cyber security.

    You can also join professional groups like ISACA, ISSA, or local meetups and attend cyber security conferences such as DEF CON and black Hat.

    Continual Learning and Growth:

    • Stay updated with the latest developments in cybersecurity.
    • Use online platforms (Udemy, Pluralsight, Coursera) and attend conferences (DEFCON, Black Hat).
    • Join professional groups (e.g., ISACA, ISA).

      Freelancing in Cyber Security

      But that’s not all, in cyber security, you can become a contractor or a freelancer. Consulting in cyber security is becoming widely known especially if you have the expertise and necessary connections to sell your skills to potential clients.

      I recommend you to check out DC CyberSec channel for tips on how to start freelancing in cyber security.

      Alright so that was it.

      I tried my best to make this video as brief as possible so that you get the full idea without too much distractions and stuffed content.

      Video Walkthrough

      About the Author

      Mastermind Study Notes is a group of talented authors and writers who are experienced and well-versed across different fields. The group is led by, Motasem Hamdan, who is a Cybersecurity content creator and YouTuber.

      View Articles